function viewAuth($action = 'auth', $pass = '')
{
global $FavPasswd, $ViewPassword;
switch ($action) {
case 'auth':
if (isset($_COOKIE['favsess'])) {
@(list($hash, $exptime, $type) = @explode('.', $_COOKIE['favsess']));
if ($type == 2 && md5('favsess' . $FavPasswd . $exptime) == $hash && time() <= $exptime) {
return true;
}
if ($type == 1 && md5('favsess' . $ViewPassword . $exptime) == $hash && time() <= $exptime) {
return true;
}
viewAuth('logout');
}
return false;
case 'login':
$exptime = time() + 3600;
setcookie("favsess", md5('favsess' . $pass . $exptime) . '.' . $exptime . '.' . ($pass == $FavPasswd ? 2 : 1), time() + 3600);
break;
case 'logout':
setcookie("favsess", '', time() - 3600);
}
}
} else {
if (!isset($_POST['pwd'])) {
echo $MyFav_PasswdPrompt . '<form action="' . $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'] . '" method="post">
<input type="password" name="pwd">
<input type="submit" name="Submit" value="登入">
' . $MyFav_BackHTML . '
</form>';
} else {
if (!logInOut(val($_POST, 'pwd'))) {
echo $MyFav_AccessDeny . '<br><center>' . $MyFav_BackHTML . '</center>';
}
}
}
}
}
if (isset($_SESSION['isLogined']) || viewAuth()) {
switch ($iAction) {
case "add":
$_GET['url'] = urlencode($_GET['url']);
// encodes url again
$_GET['name'] = urlencode(jsUCEsc2utf8($_GET['name']));
// encodes name again
header("Location: " . $BaseURL . "fav_add.php?" . toQueryString("catid", 'name', 'url') . $SidebarSuffix2);
break;
case "edit":
header("Location: " . $BaseURL . "fav_edit.php?" . toQueryString('id') . $SidebarSuffix2);
break;
case "delete":
header("Location: " . $BaseURL . "fav_del.php?" . toQueryString('id') . $SidebarSuffix2);
break;
case "order":