X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/ae6f8a065aa433337311d74bc81cb05526246f88..ea368b7d7b7a5a853c48f6247d8dfe46107c2ced:/auth.inc.php diff --git a/auth.inc.php b/auth.inc.php index c8b6b31..a1ccedf 100644 --- a/auth.inc.php +++ b/auth.inc.php @@ -5,6 +5,9 @@ class User { function __construct($dir) { + if (!file_exists($dir)) { + throw new Exception("Gebruiker niet gevonden in $dir"); + } $this->dir = $dir; $this->login = basename($dir); } @@ -14,20 +17,49 @@ class User return $this->$col = $this->$col(); # run method and cache } + function rawname() + { + return rtrim(@file_get_contents("{$this->dir}/name.txt")); + } + function name() { - return @file_get_contents("{$this->dir}/name.txt"); + return htmlspecialchars(implode(' & ', explode("\n", $this->rawname))); + } + + function html() + { + return $this->name ?: $this->login; + } + + function email() + { + return rtrim(@file_get_contents("{$this->dir}/email.txt")); } - function admin() + function admin($permission = NULL) { - return @file_exists("{$this->dir}/.admin"); + if (isset($permission)) { + return $this->admin && isset($this->admin[$permission]); # check level + } + if (!@file_exists("{$this->dir}/.admin")) { + return FALSE; # not an admin + } + return array_fill_keys(explode("\n", file_get_contents("{$this->dir}/.admin")), TRUE); } function seen() { return @filemtime("{$this->dir}/last.log"); } + + function logclient() + { + if ($log = @fopen("{$this->dir}/last.log", 'w')) { + $line = $_SERVER['REMOTE_ADDR'].' '.$_SERVER['HTTP_USER_AGENT']; + fwrite($log, $line."\n"); + } + } } function login_password_verify($input, $test) @@ -42,7 +74,7 @@ function login_password_verify($input, $test) function login_setcookie() { global $User; - return setcookie('login', $User['auth'], 0, '/'); + return setcookie('login', $User->auth, 0, '/'); } function login($inuser, $inpass = NULL) @@ -70,17 +102,11 @@ function login($inuser, $inpass = NULL) if (function_exists('apache_note')) apache_note('user', $inuser); - if ($log = @fopen("$userdir/last.log", 'w')) { - fwrite($log, "{$_SERVER['REMOTE_ADDR']} {$_SERVER['HTTP_USER_AGENT']}\n"); - } - - return [ - 'name' => $inuser, - 'dir' => $userdir, - 'admin' => file_exists("$userdir/.admin"), - 'pass' => $usertest, - 'auth' => "$inuser:$authhash", - ]; + $user = new User($userdir); + $user->logclient(); + $user->pass = $usertest; + $user->auth = "$inuser:$authhash"; + return $user; } if (isset($_COOKIE['login'])) {