gwvplib/gwvpauth.php

   1 <?php
   2
   3 // we call it 00aaa so it gets called first
   4 $CALL_ME_FUNCTIONS["00aaa"] = "gwvp_AuthCallMe";
   5
   6 function gwvp_AuthCallMe()
   7 {
   8         global $LOGIN_TYPE;
   9         session_start();
  10
  11         if(isset($_REQUEST["q"])) {
  12                 $query = $_REQUEST["q"];
  13                 if($query == "login") return "gwvp_AuthHandleLogin";
  14                 if($query == "logout") return "gwvp_AuthHandleLogout";
  15                 if($query == "register") return "gwvp_RegistrationCall";
  16         }
  17         $login = gwvp_isLoggedIn();
  18
  19         error_log("authcallme as $login");
  20         if($login!== false) {
  21                 if(gwvp_IsUserAdmin(null, $login)) {
  22                         $LOGIN_TYPE = "admin";
  23                 } else {
  24                         $LOGIN_TYPE = "user";
  25                 }
  26         } else {
  27                 $LOGIN_TYPE = "anon";
  28         }
  29
  30         return false;
  31 }
  32
  33 // $levels is checked against $LOGIN_TYPE, levels can be either just "admin" or admin,user anon,user anon, etc.
  34 function gwvp_CheckAuthLevel($levels)
  35 {
  36         global $LOGIN_TYPE;
  37
  38         $spl = explode(",", $levels);
  39         foreach($spl as $levs) {
  40                 if($LOGIN_TYPE == $levs) {
  41                         return true;
  42                 }
  43         }
  44
  45         return false;
  46 }
  47
  48 function gwvp_AuthNoPerms()
  49 {
  50         gwvp_goMainPage("gwvp_AuthNoPermsBody");
  51 }
  52
  53 function gwvp_AuthNoPermsBody()
  54 {
  55         echo "You have no permissions for this page, do you need to login?";
  56 }
  57
  58 function gwvp_AuthHandleLogout()
  59 {
  60         global $BASE_URL;
  61
  62         unset($_SESSION["isloggedin"]);
  63         unset($_SESSION["username"]);
  64         unset($_SESSION["fullname"]);
  65         unset($_SESSION["usertype"]);
  66
  67         gwvp_SendMessage("info", "Logged out");
  68         header("Location: $BASE_URL");
  69 }
  70
  71 function gwvp_RegistrationCall()
  72 {
  73         if(gwvp_IsRegistrationEnabled()) {
  74                 gwvp_goMainPage("gwvp_RegistrationPageBody");
  75         } else {
  76                 gwvp_goMainPage("gwvp_RegistrationDisabledBody");
  77         }
  78 }
  79
  80 function gwvp_AuthHandleLogin()
  81 {
  82         global $BASE_URL;
  83
  84         $user = "";
  85         $pass = "";
  86         if(isset($_REQUEST["username"])) $user = $_REQUEST["username"];
  87         if(isset($_REQUEST["password"])) $pass = $_REQUEST["password"];
  88
  89         $details = gwvp_getUser($user);
  90         if($details == false) {
  91                 gwvp_SendMessage("error", "Login Failed");
  92                 header("Location: $BASE_URL");
  93                 return false;
  94         }
  95
  96         if(sha1($pass)!=$details["password"]) {
  97                 gwvp_SendMessage("error", "Login Failed");
  98                 header("Location: $BASE_URL");
  99                 return false;
 100         } else {
 101                 $_SESSION["isloggedin"] = true;
 102                 $_SESSION["username"] = "$user";
 103                 $_SESSION["fullname"] = $details["fullname"];
 104                 if(gwvp_IsUserAdmin($details["email"])) {
 105                         $_SESSION["usertype"] = "admin";
 106                 } else {
 107                         $_SESSION["usertype"] = "user";
 108                 }
 109                 gwvp_SendMessage("info", "Welcome, ".$details["fullname"]." you are logged in");
 110                 header("Location: $BASE_URL");
 111                 return true;
 112         }
 113
 114 }
 115
 116 function gwvp_RegistrationPageBody()
 117 {
 118         ?>
 119 <form method="post">
 120         <table>
 121                 <tr>
 122                         <td>Name</td>
 123                         <td><input name="name" type="text"></td>
 124                         <td>Your Full Name</td>
 125                 </tr>
 126                 <tr>
 127                         <td>Email</td>
 128                         <td><input name="email" type="text"></td>
 129                         <td>Your Email Address</td>
 130                 </tr>
 131                 <tr>
 132                         <td>User Name</td>
 133                         <td><input name="username" type="text"></td>
 134                         <td>The Name Used to Refer to you on the site</td>
 135                 </tr>
 136                 <tr>
 137                         <td><input type="submit" name="register" value="Register"></td>
 138                 </tr>
 139         </table>
 140 </form>
 141         <?php
 142 }
 143
 144 function gwvp_IsLoggedIn()
 145 {
 146         if(isset($_SESSION["isloggedin"])) {
 147                 if($_SESSION["isloggedin"]) {
 148                         return $_SESSION["username"];
 149                 } else return false;
 150         } else return false;
 151 }
 152
 153 function gwvp_SingleLineLoginForm()
 154 {
 155         global $BASE_URL;
 156
 157         echo "<form method=\"post\" action=\"$BASE_URL/login\">Username <input type=\"text\" name=\"username\" class=\"login\">";
 158         echo " Passowrd <input type=\"text\" name=\"password\" class=\"login\"><input type=\"submit\" name=\"login\" value=\"Login\" class=\"loginbutton\">";
 159         if(gwvp_IsRegistrationEnabled()) echo "<a href=\"$BASE_URL/register\">Register</a></form>";
 160         else echo "</form>";
 161 }
 162
 163
 164 function gwvp_IsRegistrationEnabled()
 165 {
 166         return true;
 167 }
 168
 169 // TODO translate info here
 170 function gwvp_GetFullName($login)
 171 {
 172         return $login;
 173 }
 174 ?>