$valid_password) {
if (
// Checking against POST data
( isset($_POST['username'])
&& $valid_user == $_POST['username']
&& isset($_POST['password'])
&& $valid_password == $_POST['password']
)
or
// Checking against encrypted COOKIE data
( isset($_COOKIE['yourls_username'])
&& yourls_salt($valid_user) == $_COOKIE['yourls_username']
&& isset($_COOKIE['yourls_password'])
&& yourls_salt($valid_password) == $_COOKIE['yourls_password']
)
) {
// (Re)store encrypted cookie and tell it's ok
setcookie('yourls_username', yourls_salt( $valid_user ), time() + (60*60*24*7));
setcookie('yourls_password', yourls_salt( $valid_password ), time() + (60*60*24*7));
define('YOURLS_USER', $valid_user);
return true;
}
}
if ( isset($_POST['username']) || isset($_POST['password']) ) {
return 'Invalid username or password';
} else {
return 'Please log in';
}
}
// Return salted string
function yourls_salt( $string ) {
$salt = defined('YOURLS_COOKIEKEY') ? YOURLS_COOKIEKEY : md5(__FILE__) ;
return md5 ($string . YOURLS_COOKIEKEY);
}
// Display the login screen. Nothing past this point.
function yourls_login_screen($error_msg = '') {
?>
Login « YOURLS » Your Own URL Shortener | <?php echo YOURLS_SITE; ?>