]> CyberLeo.Net >> Repos - Github/YOURLS.git/blob - includes/functions-auth.php
projects / Github / YOURLS.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Added jQuery 1.3.2
[Github/YOURLS.git] / includes / functions-auth.php
1 <?php\r
2 // Check for valid user. Returns true or an error message\r
3 function yourls_is_valid_user() {\r
4 \r
5         // Logout request\r
6         if($_GET['mode'] == 'logout') {\r
7                 setcookie('yourls_username', null, time() - 3600);\r
8                 setcookie('yourls_password', null, time() - 3600);\r
9                 return 'Logged out successfully';\r
10         }\r
11         \r
12         // Check cookies or login request. Login form has precedence.\r
13         global $yourls_user_passwords;\r
14         foreach($yourls_user_passwords as $valid_user => $valid_password) {\r
15                 if ( \r
16                         // Checking against POST data\r
17                         (       isset($_REQUEST['username'])\r
18                                 && $valid_user == $_REQUEST['username']\r
19                                 && isset($_REQUEST['password'])\r
20                                 && $valid_password == $_REQUEST['password']\r
21                         )\r
22                         or\r
23                         // Checking against encrypted COOKIE data\r
24                         (       isset($_COOKIE['yourls_username'])\r
25                                 && yourls_salt($valid_user) == $_COOKIE['yourls_username']\r
26                                 && isset($_COOKIE['yourls_password'])\r
27                                 && yourls_salt($valid_password) == $_COOKIE['yourls_password'] \r
28                         )\r
29                 ) {\r
30                         // (Re)store encrypted cookie and tell it's ok\r
31                         if ( !defined('YOURLS_API') or YOURLS_API != true ) {\r
32                                 // No need to store a cookie when used in API mode.\r
33                                 setcookie('yourls_username', yourls_salt( $valid_user ), time() + (60*60*24*7));\r
34                                 setcookie('yourls_password', yourls_salt( $valid_password ), time() + (60*60*24*7));\r
35                         }\r
36                         define('YOURLS_USER', $valid_user);\r
37                         return true;\r
38                 }\r
39         }\r
40         \r
41         if ( isset($_REQUEST['username']) || isset($_REQUEST['password']) ) {\r
42                 return 'Invalid username or password';\r
43         } else {\r
44                 return 'Please log in';\r
45         }\r
46 }\r
47 \r
48 \r
49 // Return salted string\r
50 function yourls_salt( $string ) {\r
51         $salt = defined('YOURLS_COOKIEKEY') ? YOURLS_COOKIEKEY : md5(__FILE__) ;\r
52         return md5 ($string . YOURLS_COOKIEKEY);\r
53 }\r
54 \r
55 // Display the login screen. Nothing past this point.\r
56 function yourls_login_screen($error_msg = '') {\r
57 ?>\r
58 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\r
59 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">\r
60 <head>\r
61         <title>Login &laquo; YOURLS &raquo; Your Own URL Shortener | <?php echo YOURLS_SITE; ?></title>\r
62         <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />\r
63         <meta name="copyright" content="Copyright &copy; 2008-<?php echo date('Y'); ?> YOURS" />\r
64         <meta name="author" content="Ozh RICHARD, Lester Chan" />\r
65         <meta name="description" content="Insert URL &laquo; YOURLS &raquo; Your Own URL Shortener' | <?php echo YOURLS_SITE; ?>" />\r
66         <link rel="stylesheet" href="<?php echo YOURLS_SITE; ?>/css/style.css" type="text/css" media="screen" />\r
67         <script src="<?php echo YOURLS_SITE; ?>/js/jquery-1.3.2.min.js" type="text/javascript"></script>\r
68 </head>\r
69 <body>\r
70 <div id="login">\r
71         <form method="post" action="?"> <?php // reset any QUERY parameters ?>\r
72                 <p>\r
73                         <img src="<?php echo YOURLS_SITE; ?>/images/yourls-logo.png" alt="YOURLS" title="YOURLS" />\r
74                 </p>\r
75                 <?php\r
76                         if(!empty($error_msg)) {\r
77                                 echo '<p class="error">'.$error_msg.'</p>';\r
78                         }\r
79                 ?>\r
80                 <p>\r
81                         <label for="username">Username</label><br />\r
82                         <input type="text" id="username" name="username" size="30" class="text" />\r
83                 </p>\r
84                 <p>\r
85                         <label for="password">Password</label><br />\r
86                         <input type="password" id="password" name="password" size="30" class="text" />\r
87                 </p>\r
88                 <p style="text-align: right;">\r
89                         <input type="submit" id="submit" name="submit" value="Login" class="button" />\r
90                 </p>\r
91         </form>\r
92         <script type="text/javascript">$('#username').focus();</script>\r
93 </div>\r
94 </body>\r
95 </html>\r
96 <?php\r
97 die();\r
98 }
Unnamed repository; edit this file 'description' to name the repository.