]> git.mxchange.org Git - friendica.git/blob - include/auth.php
projects / friendica.git / blob
? search:


4813bb45bd70cf75098e4eae65c98ed4e9fa14ad
[friendica.git] / include / auth.php
1 <?php
2
3 // login/logout 
4
5 if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) {
6
7         if($_POST['auth-params'] === 'logout' || $a->module === 'logout') {
8         
9                 // process logout request
10
11                 unset($_SESSION['authenticated']);
12                 unset($_SESSION['uid']);
13                 unset($_SESSION['visitor_id']);
14                 unset($_SESSION['administrator']);
15                 unset($_SESSION['cid']);
16                 unset($_SESSION['theme']);
17                 unset($_SESSION['page_flags']);
18                 notice( t('Logged out.') . EOL);
19                 goaway($a->get_baseurl());
20         }
21
22         if(x($_SESSION,'uid')) {
23
24                 // already logged in user returning
25
26                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
27                         intval($_SESSION['uid'])
28                 );
29
30                 if(! count($r)) {
31                         goaway($a->get_baseurl());
32                 }
33
34                 // initialise user environment
35
36                 $a->user = $r[0];
37                 $_SESSION['theme'] = $a->user['theme'];
38                 $_SESSION['page_flags'] = $a->user['page-flags'];
39                 if(strlen($a->user['timezone']))
40                         date_default_timezone_set($a->user['timezone']);
41
42                 $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
43
44                 $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
45                         intval($_SESSION['uid']));
46                 if(count($r)) {
47                         $a->contact = $r[0];
48                         $a->cid = $r[0]['id'];
49                         $_SESSION['cid'] = $a->cid;
50
51                 }
52         }
53 }
54 else {
55
56         if(isset($_SESSION)) {
57                 unset($_SESSION['authenticated']);
58                 unset($_SESSION['uid']);
59                 unset($_SESSION['visitor_id']);
60                 unset($_SESSION['administrator']);
61                 unset($_SESSION['cid']);
62                 unset($_SESSION['theme']);
63                 unset($_SESSION['my_url']);
64                 unset($_SESSION['page_flags']);
65         }
66
67         if(x($_POST,'password'))
68                 $encrypted = hash('whirlpool',trim($_POST['password']));
69
70         if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {
71
72                 // process login request
73
74                 $r = q("SELECT * FROM `user` 
75                         WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
76                         dbesc(trim($_POST['login-name'])),
77                         dbesc(trim($_POST['login-name'])),
78                         dbesc($encrypted));
79                 if(($r === false) || (! count($r))) {
80                         notice( t('Login failed.') . EOL );
81                         goaway($a->get_baseurl());
82                 }
83                 $_SESSION['uid'] = $r[0]['uid'];
84                 $_SESSION['theme'] = $r[0]['theme'];
85                 $_SESSION['authenticated'] = 1;
86                 $_SESSION['page_flags'] = $r[0]['page-flags'];
87                 $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
88
89                 notice( t("Welcome back ") . $r[0]['username'] . EOL);
90                 $a->user = $r[0];
91                 if(strlen($a->user['timezone']))
92                         date_default_timezone_set($a->user['timezone']);
93
94                 $r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1",
95                         intval($_SESSION['uid']));
96                 if(count($r)) {
97                         $a->contact = $r[0];
98                         $a->cid = $r[0]['id'];
99                         $_SESSION['cid'] = $a->cid;
100                 }
101                 if(($a->module !== 'home') && isset($_SESSION['return_url']))
102                         goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
103         }
104 }
105
106 // Returns an array of group id's this contact is a member of.
107 // This array will only contain group id's related to the uid of this
108 // DFRN contact. They are *not* neccessarily unique across the entire site. 
109
110
111 if(! function_exists('init_groups_visitor')) {
112 function init_groups_visitor($contact_id) {
113         $groups = array();
114         $r = q("SELECT `gid` FROM `group_member` 
115                 WHERE `contact-id` = %d ",
116                 intval($contact_id)
117         );
118         if(count($r)) {
119                 foreach($r as $rr)
120                         $groups[] = $rr['gid'];
121         }
122         return $groups;
123 }}
124
125
Unnamed repository; edit this file 'description' to name the repository.