plugins/administrator/auth.php

   1 <?php
   2 /**
   3  * Administrator plugin - Authentication routines
   4  *
   5  * This function tell other modules what users have access
   6  * to the plugin.
   7  *
   8  * @version $Id$
   9  * @author Philippe Mingo
  10  * @copyright (c) 1999-2004 The SquirrelMail Project Team
  11  * @license http://opensource.org/licenses/gpl-license.php GNU Public License
  12  * @package plugins
  13  * @subpackage administrator
  14  */
  15
  16 /**
  17  * Check if user has access to administrative functions
  18  *
  19  * @return boolean
  20  * @access private
  21  */
  22 function adm_check_user() {
  23     global $PHP_SELF;
  24     require_once(SM_PATH . 'functions/global.php');
  25
  26     if ( !sqgetGlobalVar('username',$username,SQ_SESSION) ) {
  27         $username = '';
  28     }
  29
  30     /* This needs to be first, for all non_options pages */
  31     if (strpos('options.php', $PHP_SELF)) {
  32         $auth = FALSE;
  33     } else if (file_exists(SM_PATH . 'plugins/administrator/admins')) {
  34         $auths = file(SM_PATH . 'plugins/administrator/admins');
  35         $auth = in_array("$username\n", $auths);
  36     } else if (file_exists(SM_PATH . 'config/admins')) {
  37         $auths = file(SM_PATH . 'config/admins');
  38         $auth = in_array("$username\n", $auths);
  39     } else if ($adm_id = fileowner(SM_PATH . 'config/config.php')) {
  40         $adm = posix_getpwuid( $adm_id );
  41         $auth = ($username == $adm['name']);
  42     } else {
  43         $auth = FALSE;
  44     }
  45
  46     return ($auth);
  47 }
  48
  49 ?>