Move authentication check into lib/auth.php

2017-12-11 18:20:13 +01:00 · 2017-12-11 18:20:13 +01:00 · 5238d3d630
parent 082cb51645
commit 5238d3d630
7 changed files with 29 additions and 103 deletions
--- a/htdocs/admin.php
+++ b/htdocs/admin.php
@ -10,19 +10,14 @@
 * @version 1.0
 */

+// Force authentication on this page
+require_once("lib/auth.php");
+
 /**
 * Path
 */
 define('EVOADMIN_BASE','./');

-//recuperer la session en cours
-session_name('EVOADMIN_SESS');
-session_start();
-
-// TODO : restrictions if non superadmin
-
-if (isset($_SESSION['login'])) {
-
    /**
     * Requires
     */
@ -30,8 +25,6 @@ if (isset($_SESSION['login'])) {

    include EVOADMIN_BASE . 'inc/haut.php';

-    $login = $_SESSION['login'];
-
    if (isset($_GET['domain'])) {
        // TODO : verifier si le domaine existe !!
        $_SESSION['domain'] = Html::clean($_GET['domain']);
@ -174,11 +167,6 @@ if (isset($_SESSION['login'])) {

 <?php

-} else { //if (isset($_SESSION['login']))
-    header("location: auth.php\n\n");
-    exit(0);
-}
-
 include EVOADMIN_BASE . 'inc/fin.php';

 ?>
--- a/htdocs/alias.php
+++ b/htdocs/alias.php
@ -10,24 +10,18 @@
 * @version 1.0
 */

+// Force authentication on this page
+require_once("lib/auth.php");
+
 /**
 * Path
 */
 define('EVOADMIN_BASE','./');

-/**
- * PHP cookies session
- */
-session_name('EVOADMIN_SESS');
-session_start();
-
-if (isset($_SESSION['login']))
-{
    require_once EVOADMIN_BASE . 'lib/common.php';

    include EVOADMIN_BASE . 'inc/haut.php';

-    $login = $_SESSION['login'];
    $rdn = $_SESSION['rdn'];

    include EVOADMIN_BASE . 'inc/debut.php';
@ -463,13 +457,6 @@ if (isset($_SESSION['login']))
        }
    }

-} //if (isset($_SESSION['login'])) 
-else
-{
-    header("location: auth.php\n\n");
-    exit(0);
-}
-
 include EVOADMIN_BASE . 'inc/fin.php';

 ?>
--- a/htdocs/compte.php
+++ b/htdocs/compte.php
@ -10,24 +10,14 @@
 * @version 1.0
 */

+// Force authentication on this page
+require_once("lib/auth.php");
+
 /**
 * Path
 */
 define('EVOADMIN_BASE','./');

-/**
- * PHP cookies session
- */
-session_name('EVOADMIN_SESS');
-session_start();
-
-
-if (isset($_SESSION['login']))
-{
-
-    // $login var need for inc/debut.php
-    $login = $_SESSION['login'];
-
    /**
     * Requires
     */
@ -972,13 +962,6 @@ if (isset($_SESSION['login']))
        }
    }

-} //if (isset($_SESSION['login']))
-else
-{
-    header("location: auth.php\n\n");
-    exit(0);
-}
-
 include EVOADMIN_BASE . 'inc/fin.php';

 ?>
--- a/htdocs/domaine.php
+++ b/htdocs/domaine.php
@ -10,27 +10,19 @@
 * @version 1.0
 */

+// Force authentication on this page
+require_once("lib/auth.php");
+
 /**
 * Path
 */
 define('EVOADMIN_BASE','./');

-/**
- * PHP cookies session
- */
-session_name('EVOADMIN_SESS');
-session_start();
-
-if (isset($_SESSION['login'])) {
-
    /**
     * Requires
     */
    require_once EVOADMIN_BASE . 'lib/common.php';

-    // $login var need for inc/debut.php
-    $login = $_SESSION['login'];
-
    include EVOADMIN_BASE . 'inc/haut.php';
    include EVOADMIN_BASE . 'inc/debut.php';

@ -241,12 +233,6 @@ if (isset($_SESSION['login'])) {
        }
    }

-//if (isset($_SESSION['login'])) 
-} else {
-    header("location: auth.php\n\n");
-    exit(0);
-}
-
 include EVOADMIN_BASE . 'inc/fin.php';

 ?>
--- a/htdocs/help.php
+++ b/htdocs/help.php
@ -10,27 +10,18 @@
 * @version 1.0
 */

+// Force authentication on this page
+require_once("lib/auth.php");
+
 /**
 * Path
 */
 define('EVOADMIN_BASE','./');

-/**
- * PHP cookies session
- */
-session_name('EVOADMIN_SESS');
-session_start();
-
-if (isset($_SESSION['login']))
-{
-
    $rep = './';
    require_once($rep. 'lib/common.php');

    include($rep. 'inc/haut.php');
-
-    $login = $_SESSION['login'];
-
    include($rep. 'inc/debut.php');

 ?>
@ -86,13 +77,6 @@ if (isset($_SESSION['login']))
                    
 <?php

-} //if (isset($_SESSION['login'])) 
-else
-{
-    header("location: auth.php\n\n");
-    exit(0);
-}
-
 include EVOADMIN_BASE . 'inc/fin.php';

 ?>
--- a/htdocs/lib/auth.php
+++ b/htdocs/lib/auth.php
@ -0,0 +1,11 @@
+<?php
+
+session_name('EVOADMIN_SESS');
+session_start();
+
+if (empty($_SESSION['login'])) {
+    header("location: auth.php\n\n");
+    exit(0);
+} else {
+    $login = $_SESSION['login'];
+}
--- a/htdocs/superadmin.php
+++ b/htdocs/superadmin.php
@ -10,6 +10,9 @@
 * @version 1.0
 */

+// Force authentication on this page
+require_once("lib/auth.php");
+
 /*
 * Functions
 */
@ -50,14 +53,6 @@ function show_domaine_details($domain) {
 */
 define('EVOADMIN_BASE','./');

-/**
- * PHP cookies session
- */
-session_name('EVOADMIN_SESS');
-session_start();
-
-if (isset($_SESSION['login'])) {
-
    /**
     * Requires
     */
@ -65,8 +60,6 @@ if (isset($_SESSION['login'])) {

    include EVOADMIN_BASE . 'inc/haut.php';

-    $login = $_SESSION['login'];
-
    // pas de domaine/variable domaine sur superadmin.php
    unset($_SESSION['domain']); 

@ -186,12 +179,6 @@ if (isset($_SESSION['login'])) {
       </div>

 		<?php
-//if (isset($_SESSION['login']))
-} else {
-
-    header("location: auth.php\n\n");
-    exit(0);
-}

 include(EVOADMIN_BASE . 'inc/fin.php');