function main()
{
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
print_r($_POST);
echo "<br />";
// Required Fields in the POST data //
if (!isset($_POST['_type'])) {
return;
}
if (!isset($_POST['_subtype'])) {
return;
}
if (!isset($_POST['_name'])) {
return;
}
if (!isset($_POST['_mail'])) {
return;
}
if (!isset($_POST['_password'])) {
return;
}
if (!isset($_POST['_publish'])) {
return;
}
// Node Type //
$type = sanitize_NodeType($_POST['_type']);
if (empty($type)) {
return;
}
$subtype = sanitize_NodeType($_POST['_subtype']);
// Name/Title //
$name = $_POST['_name'];
// TODO: Sanitize
// Slug //
if (empty($_POST['_slug'])) {
$slug = $_POST['_name'];
} else {
$slug = $_POST['_slug'];
}
$slug = sanitize_Slug($slug);
if (empty($slug)) {
return;
}
// TODO: Confirm slug is legal
// Body //
$body = $_POST['_body'];
// TODO: Sanitize
// Do we publish? //
$publish = mb_strtolower($_POST['_publish']) == "true";
// Email //
$mail = sanitize_Email($_POST['_mail']);
if (empty($mail)) {
return;
}
// Password //
$password = $_POST['_password'];
if (empty($password)) {
return;
}
$id = node_Add($type, $subtype, $slug, $name, $body, 0, 2, $publish);
user_Add($id, $mail, $password);
echo "Added " . $id . ".<br />";
echo "<br />";
}
}
$password = trim($_POST['p']);
} else {
json_EmitError();
// Emit a regular error, since we haven't attempted a login yet //
}
// If already logged in, dispose of the active session.
if ($response['id'] !== 0) {
user_Start();
user_DoLogout();
// Destroy Session
$response['id'] = 0;
}
// Check the APCU cache if access attempts for this IP address is > 5, deny access.
// On failure, increase the access attempt (APCU). Timeout in 5 minutes. Log attempt.
// Sanitize the data
$mail = sanitize_Email($login);
if (!$mail) {
$login = sanitize_Slug($login);
if (!$login) {
my_LoginError();
}
}
$hash = null;
/*
// Debug //
if ( $mail )
$response['mail'] = $mail;
else
$response['login'] = $login;
$response['pw'] = $password;
*/
function main()
{
$out = "";
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$out .= print_r($_POST, true);
$out .= "<br />";
// Required Fields in the POST data //
if (!isset($_POST['login'])) {
return;
}
if (!isset($_POST['password'])) {
return;
}
//if ( !isset($_POST['hashword']) ) return;
// Password //
$password = $_POST['password'];
if (empty($password)) {
return;
}
$login = $_POST['login'];
// Can Login 3 ways:
// - User Name (slug)
// - Email
// - User ID
$mail = sanitize_Email($login);
$id = sanitize_Id($login);
$slug = sanitize_Slug($login);
$hash = "";
if (!empty($mail)) {
$out .= "By Mail<br />";
$data = user_GetIdAndHashByMail($mail);
$id = $data['id'];
$hash = $data['hash'];
} else {
if (!empty($id)) {
$out .= "By User ID<br />";
$hash = user_GetHashById($id);
} else {
if (!empty($slug)) {
$out .= "By Slug<br />";
$id = node_GetNodeIdByParentIdAndSlug(CMW_NODE_USER, $slug);
if ($id > 0) {
$hash = user_GetHashById($id);
}
} else {
$out .= "Bad Login Method<br />";
}
}
}
$success = user_VerifyPassword($password, $hash);
$out .= "Verify: " . ($success ? "Success!" : "failed") . "<br />";
if ($success) {
user_StartSession(true);
user_SetLoginToken();
user_SetID($id);
user_EndSession();
}
$out .= "<br />";
}
return $out;
}
