2 function login($inuser, $inpass = NULL)
4 if (empty($inuser)) return;
6 @list ($inuser, $inauth) = explode(':', $inuser, 2);
9 # find password data by user name
10 $userdir = 'login/'.strtolower($inuser);
11 $pwfile = "$userdir/.passwd";
12 if (!file_exists($pwfile)) return;
13 $usertest = trim(file_get_contents($pwfile));
14 if (!$usertest) return;
17 $authhash = md5($usertest);
19 if (substr($usertest, 0, 1) == '$') {
20 if (!password_verify($inpass, $usertest)) return;
23 if ($inpass !== $usertest) return;
27 if ($inauth !== $authhash) return;
30 if (function_exists('apache_note')) apache_note('user', $inuser);
32 if ($log = @fopen("$userdir/last.log", 'w')) {
33 fwrite($log, "{$_SERVER['REMOTE_ADDR']} {$_SERVER['HTTP_USER_AGENT']}\n");
38 'admin' => file_exists("$userdir/.admin"),
39 'auth' => "$inuser:$authhash",
43 if (isset($_COOKIE['login'])) {
45 $User = login($_COOKIE['login']);