Location: PHPKode > projects > WB News > includes/lib/Auth/Auth.php
<?php

/*========================================================*\
||########################################################||
||#                                                      #||
||#     WB News v2.0.0                                   #||
||# ---------------------------------------------------- #||
||#     Copyright (c) 2004-2007                          #||
||#     Created: 9th Feb 2007                            #||
||#     Filename: Auth.php                               #||
||#                                                      #||
||########################################################||
/*========================================================*/

/**
 *  @author $Author: pmcilwaine $
 *	@version $Id: Auth.php,v 1.1.2.1 2008/02/03 09:40:34 pmcilwaine Exp $
 */

require_once( INCDIR . "/bitperms.php" );

class Auth
{

	var $group_bit = 0;
	function Auth( &$userinfo )
	{
		if ( isset($userinfo["group_bit"]) )
		{
			$this->group_bit = $userinfo["group_bit"];
		}
	}

	function is_logged()
	{
		return $this->group_bit & 1;
	}

	function has_perm( $perms )
	{
		global $permissions;
		
		if ( !is_array($perms) )
		{
			$perms = split(",", $perms );
		}
		
		$required_bits = 0;
		foreach ( $perms as $perm )
		{
			$required_bits += $permissions[$perm];
		}

		if ( ($required_bits & $this->group_bit) )
		{
			return TRUE;
		}

		return FALSE;
	}

	/**
	 *	Show login form if $cond if false
	 *	
	 *	@param boolean $param
	 *	@return void
	 */
	function login_if( $cond )
	{
		if ( !$cond )
		{
			return;
		}

		$this->logout();
		$myform = "login";

		$err_msg = FALSE;
		if ( $_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["form"]) && $_POST["form"] == $myform )
		{
			$err_msg = "Username/Password Invalid";
			$this->Auth_ValidateLogin();
		}
		
		$action = make_url_html();
		
		ob_start();
		include( "login.ihtml" );
		$contents = ob_get_contents();
		ob_end_clean();

		echo $contents;
		exit;
	}

	function Auth_ValidateLogin()
	{
		global $config, $DB;
		
		$username = addslashes(trim( $_POST["username"] ));
		$password = md5( $_POST["password"] . $config["salt"] );

		$cond = array();
		$cond[] = "\"username\"='$username'";
		$cond[] = "\"password\"='$password'";
		$cond = join( " AND ", $cond );

		$ids = $DB->ListBy( TBL_USERS, $cond, array("userid") );
		if ( count($ids) == 1 )
		{
			setcookie( WBNEWS_SESSION_NAME, $ids[0]["userid"], 0, "/" );
			header( "location: " . make_url() );
			exit;
		}
	}

	function logout()
	{
		if ( isset( $_COOKIE[ WBNEWS_SESSION_NAME ] ) )
		{
			setcookie( WBNEWS_SESSION_NAME, $_COOKIE[ WBNEWS_SESSION_NAME ], strtotime("-1 week"), "/" );
		}
		return TRUE;
	}
	
}

?>
Return current item: WB News