function check_auth($login, $password)
{
$hash = sha1($password . $login . $GLOBALS['salt']);
if ($login == $GLOBALS['login'] && $hash == $GLOBALS['hash']) {
// Login/password is correct.
fillSessionInfo();
logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], 'Login successful');
return True;
}
logm($GLOBALS['config']['LOG_FILE'], $_SERVER['REMOTE_ADDR'], 'Login failed for user ' . $login);
return False;
}
function check_auth($login, $password)
{
$hash = sha1($password . $login . $GLOBALS['salt']);
if ($login == $GLOBALS['login'] && $hash == $GLOBALS['hash']) {
// Login/password is correct.
fillSessionInfo();
logm('Login successful');
return True;
}
logm('Login failed for user ' . $login);
return False;
}
function isLoggedIn()
{
if ($GLOBALS['config']['OPEN_SHAARLI']) {
return true;
}
if (!isset($GLOBALS['login'])) {
return false;
}
// Shaarli is not configured yet.
if (@$_COOKIE['shaarli_staySignedIn'] === STAY_SIGNED_IN_TOKEN) {
fillSessionInfo();
return true;
}
// If session does not exist on server side, or IP address has changed, or session has expired, logout.
if (empty($_SESSION['uid']) || $GLOBALS['disablesessionprotection'] == false && $_SESSION['ip'] != allIPs() || time() >= $_SESSION['expires_on']) {
logout();
return false;
}
if (!empty($_SESSION['longlastingsession'])) {
$_SESSION['expires_on'] = time() + $_SESSION['longlastingsession'];
} else {
$_SESSION['expires_on'] = time() + INACTIVITY_TIMEOUT;
}
// Standard session expiration date.
return true;
}
