bouncer_r/php/lib auth.php,1.2,1.3

[David Farning (dfarning)]

Author: dfarning

Update of /cvs/fedora/bouncer_r/php/lib
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21127/php/lib

Added Files:
	auth.php 
Log Message:
cvs cleanup for fedora initial commit


Index: auth.php
===================================================================
RCS file: auth.php
diff -N auth.php
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ auth.php	2 Aug 2005 00:04:49 -0000	1.3
@@ -0,0 +1,75 @@
+<?php
+/**
+ *  Home-cooked auth libraries - because PEAR is fat.
+ *  @package mirror
+ *  @subpackage lib
+ *  @author Mike Morgan
+ */
+
+/**
+ *  Check admin session against sessions table in database.
+ *  @return bool
+ */
+function auth_is_valid_session()
+{
+    if (!empty($_COOKIE['mozilla-mirror-admin'])) {  // check cookie
+        $res = db_query("SELECT * FROM sessions WHERE session_id = '{$_COOKIE['mozilla-mirror-admin']}'");  // check db for id
+        if ($res && db_numrows($res)>0) {
+            $buf = db_fetch($res,MYSQL_ASSOC);
+            // comment line below to disable gc and allow multiple sessions per username
+            db_query("DELETE FROM sessions WHERE username='{$buf['username']}' AND session_id != '{$_COOKIE['mozilla-mirror-admin']}'");  // garbage collection
+            $user = db_fetch(db_query("SELECT * FROM users WHERE username='{$buf['username']}'"),MYSQL_ASSOC);
+            if (empty($_SESSION)) {
+                auth_create_session($user);  // if session isn't started, create it and push user data
+            }
+            return true;
+        }
+    }
+    return false;
+}
+
+/**
+ *  Authentication a user.
+ *  @param string $username
+ *  @param string $password
+ *  @return array|bool array containing user data or false on failure
+ */
+function auth_mysql($username,$password)
+{
+    if (empty($username)||empty($password)) {
+        return false;
+    } 
+    $username = trim(strip_tags(addslashes($username)));
+    $password = trim(strip_tags(addslashes($password)));
+    $res = db_query("SELECT * FROM users WHERE username='{$username}' AND password=MD5('{$password}')");
+    if ($res && db_numrows($res)>0) {
+        return db_fetch($res,MYSQL_ASSOC);
+    } else {
+        return false;
+    }
+}
+
+/**
+ *  Start a valid session.
+ *  @param array $user array containing user information.
+ */
+function auth_create_session($user,$secure=0)
+{
+    session_name('mozilla-mirror-admin');
+    session_set_cookie_params(0,'/',$_SERVER['HTTP_HOST'],$secure);
+    session_start();
+    db_query("INSERT INTO sessions(session_id,username) VALUES('".session_id()."','{$user['username']}')");
+    $_SESSION['user']=$user;
+}
+
+/**
+ *  Logout.
+ */
+function auth_logout()
+{
+    // comment line below to keep gc from deleting other sessions for this user
+    db_query("DELETE FROM sessions WHERE session_id='{$_COOKIE['mozilla-mirror-admin']}' OR username='{$_SESSION['user']['username']}'");
+    $_COOKIE = array(); 
+    $_SESSION = array();
+}
+?>