}
# this is basically a back-door disabling checking lookup limits, effectively
# making an app unlocked. We need it sometimes e.g. to prepare a promotional
# version that doesn't require entering registration code
if (isset($HTTP_GET_VARS['nl'])) {
$f_check_limits = false;
}
# all other requests require cookie to be present
if (!isset($HTTP_GET_VARS['c'])) {
report_error(ERR_NO_COOKIE);
}
$cookie = $HTTP_GET_VARS['c'];
if (empty($cookie)) {
report_error(ERR_NO_COOKIE);
}
validate_cookie($cookie);
if (isset($HTTP_GET_VARS['register'])) {
$reg_code = $HTTP_GET_VARS['register'];
serve_register($reg_code);
}
if (isset($HTTP_GET_VARS['get_random_word'])) {
$get_random_word = $HTTP_GET_VARS['get_random_word'];
if ($get_random_word != "") {
report_error(ERR_RANDOM_NOT_EMPTY);
}
serve_get_random_word();
}
if (isset($HTTP_GET_VARS['recent_lookups'])) {
$recent_lookups = $HTTP_GET_VARS['recent_lookups'];
if ($recent_lookups != "") {
report_error(ERR_RECENT_LOOKUPS_NOT_EMPTY);
<?php
# check for login cookie
global $logged_on;
$logged_on = false;
$is_admin = false;
if ($_COOKIE['pg_logged_on']) {
$validator = validate_cookie($_COOKIE['pg_logged_on']);
$logged_on = $validator["username"];
$roles = $validator["roles"];
if (in_array("is_admin", $roles)) {
$is_admin = true;
}
if (!$logged_on) {
# bad cookie - get rid of it.
setcookie("pg_logged_on");
$logged_on = false;
}
}
if ($_GET['logout']) {
setcookie("pg_logged_on");
$logged_on = false;
}