wow, i just pulled a repo via git from this interface... its

[gwvp.git] / gwvplib / gwvpauth.php

diff --git a/gwvplib/gwvpauth.php b/gwvplib/gwvpauth.php
index 8aa0533..f7e036d 100644 (file)
--- a/gwvplib/gwvpauth.php
+++ b/gwvplib/gwvpauth.php
@@ -30,6 +30,15 @@ function gwvp_AuthCallMe()
        return false;
 }
 
+function gwvp_AskForBasicAuth()
+{
+       if(!isset($_SERVER["PHP_AUTH_USER"])) {
+               header('WWW-Authenticate: Basic realm="My Realm"');
+               header('HTTP/1.0 401 Unauthorized');
+               exit(0);
+       } else return; 
+}
+
 // $levels is checked against $LOGIN_TYPE, levels can be either just "admin" or admin,user anon,user anon, etc.
 function gwvp_CheckAuthLevel($levels)
 {
@@ -45,6 +54,12 @@ function gwvp_CheckAuthLevel($levels)
        return false;
 }
 
+function gwvp_fourZeroThree()
+{
+       header("HTTP/1.0 403 Permission Denied");
+       exit(0);
+}
+
 function gwvp_AuthNoPerms()
 {
        gwvp_goMainPage("gwvp_AuthNoPermsBody");
@@ -77,6 +92,18 @@ function gwvp_RegistrationCall()
        }
 }
 
+function gwvp_authUserPass($user, $pass)
+{
+       $details = gwvp_getUser($user);
+       if($details == false) {
+               return false;
+       }
+       
+       if(sha1($pass)!=$details["password"]) return false;
+       
+       return $details["username"];
+}
+
 function gwvp_AuthHandleLogin()
 {
        global $BASE_URL;
@@ -86,17 +113,9 @@ function gwvp_AuthHandleLogin()
        if(isset($_REQUEST["username"])) $user = $_REQUEST["username"];
        if(isset($_REQUEST["password"])) $pass = $_REQUEST["password"];
 
-       $details = gwvp_getUser($user);
-       if($details == false) {
-               gwvp_SendMessage("error", "Login Failed");
-               header("Location: $BASE_URL");
-               return false;
-       }
-
-       if(sha1($pass)!=$details["password"]) {
+       if(gwvp_authUserPass($user, $pass) === false) {
                gwvp_SendMessage("error", "Login Failed");
                header("Location: $BASE_URL");
-               return false;
        } else {
                $_SESSION["isloggedin"] = true;
                $_SESSION["username"] = "$user";
@@ -141,6 +160,21 @@ function gwvp_RegistrationPageBody()
        <?php
 }
 
+function gwvp_checkBasicAuthLogin()
+{
+       $user = false;
+       $pass = false;
+       if(isset($_SERVER["PHP_AUTH_USER"])) {
+               $user = $_SERVER["PHP_AUTH_USER"];
+       } else return false;
+       
+       if(isset($_SERVER["PHP_AUTH_PW"])) {
+               $pass = $_SERVER["PHP_AUTH_PW"];
+       } else return false;
+       
+       return gwvp_authUserPass($user, $pass);
+}
+
 function gwvp_IsLoggedIn()
 {
        if(isset($_SESSION["isloggedin"])) {