function http_get($name) { $request_uri = $_SERVER["REQUEST_URI"]; $pos = strpos($request_uri, "?"); if ($pos === false) { return ""; } $query_string = substr($request_uri, $pos + 1); $map = map_from_url_string($query_string); if (!array_key_exists($name, $map)) { return ""; } return $map[$name]; }
function check_auth() { global $auth_key; global $auth_zid; global $auth_user; global $request_script; global $javascript_enabled; $auth_zid = ""; $javascript_enabled = false; $auth = @$_COOKIE["auth"]; $map = map_from_url_string($auth); $expire = @$map["expire"]; $zid = @$map["zid"]; $hash = @$map["hash"]; if ($zid == "") { return; } if (!string_uses($expire, "[0-9]")) { expire_auth(); die("invalid expire"); } if (time() > $expire) { expire_auth(); die("auth expired"); } if (!string_uses($zid, "[a-z][0-9]@.-")) { expire_auth(); die("invalid zid [{$zid}]"); } $test = crypt_sha256($auth_key . "expire={$expire}&zid={$zid}"); if ($hash != $test) { expire_auth(); die("wrong auth hash"); } $auth_zid = $zid; $auth_user = db_get_conf("user_conf", $auth_zid); $javascript_enabled = $auth_user["javascript_enabled"]; }