You are here

Home » API reference » Secure Site 6.2 » securesite.module

function securesite_user in Secure Site 6.2

Same name and namespace in other branches
  1. 5 securesite.module \securesite_user()
  2. 6 securesite.module \securesite_user()

Implementation of hook_user().

When users logout, show the HTTP Auth dialog to make sure the HTTP Auth credentials are cleared

File

./securesite.module, line 178
Enables HTTP authentication or an HTML form to restrict site access.

Code

function securesite_user($op, &$edit, &$user) {
  switch ($op) {
    case 'validate':
      if (!array_key_exists('name', form_set_error()) && isset($edit['name']) && $edit['name'] == variable_get('securesite_guest_name', '')) {
        form_set_error('name', t('The name %name is being used as the %site guest name.', array(
          '%name' => $edit['name'],
          '%site' => variable_get('site_name', 'Drupal'),
        )));
      }
      break;
    case 'insert':
    case 'load':
    case 'update':
      if (in_array(SECURESITE_DIGEST, variable_get('securesite_type', array(
        SECURESITE_BASIC,
      ))) && isset($edit['pass'])) {
        $edit['name'] = isset($edit['name']) ? $edit['name'] : $user->name;
        $script = variable_get('securesite_password_script', drupal_get_path('module', 'securesite') . '/digest_md5/stored_passwords.php');
        $values = array(
          'username=' . escapeshellarg($edit['name']),
          'realm=' . escapeshellarg(variable_get('securesite_realm', variable_get('site_name', 'Drupal'))),
          'pass=' . escapeshellarg($edit['pass']),
          'op=create',
        );
        exec($script . ' ' . implode(' ', $values), $output, $status);
        if ($user->name != $edit['name']) {
          securesite_user('delete', $edit, $user);
        }
      }
      break;
    case 'delete':
      if (in_array(SECURESITE_DIGEST, variable_get('securesite_type', array(
        SECURESITE_BASIC,
      )))) {
        $script = variable_get('securesite_password_script', drupal_get_path('module', 'securesite') . '/digest_md5/stored_passwords.php');
        $values = array(
          'username=' . escapeshellarg($user->name),
          'realm=' . escapeshellarg(variable_get('securesite_realm', variable_get('site_name', 'Drupal'))),
          'op=delete',
        );
        exec($script . ' ' . implode(' ', $values));
      }
      break;
    case 'logout':
      $types = variable_get('securesite_type', array(
        SECURESITE_BASIC,
      ));
      if ((in_array(SECURESITE_BASIC, $types) || in_array(SECURESITE_DIGEST, $types)) && !empty($_SESSION['securesite_login'])) {
        module_load_include('inc', 'securesite');

        // Load the anonymous user.
        $user = drupal_anonymous_user();

        // Safari will attempt to use old credentials before requesting new credentials
        // from the user. Logging out requires that the WWW-Authenticate header be sent
        // twice.
        $user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? drupal_strtolower($_SERVER['HTTP_USER_AGENT']) : '';
        if ($user_agent != str_replace('safari', '', $user_agent)) {
          session_set_save_handler('sess_open', 'sess_close', 'sess_read', 'sess_write', 'sess_destroy_sid', 'sess_gc');
          session_start();
          $_SESSION['securesite_repeat'] = TRUE;
        }

        // Clear stored credentials.
        _securesite_dialog(array_pop($types));
      }
      break;
  }
}