AutoLogin AutoLogin
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

AutoLogin

Started by fgarcia, June 30, 2009, 04:28:03 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

fgarcia

For my firme i need to autolog into the gallery which many users
and have the login which other users.
So I add this code in the login.php before the "if (isset($_POST['submitted'])) {"

//====================================start autologin
$tmp = explode(".", $_SERVER['REMOTE_ADDR']); //we explode the ip
$global1 = $tmp[0].".".$tmp[1].".".$tmp[2].".";    //my first global ip adress starting by for example 127.1.2.x
$global2 = $tmp[0].".".$tmp[1].".";                    //my second global ip adresss starting for example by 127.1.x.x
$redirection_login = '<script language="javascript" type="text/javascript">
                <!--
                        window.location.replace("http://xx.xx.xx.XX/coppermine/index.php");
                -->
                </script>';

switch($_SERVER['REMOTE_ADDR']) {
  case "127.0.0.1" : $admin = true; break;
  case "127.0.0.2"  : $admin = true; break;
  default : $admin = false; break;
}

switch($global1) {
  case "127.0.0." : $user_global1 = true; break;
  default : $user_global1 = false; break;
}

switch($global2) {
  case "127.0." : $user_global2 = true; break;
  default : $user_global2 = false; break;
}

//if admin we have the connexion interface to authenticate and modify parameters else we have the autologin
if ($admin == false) {
  if ($user_global1) {
    echo "Connexion global1: ".$ip;
    $_POST['username'] = "global1user"; //the global1user and global1password must have been created before
    $_POST['password'] = "global1password";
    $USER_DATA = $cpg_udb->login( addslashes($_POST['username']), addslashes($_POST['password']), isset($_POST['remember_me']));
    echo $redirection_login;
  }
 
  if ($user_global2) {
    $ip = $_SERVER['REMOTE_ADDR'];
    echo "Connexion global2";
    $_POST['username'] = "global2user";
    $_POST['password'] = "global2password";
    $USER_DATA = $cpg_udb->login( addslashes($_POST['username']), addslashes($_POST['password']), isset($_POST['remember_me']));
    echo $redirection_login;
  }
}

//======================================end autologin


If the administrateur is connected you have all the menu but if you are connected in the global1 or global2
you have only the categories and the albums
To do this i have opening the include/theme.inc.php


$username = $USER_DATA["user_name"];
// Function for writing a pageheader
if (!function_exists('pageheader')) {  //{THEMES}

function pageheader($section, $meta = '')
{
    global $CONFIG, $THEME_DIR;
    global $template_header, $lang_charset, $lang_text_dir;
    global $username, $link;

    $custom_header = cpg_get_custom_include($CONFIG['custom_header_path']);

        $charset = ($CONFIG['charset'] == 'language file') ? $lang_charset : $CONFIG['charset'];

    header('P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"');
        header("Content-Type: text/html; charset=$charset");
    user_save_profile();
    if ($username == 'yourRoot') {
      $template_vars = array('{LANG_DIR}' => $lang_text_dir,
          '{TITLE}' => $CONFIG['gallery_name'] . ' - ' . strip_tags(bb_decode($section)),
          '{CHARSET}' => $charset,
          '{META}' => $meta,
          '{GAL_NAME}' => $CONFIG['gallery_name'],
          '{GAL_DESCRIPTION}' => $CONFIG['gallery_description'],
          '{SYS_MENU}' => theme_main_menu('sys_menu'),
          '{SUB_MENU}' => theme_main_menu('sub_menu'),
          '{ADMIN_MENU}' => theme_admin_mode_menu(),
          '{CUSTOM_HEADER}' => $custom_header,
          );
    } else {
        $template_vars = array('{LANG_DIR}' => $lang_text_dir,
        '{TITLE}' => $CONFIG['gallery_name'] . ' - ' . strip_tags(bb_decode($section)),
        '{CHARSET}' => $charset,
        '{META}' => $meta,
        '{GAL_NAME}' => $CONFIG['gallery_name'],
        '{GAL_DESCRIPTION}' => $CONFIG['gallery_description'],
        '{SYS_MENU}' => theme_main_menu('sys_menu'),
        '{SUB_MENU}' => '', //theme_main_menu('sub_menu'),
        '{ADMIN_MENU}' => theme_admin_mode_menu(),
        '{CUSTOM_HEADER}' => $custom_header,
        );
        if ($username != "Guest")
          echo '<a href="logout.php?referer=index.php" title="Se deconnecter">Quit ['.$username.']</a><br>'; //I erase the menu and so the deconnexion link, i must echo a link
    }
    echo template_eval($template_header, $template_vars);
}
}  //{THEMES}


I think that it must help another person so i have posted this code. I think so that it's not optimised, cause i haven't decrypted how the coppermine var of the login works, so i create  $username etc... but it's not very "clean"



Joachim Müller

Thanks for your readiness to share. Not a valid feature request though. Moving your thread accodingly.

fgarcia

thanks i'm blind ???, and i am lost in the forum, thank for moving my topic  :D