include/auth.php

   1 <?php
   2
   3 // login/logout
   4
   5 if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] == 'login'))) {
   6         if($_POST['auth-params'] == 'logout' || $a->module == "logout") {
   7                 unset($_SESSION['authenticated']);
   8                 unset($_SESSION['uid']);
   9                 unset($_SESSION['visitor_id']);
  10                 unset($_SESSION['administrator']);
  11                 unset($_SESSION['cid']);
  12                 unset($_SESSION['theme']);
  13                 notice( t('Logged out.') . EOL);
  14                 goaway($a->get_baseurl());
  15         }
  16         if(x($_SESSION,'uid')) {
  17                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
  18                         intval($_SESSION['uid']));
  19                 if($r === NULL || (! count($r))) {
  20                         goaway($a->get_baseurl());
  21                 }
  22                 $a->user = $r[0];
  23                 $_SESSION['theme'] = $a->user['theme'];
  24                 if(strlen($a->user['timezone']))
  25                         date_default_timezone_set($a->user['timezone']);
  26
  27                 $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
  28
  29                 $r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1",
  30                         intval($_SESSION['uid']));
  31                 if(count($r)) {
  32                         $a->contact = $r[0];
  33                         $a->cid = $r[0]['id'];
  34                         $_SESSION['cid'] = $a->cid;
  35
  36                 }
  37         }
  38 }
  39 else {
  40         unset($_SESSION['authenticated']);
  41         unset($_SESSION['uid']);
  42         unset($_SESSION['visitor_id']);
  43         unset($_SESSION['administrator']);
  44         unset($_SESSION['cid']);
  45         $encrypted = hash('whirlpool',trim($_POST['password']));
  46
  47         if((x($_POST,'auth-params')) && $_POST['auth-params'] == 'login') {
  48                 $r = q("SELECT * FROM `user`
  49                         WHERE `email` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
  50                         dbesc(trim($_POST['login-name'])),
  51                         dbesc($encrypted));
  52                 if(($r === false) || (! count($r))) {
  53                         notice( t('Login failed.') . EOL );
  54                         goaway($a->get_baseurl());
  55                 }
  56                 $_SESSION['uid'] = $r[0]['uid'];
  57                 $_SESSION['theme'] = $r[0]['theme'];
  58                 $_SESSION['authenticated'] = 1;
  59                 $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname'];
  60
  61                 notice( t("Welcome back ") . $r[0]['username'] . EOL);
  62                 $a->user = $r[0];
  63                 if(strlen($a->user['timezone']))
  64                         date_default_timezone_set($a->user['timezone']);
  65
  66                 $r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1",
  67                         intval($_SESSION['uid']));
  68                 if(count($r)) {
  69                         $a->cid = $r[0]['id'];
  70                         $_SESSION['cid'] = $a->cid;
  71                 }
  72
  73
  74         }
  75 }
  76
  77 // Returns an array of group id's this contact is a member of.
  78 // This array will only contain group id's related to the uid of this
  79 // DFRN contact. They are *not* neccessarily unique across the entire site.
  80
  81
  82 if(! function_exists('init_groups_visitor')) {
  83 function init_groups_visitor($contact_id) {
  84         $groups = array();
  85         $r = q("SELECT `gid` FROM `group_member`
  86                 WHERE `contact-id` = %d ",
  87                 intval($contact_id)
  88         );
  89         if(count($r)) {
  90                 foreach($r as $rr)
  91                         $groups[] = $rr['gid'];
  92         }
  93         return $groups;
  94 }}
  95
  96