function http_get($name)
{
$request_uri = $_SERVER["REQUEST_URI"];
$pos = strpos($request_uri, "?");
if ($pos === false) {
return "";
}
$query_string = substr($request_uri, $pos + 1);
$map = map_from_url_string($query_string);
if (!array_key_exists($name, $map)) {
return "";
}
return $map[$name];
}
function check_auth()
{
global $auth_key;
global $auth_zid;
global $auth_user;
global $request_script;
global $javascript_enabled;
$auth_zid = "";
$javascript_enabled = false;
$auth = @$_COOKIE["auth"];
$map = map_from_url_string($auth);
$expire = @$map["expire"];
$zid = @$map["zid"];
$hash = @$map["hash"];
if ($zid == "") {
return;
}
if (!string_uses($expire, "[0-9]")) {
expire_auth();
die("invalid expire");
}
if (time() > $expire) {
expire_auth();
die("auth expired");
}
if (!string_uses($zid, "[a-z][0-9]@.-")) {
expire_auth();
die("invalid zid [{$zid}]");
}
$test = crypt_sha256($auth_key . "expire={$expire}&zid={$zid}");
if ($hash != $test) {
expire_auth();
die("wrong auth hash");
}
$auth_zid = $zid;
$auth_user = db_get_conf("user_conf", $auth_zid);
$javascript_enabled = $auth_user["javascript_enabled"];
}
