function create_session($email, $regen_id = true) { $data = account_data($email); $_SESSION['logged_in'] = true; $_SESSION['username'] = $data['username']; $_SESSION['email'] = $data['email']; $_SESSION['group'] = $data['group']; if ($regen_id) { session_regenerate_id(true); } }
$users = account_list(); uasort($users, 'account_group_cmp'); render('user_list', array('head_title' => 'Users', 'users' => $users)); }); // The url router wasn't matching "/users/:email" probably something to do with the @ and the dots in emails if (startsWith(request_uri(), '/users/') && strlen(trim(request_uri(), '/')) > 5) { $email = remove_first(request_uri(), '/users/'); if (!account_exists($email)) { render('err404', null, false); die; } if ($email !== user_email() && !is_reviewer()) { render('err403', null, false); die; } $data = account_data($email); $email = $data['email']; if (request_method() == 'GET') { render('user', array('head_title' => $data['email'], 'user' => $data, 'user_apps' => app_get_user($data['email'], valid_bool(from($_REQUEST, 'show-deleted'))), 'is_self' => user_email() == $email)); } else { if (request_method() == 'POST') { $action = from($_REQUEST, 'action'); switch (strtolower($action)) { case 'desc': account_change_desc($email, from($_REQUEST, 'desc')); redirect('/users/' . $email); break; case 'username': account_change_username($email, from($_REQUEST, 'username')); redirect('/users/' . $email); break;
function account_auth($email, $password) { $data = account_data($email); if (hash_password($password, $data['salt'])[0] === $data['password']) { return true; } else { return false; } }