3 // we call it 00aaa so it gets called first
4 $CALL_ME_FUNCTIONS["00aaa"] = "gwvp_AuthCallMe";
6 function gwvp_AuthCallMe()
11 if(isset($_REQUEST["q"])) {
12 $query = $_REQUEST["q"];
13 if($query == "login") return "gwvp_AuthHandleLogin";
14 if($query == "logout") return "gwvp_AuthHandleLogout";
15 if($query == "register") return "gwvp_RegistrationCall";
17 $login = gwvp_isLoggedIn();
19 error_log("authcallme as $login");
21 if(gwvp_IsUserAdmin(null, $login)) {
22 $LOGIN_TYPE = "admin";
33 function gwvp_AskForBasicAuth()
35 if(!isset($_SERVER["PHP_AUTH_USER"])) {
36 header('WWW-Authenticate: Basic realm="My Realm"');
37 header('HTTP/1.0 401 Unauthorized');
42 // $levels is checked against $LOGIN_TYPE, levels can be either just "admin" or admin,user anon,user anon, etc.
43 function gwvp_CheckAuthLevel($levels)
47 $spl = explode(",", $levels);
48 foreach($spl as $levs) {
49 if($LOGIN_TYPE == $levs) {
57 function gwvp_fourZeroThree()
59 header("HTTP/1.0 403 Permission Denied");
63 function gwvp_AuthNoPerms()
65 gwvp_goMainPage("gwvp_AuthNoPermsBody");
68 function gwvp_AuthNoPermsBody()
70 echo "You have no permissions for this page, do you need to login?";
73 function gwvp_AuthHandleLogout()
77 unset($_SESSION["isloggedin"]);
78 unset($_SESSION["username"]);
79 unset($_SESSION["fullname"]);
80 unset($_SESSION["usertype"]);
82 gwvp_SendMessage("info", "Logged out");
83 header("Location: $BASE_URL");
86 function gwvp_RegistrationCall()
88 if(gwvp_IsRegistrationEnabled()) {
89 gwvp_goMainPage("gwvp_RegistrationPageBody");
91 gwvp_goMainPage("gwvp_RegistrationDisabledBody");
95 function gwvp_authUserPass($user, $pass)
97 $details = gwvp_getUser($user);
98 if($details == false) {
102 if(sha1($pass)!=$details["password"]) return false;
104 return $details["username"];
107 function gwvp_AuthHandleLogin()
113 if(isset($_REQUEST["username"])) $user = $_REQUEST["username"];
114 if(isset($_REQUEST["password"])) $pass = $_REQUEST["password"];
116 if(gwvp_authUserPass($user, $pass) === false) {
117 gwvp_SendMessage("error", "Login Failed");
118 header("Location: $BASE_URL");
120 $_SESSION["isloggedin"] = true;
121 $_SESSION["username"] = "$user";
122 $_SESSION["fullname"] = $details["fullname"];
123 if(gwvp_IsUserAdmin($details["email"])) {
124 $_SESSION["usertype"] = "admin";
126 $_SESSION["usertype"] = "user";
128 gwvp_SendMessage("info", "Welcome, ".$details["fullname"]." you are logged in");
129 header("Location: $BASE_URL");
135 function gwvp_RegistrationPageBody()
142 <td><input name="name" type="text"></td>
143 <td>Your Full Name</td>
147 <td><input name="email" type="text"></td>
148 <td>Your Email Address</td>
152 <td><input name="username" type="text"></td>
153 <td>The Name Used to Refer to you on the site</td>
156 <td><input type="submit" name="register" value="Register"></td>
163 function gwvp_checkBasicAuthLogin()
167 if(isset($_SERVER["PHP_AUTH_USER"])) {
168 $user = $_SERVER["PHP_AUTH_USER"];
171 if(isset($_SERVER["PHP_AUTH_PW"])) {
172 $pass = $_SERVER["PHP_AUTH_PW"];
175 return gwvp_authUserPass($user, $pass);
178 function gwvp_IsLoggedIn()
180 if(isset($_SESSION["isloggedin"])) {
181 if($_SESSION["isloggedin"]) {
182 return $_SESSION["username"];
187 function gwvp_SingleLineLoginForm()
191 echo "<form method=\"post\" action=\"$BASE_URL/login\">Username <input type=\"text\" name=\"username\" class=\"login\">";
192 echo " Passowrd <input type=\"text\" name=\"password\" class=\"login\"><input type=\"submit\" name=\"login\" value=\"Login\" class=\"loginbutton\">";
193 if(gwvp_IsRegistrationEnabled()) echo "<a href=\"$BASE_URL/register\">Register</a></form>";
198 function gwvp_IsRegistrationEnabled()
203 // TODO translate info here
204 function gwvp_GetFullName($login)