<?php

//=======================================
// Security.inc
//
// void		InsertDomain		( void );
// boolean	ShowDomain			( string domains );
// boolean	HideDomain			( string domains );
//
// void		InsertUsername		( void );
// boolean	ShowUsername		( string users );
// boolean	HideUsername		( string users );
//
// void		InsertPassword		( void );
// boolean	ShowPassword		( string passes );
// boolean	HidePassword		( string passes );
//
// void		RequestPassword		( string realm, string userpass );
//=======================================

    //-----------------------------------------------------
    // InsertDomain()
    // - - - - - - -
    // Prints the IP address of the remote user.
    //-----------------------------------------------------
    function InsertDomain()
    {
        print $GLOBALS[REMOTE_ADDR];
    }
    
    //-----------------------------------------------------
    // ShowDomain($domains)
    // - - - - - - -
    // Returns true if the specified domains match the
    //   remote user's IP address.
    //
    // $domains - a string containing subdomains seperated
    //            by spaces: "domain1 domain2 domain3 ..."
    //-----------------------------------------------------
    function ShowDomain( $domains )
    {
        if( !is_array($domains) )
            $domains = explode(" ",trim($domains));
        
        $checkByName = (isset($GLOBALS[REMOTE_HOST]) &&
                        strcmp($GLOBALS[REMOTE_HOST],$GLOBALS[REMOTE_ADDR]) );
        
        while( $domain = each($domains) )
        {
            $d = trim($domain[value]);
            
            if( strlen($d) > 0 )
              if( strcmp(substr($GLOBALS[REMOTE_ADDR],0,strlen($d)), $d ) == 0 ||
                  ($checkByName && stristr($GLOBALS[REMOTE_HOST],$d) ) )
                return true;
        }
        
        return false;
    }
    
    //-----------------------------------------------------
    // HideDomain($domains)
    // - - - - - - -
    // Returns false if the specified domains match the
    //   remote user's IP address.
    //
    // $domains - a string containing subdomains seperated
    //            by spaces: "domain1 domain2 domain3 ..."
    //
    // See: ShowDomain()
    //-----------------------------------------------------
    function HideDomain( $domains )
    {
        return !ShowDomain($domains);
    }
    
    //-----------------------------------------------------
    // InsertUsername()
    // - - - - - - -
    // Prints the username of the current user.
    //
    // See: RequestPassword()
    //-----------------------------------------------------
    function InsertUsername()
    {
        print $GLOBALS[PHP_AUTH_USER];
    }
    
    //-----------------------------------------------------
    // ShowUsername($users)
    // - - - - - - -
    // Returns true if the current user's username is in
    //   the list $users.
    //
    // $users - a string containing usernames seperated
    //          by spaces: "user1 user2 user3 ...".
    //
    // See: RequestPassword()
    //-----------------------------------------------------
    function ShowUsername( $users )
    {
        if( !is_array($users) )
        $users = explode(" ",trim($users));
        
        while( $user = each($users) )
        {
            $u = trim($user[value]);
            
            if( strlen($u) > 0 )
              if( strcasecmp($GLOBALS[PHP_AUTH_USER], $u) == 0 )
                return true;
        }
        
        return false;
    }
    
    //-----------------------------------------------------
    // HideUsername($users)
    // - - - - - - -
    // Returns false if the current user's username is in
    //   the list $users.
    //
    // $users - a string containing usernames seperated
    //          by spaces: "user1 user2 user3 ...".
    //
    // See: ShowUsername()
    //      RequestPassword()
    //-----------------------------------------------------
    function HideUsername( $users )
    {
        return !ShowUsername($users);
    }
    
    //-----------------------------------------------------
    // InsertPassword()
    // - - - - - - -
    // Prints the password of the current user.
    //
    // See: RequestPassword()
    //-----------------------------------------------------
    function InsertPassword()
    {
        print $GLOBALS[PHP_AUTH_PW];
    }
    
    //-----------------------------------------------------
    // ShowPassword($passes)
    // - - - - - - -
    // Returns true if the password is in the list $passes.
    //
    // $passes - a string containing passwords seperated
    //           by spaces: "password1 password2 ...".
    //
    // See: RequestPassword()
    //-----------------------------------------------------
    function ShowPassword( $passes )
    {
        if( !is_array($passes) )
        $passes = explode(" ",trim($passes));
        
        while( $pass = each($passes) )
        {
            $p = trim($pass[value]);
            
            if( strlen($p) > 0 )
              if( strcasecmp($GLOBALS[PHP_AUTH_PW], $p) == 0 )
                return true;
        }
        
        return false;
    }
    
    //-----------------------------------------------------
    // HidePassword($passes)
    // - - - - - - -
    // Returns false if the password is in the list $passes.
    //
    // $passes - a string containing passwords seperated
    //           by spaces: "password1 password2 ...".
    //
    // See: ShowPassword()
    //      RequestPassword()
    //-----------------------------------------------------
    function HidePassword( $passes )
    {
        return !ShowPassword($passes);
    }
    
    //-----------------------------------------------------
    // RequestPassword($realm,$userpass)
    // - - - - - - -
    // Forms an authorization request. Will only allow
    //   access to the page if the attempted user/pass
    //   is defined in $userpass.
    //
    // $realm    - a string displayed to the user when
    //             entering the username and password:
    //             'Enter username for $realm at domain.'
    // 
    // $userpass - a string containing usernames and
    //             passwords seperated by spaces:
    //             "user1,pass1 user2,pass2 ...".
    //-----------------------------------------------------
    function RequestPassword( $realm, $userpass )
    {
        if( !is_array($userpass) )
            $userpass = explode(" ",trim($userpass));
        
        for( $i=0; isset($userpass[$i]); $i++ )
        {
            list($user[$i],$pass[$i]) = explode(",",$userpass[$i]);
        }
        
        if( !isset($PHP_AUTH_USER) )
        {
            $h = getAllHeaders();
            $GLOBALS["PHP_AUTH_TYPE"] = strtok($h["Authorization"]," ");
            $GLOBALS["PHP_AUTH_USER"] = strtok(base64_decode(strtok("")),":");
            $GLOBALS["PHP_AUTH_PW"] = strtok("");
        }
        
        $match = false;
        for( $i = 0; !$match && isset($user[$i]); $i++ )
        {
            $match = ( strcmp($GLOBALS["PHP_AUTH_USER"],$user[$i]) == 0 &&
                       strcmp($GLOBALS["PHP_AUTH_PW"]  ,$pass[$i]) == 0 );    
        }
        
        if( !$match )
        {
            Header("WWW-Authenticate: Basic realm=\"$realm\"");
            Header("HTTP/1.0 401 Unauthorized");
            echo 'You do not have access to this page.<BR>';
            exit;
        }
    }
 ?>