session_start(); // Force the updates check? if (isset($_GET['p']) && $_GET['p'] == 'check') { $check_updates = true; } // Login form is sent if (isset($_POST['login'])) { // Form sent pointer $login_fired = true; // Extract the user name if (isset($_POST['admin_name']) && !empty($_POST['admin_name'])) { $user = trim($_POST['admin_name']); } if ($user && (isset($_POST['admin_password']) && !empty($_POST['admin_password']))) { // Get the password values $password = genStrongHash(trim($_POST['admin_password'])); // Write the session $_SESSION['jappix_user'] = $user; $_SESSION['jappix_password'] = $password; } } else { if (isset($_SESSION['jappix_user']) && !empty($_SESSION['jappix_user']) && (isset($_SESSION['jappix_password']) && !empty($_SESSION['jappix_password']))) { // Form sent pointer $login_fired = true; // Get the session values $user = $_SESSION['jappix_user']; $password = $_SESSION['jappix_password']; } } // Validate the current session if ($login_fired && isAdmin($user, $password)) {
function manageUsers($action, $array) { // Try to read the old XML file $users_array = getUsers(); // What must we do? switch ($action) { // Add some users case 'add': foreach ($array as $array_user => $array_password) { $users_array[$array_user] = genStrongHash($array_password); } break; // Remove some users // Remove some users case 'remove': foreach ($array as $array_user) { // Not the last user? if (count($users_array) > 1) { unset($users_array[$array_user]); } } break; } // Regenerate the XML $users_xml = ''; foreach ($users_array as $users_name => $users_password) { $users_xml .= "\n" . ' <user name="' . stripslashes(htmlspecialchars($users_name)) . '" password="******" />'; } // Write the main configuration writeXML('conf', 'users', $users_xml); }