<?php
session_start();
ob_start();
class auth
{
public function auth( )
{
}
public function haslogin( )
{
$this->username = $_POST[$this->post_index['user']];
if ( $_POST[$this->post_index['pass']] )
{
$this->passhash = $user->encode( $_POST[$this->post_index['pass']] );
}
$this->username = $this->_stripslashes( $this->username );
$this->passhash = $this->_stripslashes( $this->passhash );
return $this->checklogin( $this->username, $this->passhash );
}
public function checklogin( $user = null, $passhash = null )
{
if ( $user === null )
{
$user = $this->username;
}
if ( $passhash === null )
{
$passhash = $this->passhash;
}
global $config_abs_path;
require_once( $config_abs_path."/classes/users.php" );
$usr = new users();
return $usr->validAccount($user,$passhash);
}
public function checkidentity( $user = null, $identity = null )
{
if ( $user === null )
{
$user = $this->username;
}
global $config_abs_path;
require_once( $config_abs_path."/classes/users.php" );
$usr = new users( );
return $usr->checkIdentity( $user, $identity );
}
public function savelogin( $ip, $uid = null, $provider = null )
{
global $db;
$_SESSION[$this->session_index['user']] = $this->username;
$_SESSION[$this->session_index['pass']] = $this->passhash;
if ( $uid )
{
$_SESSION[$this->session_index['user']] = $uid;
}
if ( $provider )
{
$this->username = $uid;
$_SESSION[$this->session_index['user']] = $uid;
$_SESSION[$this->session_index['pass']] = users::encode( $provider );
$_SESSION['provider'] = $provider;
}
else
{
$_SESSION['provider'] = null;
$_SESSION['identity'] = null;
}
$timestamp = date( "Y-m-d H:i:s" );
$res = $db->query( "insert into ".TABLE_LOGIN_HISTORY." set username='{$this->username}', date_login = '{$timestamp}', ip = '{$ip}', succeeded = 1" );
$this->admin_clearlogin( );
}
public function saveidentitylogin( $ip, $username, $auth_provider, $identity )
{
global $db;
$arr = users::getUserPassWithIdentity( $identity, $auth_provider );
$this->username = $arr['username'];
$_SESSION[$this->session_index['user']] = $arr['username'];
$_SESSION[$this->session_index['pass']] = $arr['password'];
$_SESSION['provider'] = $auth_provider;
$_SESSION['identity'] = $identity;
$timestamp = date( "Y-m-d H:i:s" );
$res = $db->query( "insert into ".TABLE_LOGIN_HISTORY." set username='{$this->username}', date_login = '{$timestamp}', ip = '{$ip}', succeeded = 1" );
$this->admin_clearlogin( );
}
public function savefailedlogin( $ip )
{
global $db;
$timestamp = date( "Y-m-d H:i:s" );
$res = $db->query( "insert into ".TABLE_LOGIN_HISTORY." set username = '{$this->username}', date_login = '{$timestamp}', `ip` = '{$ip}', succeeded = 0" );
}
public function autologin( $user_id )
{
$usr = new users( );
$username = $usr->getUsername( $user_id );
$passhash = $usr->getPassHash( $user_id );
$_SESSION[$this->session_index['user']] = $username;
$_SESSION[$this->session_index['pass']] = $passhash;
global $db;
$external = $db->fetchAssoc( "select `identity`, `auth_provider` from ".TABLE_USERS." where id='{$user_id}'" );
if ( $external )
{
$_SESSION[$this->session_index['pass']] = $passhash;
if ( isset( $external['provider'] ) )
{
$_SESSION['provider'] = $external['provider'];
}
if ( isset( $external['identity'] ) )
{
$_SESSION['identity'] = $external['identity'];
}
}
else
{
$_SESSION['provider'] = null;
$_SESSION['identity'] = null;
}
}
public function expire( $time )
{
$this->expire = $time;
session_cache_limiter( "private" );
session_cache_expire( $time / 60 );
}
public function clearlogin( )
{
unset( $_SESSION[$this->session_index['user']] );
unset( $_SESSION[$this->session_index['pass']] );
}
public function _stripslashes( $text )
{
if ( get_magic_quotes_gpc( ) )
{
$text = stripslashes( $text );
}
return $text;
}
public function loggedin( )
{
if ( !isset( $_SESSION[$this->session_index['user']] ) || !isset( $_SESSION[$this->session_index['pass']] ) )
{
return 0;
}
if ( !$this->checklogin( $_SESSION[$this->session_index['user']], $_SESSION[$this->session_index['pass']] ) )
{
return 0;
}
return $_SESSION[$this->session_index['user']];
}
public function crtuser( )
{
return $_SESSION[$this->session_index['user']];
}
public function crtuserid( )
{
global $config_abs_path;
require_once( $config_abs_path."/classes/users.php" );
if ( !isset( $_SESSION[$this->session_index['user']] ) )
{
return 0;
}
$username = $_SESSION[$this->session_index['user']];
$identity = $_SESSION['identity'];
$usr = new users( );
$user_id = $usr->getUserId( $username, $identity );
return $user_id;
}
public function admin_haslogin( )
{
$this->username = $_POST[$this->admin_post_index['user']];
$this->passhash = settings::encode( $_POST[$this->admin_post_index['pass']] );
$this->username = $this->_stripslashes( $this->username );
$this->passhash = $this->_stripslashes( $this->passhash );
return $this->admin_checklogin( $this->username, $this->passhash );
}
public function admin_checklogin( $user = null, $passhash = null )
{
if ( $user === null )
{
$user = $this->username;
}
if ( $passhash === null )
{
$passhash = $this->passhash;
}
if ( !$user || !$passhash )
{
return 0;
}
global $settings;
$admin_user = $settings['admin_username'];
$admin_password = $settings['admin_password'];
if ( $admin_user == $user && $admin_password == $passhash )
{
return 1;
}
return 0;
}
public function admin_savelogin( $ip )
{
global $db;
$_SESSION[$this->admin_session_index['user']] = $this->username;
$_SESSION[$this->admin_session_index['pass']] = $this->passhash;
$_SESSION['provider'] = null;
$_SESSION['identity'] = null;
$timestamp = date( "Y-m-d H:i:s" );
$res = $db->query( "insert into ".TABLE_LOGIN_HISTORY." set username = '{$this->username}', date_login = '{$timestamp}', `ip` = '{$ip}', succeeded = 1" );
$this->clearlogin( );
}
public function adminloggedin( )
{
if ( !isset( $_SESSION[$this->admin_session_index['user']] ) || !isset( $_SESSION[$this->admin_session_index['pass']] ) )
{
return 0;
}
if ( !$this->admin_checklogin( $_SESSION[$this->admin_session_index['user']], $_SESSION[$this->admin_session_index['pass']] ) )
{
return 0;
}
return 1;
}
public function admin_clearlogin( )
{
if ( isset( $_SESSION[$this->admin_session_index['user']] ) )
{
unset( $_SESSION[$this->admin_session_index['user']] );
}
if ( isset( $_SESSION[$this->admin_session_index['pass']] ) )
{
unset( $_SESSION[$this->admin_session_index['pass']] );
}
}
public function getlastlogin( $username )
{
global $db;
global $appearance_settings;
$date_format = $appearance_settings['date_format_long'];
$arr = array( );
$arr = $db->fetchAssoc( "select date_format(date_login, '{$date_format}') as date_login_nice, ip from ".TABLE_LOGIN_HISTORY." where username like '{$username}' and succeeded = 1 order by date_login desc limit 1" );
return $arr;
}
public function getloginbefore( $username )
{
global $db;
global $appearance_settings;
$date_format = $appearance_settings['date_format_long'];
$arr = array( );
$arr = $db->fetchAssoc( "select date_format(date_login, '{$date_format}') as date_login_nice, ip from ".TABLE_LOGIN_HISTORY." where username like '{$username}' and succeeded = 1 order by date_login desc limit 1,1 " );
return $arr;
}
public function authcount( $user )
{
global $db;
$count = $db->fetchRow( "select count(*) from ".TABLE_LOGIN_HISTORY." where username like '{$user}'" );
return $count;
}
public function getnoauthpages( $user, $no_per_page )
{
$total = $this->authCount( $user );
if ( $total == 0 )
{
return 1;
}
return ceil( $total / $no_per_page );
}
public function getloginhistory( $user, $page, $no_per_page )
{
$start = ( $page - 1 ) * $no_per_page;
global $appearance_settings;
global $db;
$date_format = $appearance_settings['date_format_long'];
$arr = $db->fetchAssocList( "select *, date_format(date_login, '{$date_format}') as date_login_nice from ".TABLE_LOGIN_HISTORY." where username like '{$user}' order by date_login desc limit {$start}, {$no_per_page}" );
$i = 0;
$array = array( );
foreach ( $arr as $result )
{
$array[$i] = $result;
if ( $i % 2 )
{
$array[$i]['style'] = "_odd";
}
else
{
$array[$i]['style'] = "_even";
}
++$i;
}
return $array;
}
public function deleteloginhistory( $user )
{
global $db;
$db->query( "delete from ".TABLE_LOGIN_HISTORY." where username like '{$user}'" );
return 1;
}
public function geterror( )
{
return $this->error;
}
public function adderror( $str )
{
$this->error .= $str;
}
public function seterror( $str )
{
$this->error = $str;
}
}
?>