zoobar/db/ 0000700 0031014 0000045 00000000000 10614263017 011210 5 ustar collinj zoobar/db/zoobar/ 0000700 0031014 0000045 00000000000 10614263017 012504 5 ustar collinj zoobar/db/zoobar/Person.txt 0000700 0031014 0000045 00000000133 10614263055 014515 0 ustar collinj PersonID#Password#Salt#Username#Token#Zoobars#Profile
inc#str#str#str#str#int#str
#####10#
zoobar/includes/ 0000700 0031014 0000045 00000000000 10614263020 012423 5 ustar collinj zoobar/includes/common.php 0000600 0031014 0000045 00000001231 10614263020 014423 0 ustar collinj _logout();
display_login();
exit();
}
// Validate user and maybe display login page
if(!validate_user($user)) {
display_login();
exit();
}
?>
zoobar/includes/auth.php 0000600 0031014 0000045 00000005305 10614263020 014102 0 ustar collinj db = $db;
if ( isset($_COOKIE[$this->cookieName]) ) {
$this->_checkRemembered($_COOKIE[$this->cookieName]);
}
}
function _checkLogin($username, $password) {
$sql = "SELECT Salt FROM Person WHERE Username = '$username'";
$rs = $this->db->executeQuery($sql);
$salt = $rs->getValueByNr(0,0);
$hashedpassword = md5($password.$salt);
$sql = "SELECT * FROM Person WHERE " .
"Username = '$username' AND " .
"Password = '$hashedpassword'";
$result = $this->db->executeQuery($sql);
if ( $result->next() ) {
$this->_setCookie($result, true);
return true;
} else {
return false;
}
}
function _addRegistration($username, $password) {
$sql = "SELECT PersonID FROM Person WHERE Username='$username'";
$rs = $this->db->executeQuery($sql);
if( $rs->next() ) return false; // User already exists
$salt = substr(md5(rand()), 0, 4);
$hashedpassword = md5($password.$salt);
$sql = "INSERT INTO Person (Username, Password, Salt) " .
"VALUES ('$username', '$hashedpassword', '$salt')";
$this->db->executeQuery($sql);
return $this->_checkLogin($username, $password);
}
function _logout() {
if(isset($_COOKIE[$this->cookieName])) setcookie($this->cookieName);
$this->id = 0;
$this->username = null;
}
function _setCookie(&$values, $init) {
$this->id = $values->getCurrentValueByName("PersonID");
$this->username = $values->getCurrentValueByName("Username");
$token = md5($values->getCurrentValueByName("Password").mt_rand());
$this->_updateToken($token);
$session = session_id();
$sql = "UPDATE Person SET Token = '$token' " .
"WHERE PersonID = $this->id";
$this->db->executeQuery($sql);
}
function _updateToken($token) {
$arr = array($this->username, $token);
$cookieData = base64_encode(serialize($arr));
setcookie($this->cookieName, $cookieData, time() + 31104000);
}
function _checkRemembered($cookie) {
$arr = unserialize(base64_decode($cookie));
list($username, $token) = $arr;
if (!$username or !$token) {
return;
}
$sql = "SELECT * FROM Person WHERE " .
"(Username = '$username') AND (Token = '$token')";
$rs = $this->db->executeQuery($sql);
if ( $rs->next() ) {
$this->id = $rs->getCurrentValueByName("PersonID");
$this->username = $rs->getCurrentValueByName("Username");
}
}
}
?>
zoobar/includes/navigation.php 0000600 0031014 0000045 00000005260 10614263020 015300 0 ustar collinj
Zoobar Foundation
Zoobar Foundation for " .
"$adjective $noun";
echo "Supporting the $adverb $pluralnoun of the $concept
";
} function nav_start_inner() { ?>
"index.php",
"Users" => "users.php",
"Transfer" => "transfer.php" );
foreach($pages as $name => $page) {
$script = $_SERVER['SCRIPT_NAME'];
if(strpos($script, $page, strlen($script) - strlen($page)) === false) {
echo "$name";
} else {
echo "$name";
}
if($name != "Transfer") echo " | ";
}
?>
|
|