nieuws/feed: atom content type and link attributes

[minimedit.git] / auth.inc.php
diff --git a/auth.inc.php b/auth.inc.php

old mode 100755 (executable)

new mode 100644 (file)

index 1a72379..a2db9f3
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -1,12 +1,98 @@
  <?php
-$ALLOWED = [
-       '127.0.0.1',
-       '192.168.178.0/24',
-       '94.208.83.16', # arie.ziggo
-       '83.161.198.138', # shiar.demon
-       '145.131.141.219', # shiar@1m
-];
-
-$editable = in_array($_SERVER['REMOTE_ADDR'], $ALLOWED) ?
-       $_SERVER['REMOTE_ADDR'] : FALSE;
+date_default_timezone_set('Europe/Amsterdam');
+
+class User
+{
+       function __construct($dir)
+       {
+               if (!file_exists($dir)) {
+                       throw new Exception("Gebruiker niet gevonden in $dir");
+               }
+               $this->dir = $dir;
+               $this->login = basename($dir);
+       }
+
+       function __get($col)
+       {
+               return $this->$col = $this->$col();  # run method and cache
+       }
+
+       function rawname()
+       {
+               return @file_get_contents("{$this->dir}/name.txt");
+       }
+
+       function name()
+       {
+               return htmlspecialchars(implode(' & ', explode("\n", $this->rawname)));
+       }
+
+       function admin()
+       {
+               return @file_exists("{$this->dir}/.admin");
+       }
+
+       function seen()
+       {
+               return @filemtime("{$this->dir}/last.log");
+       }
+}
+
+function login_password_verify($input, $test)
+{
+       if (substr($test, 0, 1) != '$') {
+               # plaintext match for uncrypted passwords
+               return $input === $test;
+       }
+       return password_verify($input, $test);
+}
+
+function login_setcookie()
+{
+       global $User;
+       return setcookie('login', $User['auth'], 0, '/');
+}
+
+function login($inuser, $inpass = NULL)
+{
+       if (empty($inuser)) return;
+       if (!isset($inpass)) {
+               @list ($inuser, $inauth) = explode(':', $inuser, 2);
+       }
+
+       # find password data by user name
+       $userdir = 'profile/'.preg_replace('/[^a-z0-9]+/', '-', strtolower($inuser));
+       $pwfile = "$userdir/.passwd";
+       if (!file_exists($pwfile)) return;
+       $usertest = trim(file_get_contents($pwfile));
+       if (!$usertest) return;
+
+       # verify password
+       $authhash = md5($usertest);
+       if (isset($inpass)) {
+               if (!login_password_verify($inpass, $usertest)) return;
+       }
+       else {
+               if ($inauth !== $authhash) return;
+       }
+
+       if (function_exists('apache_note')) apache_note('user', $inuser);
+
+       if ($log = @fopen("$userdir/last.log", 'w')) {
+               fwrite($log, "{$_SERVER['REMOTE_ADDR']} {$_SERVER['HTTP_USER_AGENT']}\n");
+       }
+
+       return [
+               'name'  => $inuser,
+               'dir'   => $userdir,
+               'admin' => file_exists("$userdir/.admin"),
+               'pass'  => $usertest,
+               'auth'  => "$inuser:$authhash",
+       ];
+}
+
+if (isset($_COOKIE['login'])) {
+       global $User;
+       $User = login($_COOKIE['login']);
+}