gwvplib/gwvpauth.php

   1 <?php
   2
   3 // we call it 00aaa so it gets called first
   4 $CALL_ME_FUNCTIONS["00aaa"] = "gwvp_AuthCallMe";
   5
   6 function gwvp_AuthCallMe()
   7 {
   8         global $LOGIN_TYPE;
   9         session_start();
  10
  11         if(isset($_REQUEST["q"])) {
  12                 $query = $_REQUEST["q"];
  13                 if($query == "login") return "gwvp_AuthHandleLogin";
  14                 if($query == "logout") return "gwvp_AuthHandleLogout";
  15                 if($query == "register") return "gwvp_RegistrationCall";
  16         }
  17         $login = gwvp_isLoggedIn();
  18
  19         error_log("authcallme as $login");
  20         if($login!== false) {
  21                 if(gwvp_IsUserAdmin(null, $login)) {
  22                         $LOGIN_TYPE = "admin";
  23                 } else {
  24                         $LOGIN_TYPE = "user";
  25                 }
  26         } else {
  27                 $LOGIN_TYPE = "anon";
  28         }
  29
  30         return false;
  31 }
  32
  33 // $levels is checked against $LOGIN_TYPE, levels can be either just "admin" or admin,user anon,user anon, etc.
  34 function gwvp_CheckAuthLevel($levels)
  35 {
  36         global $LOGIN_TYPE;
  37
  38         $spl = explode(",", $levels);
  39         foreach($spl as $levs) {
  40                 if($LOGIN_TYPE == $levs) {
  41                         return true;
  42                 }
  43         }
  44
  45         return false;
  46 }
  47
  48 function gwvp_AuthHandleLogout()
  49 {
  50         global $BASE_URL;
  51
  52         unset($_SESSION["isloggedin"]);
  53         unset($_SESSION["username"]);
  54         unset($_SESSION["fullname"]);
  55         unset($_SESSION["usertype"]);
  56
  57         gwvp_SendMessage("info", "Logged out");
  58         header("Location: $BASE_URL");
  59 }
  60
  61 function gwvp_RegistrationCall()
  62 {
  63         if(gwvp_IsRegistrationEnabled()) {
  64                 gwvp_goMainPage("gwvp_RegistrationPageBody");
  65         } else {
  66                 gwvp_goMainPage("gwvp_RegistrationDisabledBody");
  67         }
  68 }
  69
  70 function gwvp_AuthHandleLogin()
  71 {
  72         global $BASE_URL;
  73
  74         $user = "";
  75         $pass = "";
  76         if(isset($_REQUEST["username"])) $user = $_REQUEST["username"];
  77         if(isset($_REQUEST["password"])) $pass = $_REQUEST["password"];
  78
  79         $details = gwvp_getUser($user);
  80         if($details == false) {
  81                 gwvp_SendMessage("error", "Login Failed");
  82                 header("Location: $BASE_URL");
  83                 return false;
  84         }
  85
  86         if(sha1($pass)!=$details["password"]) {
  87                 gwvp_SendMessage("error", "Login Failed");
  88                 header("Location: $BASE_URL");
  89                 return false;
  90         } else {
  91                 $_SESSION["isloggedin"] = true;
  92                 $_SESSION["username"] = "$user";
  93                 $_SESSION["fullname"] = $details["fullname"];
  94                 if(gwvp_IsUserAdmin($details["email"])) {
  95                         $_SESSION["usertype"] = "admin";
  96                 } else {
  97                         $_SESSION["usertype"] = "user";
  98                 }
  99                 gwvp_SendMessage("info", "Welcome, ".$details["fullname"]." you are logged in");
 100                 header("Location: $BASE_URL");
 101                 return true;
 102         }
 103
 104 }
 105
 106 function gwvp_RegistrationPageBody()
 107 {
 108         ?>
 109 <form method="post">
 110         <table>
 111                 <tr>
 112                         <td>Name</td>
 113                         <td><input name="name" type="text"></td>
 114                         <td>Your Full Name</td>
 115                 </tr>
 116                 <tr>
 117                         <td>Email</td>
 118                         <td><input name="email" type="text"></td>
 119                         <td>Your Email Address</td>
 120                 </tr>
 121                 <tr>
 122                         <td>User Name</td>
 123                         <td><input name="username" type="text"></td>
 124                         <td>The Name Used to Refer to you on the site</td>
 125                 </tr>
 126                 <tr>
 127                         <td><input type="submit" name="register" value="Register"></td>
 128                 </tr>
 129         </table>
 130 </form>
 131         <?php
 132 }
 133
 134 function gwvp_IsLoggedIn()
 135 {
 136         if(isset($_SESSION["isloggedin"])) {
 137                 if($_SESSION["isloggedin"]) {
 138                         return $_SESSION["username"];
 139                 } else return false;
 140         } else return false;
 141 }
 142
 143 function gwvp_SingleLineLoginForm()
 144 {
 145         global $BASE_URL;
 146
 147         echo "<form method=\"post\" action=\"$BASE_URL/login\">Username <input type=\"text\" name=\"username\" class=\"login\">";
 148         echo " Passowrd <input type=\"text\" name=\"password\" class=\"login\"><input type=\"submit\" name=\"login\" value=\"Login\" class=\"loginbutton\">";
 149         if(gwvp_IsRegistrationEnabled()) echo "<a href=\"$BASE_URL/register\">Register</a></form>";
 150         else echo "</form>";
 151 }
 152
 153
 154 function gwvp_IsRegistrationEnabled()
 155 {
 156         return true;
 157 }
 158
 159 // TODO translate info here
 160 function gwvp_GetFullName($login)
 161 {
 162         return $login;
 163 }
 164 ?>