<?php

////////////////////////////////////////////////////////////////////////////////////////
// Class: sentry
// Purpose: Control access to pages
///////////////////////////////////////////////////////////////////////////////////////
class sentry {
	
	var $loggedin = false;	//	Boolean to store whether the user is logged in
	var $userdata;			//  Array to contain user's data

	function sentry(){
		session_start();
		header("Cache-control: private"); 
    }
	//======================================================================================
	// Log out, destroy session
	function logout(){
		unset($this->userdata);
		session_destroy();
		return true;
	}


        //======================================================================================
        // check username and password
        function userpass($user,$clearpass) {
		// include config file
		require_once('config.php');
        	global $settings;
                $cryptedsalt = md5($settings['PWDSALT']);
                $cryptedpass = md5($clearpass);
                $joinedpass  = "$cryptedsalt$cryptedpass";
                $securedpass = md5($joinedpass);
                if($user == $settings['USERNAME'] && $securedpass == $settings['PASSWORD']) {
                   $result = TRUE;
                } else {
                   $result = FALSE;
                }
                return $result;
        }

	//======================================================================================
	// Log in, and either redirect to goodRedirect or badRedirect depending on success
	function checkLogin($username = '', $password = '', $goodRedirect = '', $badRedirect = ''){

		// Include validation class, and create objects
		require_once('classes/validator.php');
		$validator = new Validator();
		
		// If user is already logged in then check credentials
		if ($_SESSION['debwebuser'] && $_SESSION['debwebpasswd']){

			// Validate session data
			if (!$validator->validateTextOnly($_SESSION['debwebuser'])){return false;}
			if (!$validator->validateTextOnly($_SESSION['debwebpasswd'])){return false;}

				global $settings;
				if($_SESSION['debwebuser'] == $settings['USERNAME'] && $_SESSION['debwebpasswd'] == $settings['PASSWORD']) {
				// username and password ok
				if ($goodRedirect != '') { 
					header("Location: ".$goodRedirect."?".strip_tags(session_id())) ;
				}
				return true;
			}else{
				// username and password not ok, logout
				$this->logout();
				return false;
			}
			
		// User isn't logged in, check credentials
		} else {	
			// Validate input
			if (!$validator->validateTextOnly($username)){return false;}
			if (!$validator->validateTextOnly($password)){return false;}

				global $settings;
				$this->userdata = $settings['PASSWORD'];

                                if($this->userpass($username,$password)) {
				// Login OK, store session details
			        // write to log
				        #require_once('includes/log.php');
				        #$log = new log();
        				#$log->Write("$brukernavn logget inn","good");
				// log in
				$_SESSION['debwebuser'] = $username;
				$_SESSION['debwebpasswd'] = $this->userdata;
				// we remove the failed tries count
				if (isset($_SESSION['failedcount'])) {
				    unset($_SESSION['failedcount']);
				}				
				if ($goodRedirect) { 
					header("Location: ".$goodRedirect."?".strip_tags(session_id())) ;
				}
				return true;

			} else {
				// Login BAD
				// we add a count to the session (a slight protection against bruteforcing)
				if (!isset($_SESSION['failedcount'])) {
				   $_SESSION['failedcount'] = 1;
				   $_SESSION['failedtime'] = time();
				} else {
				   $_SESSION['failedcount']++;
				}

				// remove userdata session info
				unset($this->userdata);
			        // write to log
					#require_once('includes/log.php');
					#$log = new log();
					#$log->Write("Prøvd å logge inn med feil brukernavn/passord ($brukernavn)");

				if ($badRedirect) { 
					header("Location: ".$badRedirect) ;
				}		
				return false;
			}
		}			
	}
}	
?>