From 766b31707037a82ffd9140bfe599c27f4ef01495 Mon Sep 17 00:00:00 2001 From: Mike Macgirvin Date: Sun, 4 Jul 2010 20:45:56 -0700 Subject: some changes --- include/auth.php | 79 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ include/nav.php | 23 +++++++++++++++++ 2 files changed, 102 insertions(+) create mode 100644 include/auth.php create mode 100644 include/nav.php (limited to 'include') diff --git a/include/auth.php b/include/auth.php new file mode 100644 index 000000000..e22651cdd --- /dev/null +++ b/include/auth.php @@ -0,0 +1,79 @@ +module == "logout") { + unset($_SESSION['authenticated']); + unset($_SESSION['uid']); + unset($_SESSION['visitor_id']); + unset($_SESSION['administrator']); + $_SESSION['sysmsg'] = "Logged out." . EOL; + goaway($a->get_baseurl()); + } + if(x($_SESSION,'uid')) { + $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", + intval($_SESSION['uid'])); + if($r === NULL || (! count($r))) { + goaway($a->get_baseurl()); + } + $a->user = $r[0]; + if(strlen($a->user['timezone'])) + date_default_timezone_set($a->user['timezone']); + + } +} +else { + unset($_SESSION['authenticated']); + unset($_SESSION['uid']); + unset($_SESSION['visitor_id']); + unset($_SESSION['administrator']); + $encrypted = hash('whirlpool',trim($_POST['password'])); + + if((x($_POST,'auth-params')) && $_POST['auth-params'] == 'login') { + $r = q("SELECT * FROM `user` + WHERE `email` = '%s' AND `password` = '%s' LIMIT 1", + dbesc(trim($_POST['login-name'])), + dbesc($encrypted)); + if(($r === false) || (! count($r))) { + $_SESSION['sysmsg'] = 'Login failed.' . EOL ; + goaway($a->get_baseurl()); + } + $_SESSION['uid'] = $r[0]['uid']; + $_SESSION['admin'] = $r[0]['admin']; + $_SESSION['authenticated'] = 1; + if(x($r[0],'nickname')) + $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname']; + else + $_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['uid']; + + $_SESSION['sysmsg'] = "Welcome back " . $r[0]['username'] . EOL; + $a->user = $r[0]; + if(strlen($a->user['timezone'])) + date_default_timezone_set($a->user['timezone']); + + } +} + +// Returns an array of group names this contact is a member of. +// Since contact-id's are unique and each "belongs" to a given user uid, +// this array will only contain group names related to the uid of this +// DFRN contact. They are *not* neccessarily unique across the entire site. + + +if(! function_exists('init_groups_visitor')) { +function init_groups_visitor($contact_id) { + $groups = array(); + $r = q("SELECT `group_member`.`gid`, `group`.`name` + FROM `group_member` LEFT JOIN `group` ON `group_member`.`gid` = `group`.`id` + WHERE `group_member`.`contact-id` = %d ", + intval($contact_id) + ); + if(count($r)) { + foreach($r as $rr) + $groups[] = $rr['name']; + } + return $groups; +}} + + diff --git a/include/nav.php b/include/nav.php new file mode 100644 index 000000000..c51c56ad2 --- /dev/null +++ b/include/nav.php @@ -0,0 +1,23 @@ + +page['nav'] .= "\r\n"; + + if(x($_SESSION,'uid')) { + + $a->page['nav'] .= "Notifications\r\n"; + + $a->page['nav'] .= "Messages\r\n"; + + + $a->page['nav'] .= "Logout\r\n"; + + $a->page['nav'] .= "Settings\r\n"; + + $a->page['nav'] .= "Profiles\r\n"; + + $a->page['nav'] .= "Contacts\r\n"; + + $a->page['nav'] .= "Home\r\n"; + + } + $a->page['nav'] .= "\r\n\r\n"; -- cgit v1.2.3