MRBS - Meeting Room Booking System

From RavenWiki
Jump to navigationJump to search

MRBS - Meeting Room Booking System, version 1.2.3

This is a very simple booking system that is OSS: MRBS Home Page

To use Raven authentication you could put in your own PHP code, or take the quicker approach and use Apache Raven authentication combined with a simple code change in session_php.inc, in the function "getUserName":

//        if (isset($HTTP_SESSION_VARS["UserName"]) && ($HTTP_SESSION_VARS["UserName"] != ""))
//            return $HTTP_SESSION_VARS["UserName"];
       if (isset($_SERVER['REMOTE_USER']) && ($_SERVER['REMOTE_USER'] != ""))
           return $_SERVER['REMOTE_USER'];

for version 1.2.4 the code is very similar, but with a few more { and } in it.


and this bit of configuration in config.inc.php :

$auth["session"] = "php";
$auth["type"] = "none";

The .htaccess file is very simple:

<Limit GET>
order deny,allow
deny from all
AuthType Ucam-WebAuth
Require valid-user
Satisfy any
</Limit>

From Martin Lucas-Smith:

You could probably simplifying this by adding to your .htaccess file:

php_value auto_prepend_file prepended.php

and creating a file prepended.php (as referenced above) which contains merely:

<?php $HTTP_SESSION_VARS['UserName'] = $_SERVER['REMOTE_USER']; ?>

I've not tried it but I suspect this would probably work. If it does work, it would have the benefit that you avoid having to make any changes to the code itself.

Hope that is useful.

Martin Lucas-Smith www.geog.cam.ac.uk/~mvl22 --mr349 15:58, 19 June 2008 (BST)


Two access levels (very simple)

Since everyone is logged in, listed admins should be level 2 (read-write everyone) with everyone else at level 1 (read-write own entries)

No code changes are necessary but add admin users in config.inc.php

Two access levels (simple)

Since everyone is logged in, listed admins should be level 2 (read-write everyone) with everyone else at level 0 (read-only) instead of 1 (read-write own entries)

In auth_none.inc function authGetUserLevel change:

   // Everybody else is access level '0'
   return 0;

and add admin users in config.inc.php

Three access levels

not-tested --mr349 16:32, 19 June 2008 (BST)

Listed admins should be level 2 (read-write everyone) with listed users at level 1 (read-write own entries) and everyone else at level 0 (read-only)

In auth_none.inc function authGetUserLevel

function authGetUserLevel($user, $lev2_admin, $lev1_admin) {

   // User not logged in, user level '0'
   if(!isset($user))
   return 0;
   // Check if the user is level '2'
   for($i = 0; isset($lev2_admin[$i]); $i++)
   {
   if(strcasecmp($user, $lev2_admin[$i]) == 0)
       return 2;
   }
   // Check if the user is level '1'
   for($i = 0; isset($lev1_admin[$i]); $i++)
   {
   if(strcasecmp($user, $lev1_admin[$i]) == 0)
       return 1;
   }
   // Everybody else is access level '0'
   return 0;

}

In mrbs_auth.inc function getAuthorised change:

   return authGetUserLevel($user, $auth["admin"], $auth["mortal"]) >= $level;

and add both admin and mortal users in config.inc.php