function check_auth($login, $password) { $hash = sha1($password . $login . $GLOBALS['salt']); if ($login == $GLOBALS['login'] && $hash == $GLOBALS['hash']) { // Login/password is correct. fillSessionInfo(); logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], 'Login successful'); return True; } logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], 'Login failed for user ' . $login); return False; }
function check_auth($login, $password) { $hash = sha1($password . $login . $GLOBALS['salt']); if ($login == $GLOBALS['login'] && $hash == $GLOBALS['hash']) { // Login/password is correct. fillSessionInfo(); logm('Login successful'); return True; } logm('Login failed for user ' . $login); return False; }
function isLoggedIn() { if ($GLOBALS['config']['OPEN_SHAARLI']) { return true; } if (!isset($GLOBALS['login'])) { return false; } // Shaarli is not configured yet. if (@$_COOKIE['shaarli_staySignedIn'] === STAY_SIGNED_IN_TOKEN) { fillSessionInfo(); return true; } // If session does not exist on server side, or IP address has changed, or session has expired, logout. if (empty($_SESSION['uid']) || $GLOBALS['disablesessionprotection'] == false && $_SESSION['ip'] != allIPs() || time() >= $_SESSION['expires_on']) { logout(); return false; } if (!empty($_SESSION['longlastingsession'])) { $_SESSION['expires_on'] = time() + $_SESSION['longlastingsession']; } else { $_SESSION['expires_on'] = time() + INACTIVITY_TIMEOUT; } // Standard session expiration date. return true; }