} else {
return;
}
}
# Okay, we have $id and $pw, now let's see if we can find any
# matching entries. First, let's check the $AuthUser array directly:
if (@$AuthUser[$id]) {
foreach ((array) $AuthUser[$id] as $c) {
if (crypt($pw, $c) == $c) {
AuthenticateUser($id);
return;
}
}
}
# Now lets check any .htpasswd file equivalents
foreach ((array) $AuthUser['htpasswd'] as $f) {
$fp = fopen($f, "r");
if (!$fp) {
continue;
}
while ($x = fgets($fp, 1024)) {
$x = rtrim($x);
list($i, $c, $r) = explode(':', $x, 3);
if ($i == $id && crypt($pw, $c) == $c) {
fclose($fp);
AuthenticateUser($id);
return;
}
}
fclose($fp);
}
/***********************************************
DAVE PHP API
https://github.com/evantahler/PHP-DAVE-API
Evan Tahler | 2011
I am an example function to view a user.
If "this" user is viewing (indicated by propper password hash along with another key, all data is shown), otherwise, just basic info is returned
***********************************************/
if ($ERROR == 100) {
list($msg, $ReturnedUsers) = _VIEW("users", array("UserID" => $PARAMS['UserID'], "ScreenName" => $PARAMS['ScreenName'], "EMail" => $PARAMS['EMail']));
if ($msg == false) {
$ERROR = $ReturnedUsers;
} elseif (count($ReturnedUsers) == 1) {
if (!empty($PARAMS["PasswordHash"]) || !empty($PARAMS["Password"])) {
$OUTPUT["User"]['InformationType'] = "Private";
$AuthResp = AuthenticateUser();
if ($AuthResp[0] !== true) {
$ERROR = $AuthResp[1];
} else {
foreach ($ReturnedUsers[0] as $key => $val) {
$OUTPUT["User"][$key] = $val;
}
}
} else {
$OUTPUT["User"]['InformationType'] = "Public";
$OUTPUT["User"]['ScreenName'] = $ReturnedUsers[0]['ScreenName'];
$OUTPUT["User"]['Joined'] = $ReturnedUsers[0]['Joined'];
}
} else {
$ERROR = "User cannot be found";
}
<?php
include 'models/expire.php';
include 'models/users.php';
include 'models/database.php';
if (!isset($_POST['username']) || !isset($_POST['password'])) {
die;
}
$username = $_POST['username'];
$password = $_POST['password'];
$userid = AuthenticateUser($username, $password);
if ($userid !== false) {
setcookie('username', $username, $expire);
setcookie('userid', $userid, $expire);
header('Location: index.php');
} else {
header('Location: login.php?error=yes');
}
<?php
session_start();
include 'models/users.php';
include 'models/database.php';
if (!isset($_POST['username']) || !isset($_POST['password'])) {
die;
}
$userid = AuthenticateUser($_POST['username'], $_POST['password']);
if ($userid !== false) {
$_SESSION['userid'] = $userid;
$_SESSION['username'] = $_POST['username'];
header('Location: index.php');
} else {
header('Location: login.php?error=yes');
}
<?php
/* File Name: login.php
* Description: This file contains a script to login a user
* Dependencies: easy_auth_library.php, easy_auth_toolbox.php, connect.php
* Additional Notes: none
*/
require_once "easy_auth_library.php";
require_once "connect.php";
// instantiates $database
$email = $_POST['email'];
$pw = $_POST['password'];
// start session to access session variables, needed to access session token for auth
$auth = AuthenticateUser($database, $email, $pw);
if ($auth === TRUE) {
// start session to access session variables
session_start();
InitiateSession($database, $email);
// redirect to homepage (acts as login page if not logged in, ow project submission page)
header('Location: ../index.html');
} else {
if ($auth === "unconfirmed") {
header('Location: ../unconfirmed.html');
} else {
header('Location: ../login_error.html');
}
}
} else {
if (isset($_GET["no"]) && $_GET["no"] == "4") {
// to check if user exits in the Register table for logging in functionality.
CheckUserRegistrationAndVerification($_GET["name"], $_GET["email"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "5") {
// to check if the coupon code exists in the database table or not!
CheckCoupon($_GET["code"]);
} else {
if (isset($_POST["no"]) && $_POST["no"] == "6") {
// to insert/update the userEmail and userName in the Register table.
UserRegister($_POST["signemail"], $_POST["signname"], $_POST["signpwd"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "7") {
// for authentication of password from the Resgiter table during login.
AuthenticateUser($_GET["email"], $_GET["pwd"]);
} else {
if (isset($_GET["no"]) && $_GET["no"] == "8") {
// for adding the user to Users table for invite requests.
AddToInvites($_GET["email"], $_GET["name"], "1", $_GET["pwd"]);
// 1 is for indicating that the user has requested the invite himself.
}
}
}
}
}
}
}
}
// this is the function to add the user to Users table for requesting invites.
// returns 1 on all success. 2 on insert success and mail failure. -1 on Error and all failures.
require_once 'geograph/uploadmanager.class.php';
require_once 'geograph/gridsquare.class.php';
init_session();
$action = isset($_GET['action']) ? $_GET['action'] : "";
$xml = "";
$db = NewADOConnection($GLOBALS['DSN']);
if (empty($db)) {
$xml['status'] = 'Server Error: Unable to connect to database';
returnXML();
}
switch ($action) {
case "getclass":
GetImageClassList();
break;
case "login":
AuthenticateUser();
break;
case "upload":
UploadPicture();
break;
}
function strtotime_uk($str)
{
$str = preg_replace("/^\\s*([0-9]{1,2})[\\/\\. -]+([0-9]{1,2})[\\/\\. -]*([0-9]{0,4})/", "\\2/\\1/\\3", $str);
return strtotime(trim($str, '/'));
}
function UploadPicture()
{
global $CONF;
global $xml;
global $USER;
