Add sql_use_http_credentials configuration directive to connect to the sql database...

credentials (that way there can be more than one administrator usernames, each with different privileges
on the sql database).

diff --git a/Changelog b/Changelog
index d017f9072f483baa7d0c4db7402834d9429953dd..4a6ccf7045ebe65fb32cce1a40371d5c1f35e4ed 100644 (file)
--- a/Changelog
+++ b/Changelog
@@ -16,6 +16,9 @@ Ver 1.62:
   server (pap or chap).
 * Replace single quotes with double quotes in log_badlogins
 * Add a missing <?php tag. Bug noted by Simon Burns <simon@ababa.org>
+* Add sql_use_http_credentials configuration directive to connect to the sql database using the http user
+  credentials (that way there can be more than one administrator usernames, each with different privileges
+  on the sql database).
 Ver 1.61:
 * Add a string encoder for greek
 * If general_decode_normal_attributes is set then encode attributes in lib/ldap/change_info. In the near future

diff --git a/conf/admin.conf b/conf/admin.conf
index 94870a7f168080d603c5ad63b1c43fbc0e97bfc9..79c4d5253b8ce53766afc00987dfa1f1a35f66f9 100644 (file)
--- a/conf/admin.conf
+++ b/conf/admin.conf
@@ -172,6 +172,13 @@ sql_user_info_table: userinfo
 sql_groupcheck_table: radgroupcheck
 sql_groupreply_table: radgroupreply
 sql_usergroup_table: usergroup
+#
+# If set to yes then the HTTP credentials (http authentication)
+# will be used to connect to the sql server instead of sql_username
+# and sql_password. That way multiple admins with different rights
+# on the sql database can connect through one dialup_admin interface.
+#sql_use_http_credentials: yes
+
 
 #
 # true or false

diff --git a/lib/sql/drivers/mysql/functions.php3 b/lib/sql/drivers/mysql/functions.php3
index b0ff08f85938f6aa5c14bc159e923a29a190bfcf..1097a98f64b64dd06cf473be711d47143dbbeccc 100644 (file)
--- a/lib/sql/drivers/mysql/functions.php3
+++ b/lib/sql/drivers/mysql/functions.php3
@@ -1,8 +1,17 @@
 <?php
 function da_sql_connect($config)
 {
-       return @mysql_connect("$config[sql_server]:$config[sql_port]",$config[sql_username],
-                $config[sql_password]);
+       if ($config[sql_use_http_credentials] == 'yes'){
+               global $HTTP_SERVER_VARS;
+               $SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
+               $SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
+       }
+       else{
+               $SQL_user = $config[sql_username];
+               $SQL_passwd = $config[sql_password];
+       }
+
+       return @mysql_connect("$config[sql_server]:$config[sql_port]",$SQL_user,$SQL_passwd);
 }
 
 function da_sql_pconnect($config)

diff --git a/lib/sql/drivers/pg/functions.php3 b/lib/sql/drivers/pg/functions.php3
index ba8862260a638b85f7eee49624a77a9351338aee..7e91a96866e3fd5d865e6172e2d8fa2f74d38bde 100644 (file)
--- a/lib/sql/drivers/pg/functions.php3
+++ b/lib/sql/drivers/pg/functions.php3
@@ -1,9 +1,18 @@
 <?php
 function da_sql_connect($config)
 {
+       if ($config[sql_use_http_credentials] == 'yes'){
+               global $HTTP_SERVER_VARS;
+               $SQL_user = $HTTP_SERVER_VARS["PHP_AUTH_USER"];
+               $SQL_passwd = $HTTP_SERVER_VARS["PHP_AUTH_PW"];
+       }
+       else{
+               $SQL_user = $config[sql_username];
+               $SQL_passwd = $config[sql_password];
+       }
        return @pg_connect("host=$config[sql_server] port=$config[sql_port]
-                       dbname=$config[sql_database] user=$config[sql_username]
-                       password=$config[sql_password]");
+                       dbname=$config[sql_database] user=$SQL_user
+                       password=$SQL_passwd");
 }
 
 function da_sql_pconnect($config)