login/pass: error messages below page title

[minimedit.git] / auth.inc.php

diff --git a/auth.inc.php b/auth.inc.php
index 65b7f72571b9123f036a39b845f82fa93e7fdb1e..34c83db0c9bd9d5952b7b023878a7d915f07ba53 100644 (file)
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -3,13 +3,18 @@ date_default_timezone_set('Europe/Amsterdam');
 
 class User
 {
-       function __construct($dir)
+       public $dir, $login;
+
+       function __construct($dir = NULL, $existing = TRUE)
        {
-               if (!file_exists($dir)) {
+               if (empty($dir)) {
+                       return;
+               }
+               if (!file_exists($dir) and $existing) {
                        throw new Exception("Gebruiker niet gevonden in $dir");
                }
                $this->dir = $dir;
-               $this->login = basename($dir);
+               $this->login = preg_replace('{.*/}', '', $dir);
        }
 
        function __get($col)
@@ -27,15 +32,52 @@ class User
                return htmlspecialchars(implode(' & ', explode("\n", $this->rawname)));
        }
 
-       function admin()
+       function html()
+       {
+               $name = htmlspecialchars($this->login);
+               if ($this->name and $this->name != $name) {
+                       $name = "{$this->name}<small> @$name</small>";
+               }
+               return $name;
+       }
+
+       function email()
        {
-               return @file_exists("{$this->dir}/.admin");
+               return rtrim(@file_get_contents("{$this->dir}/email.txt"));
+       }
+
+       function admin($permission = NULL)
+       {
+               if (isset($permission)) {
+                       if (!$this->admin) {
+                               return FALSE;  # empty results
+                       }
+                       preg_match_all('{[ /]}', $permission, $parts, PREG_OFFSET_CAPTURE);
+                       foreach ($parts[0] as $part) {
+                               if (isset($this->admin[substr($permission, 0, $part[1])])) {
+                                       return TRUE;  # partial match
+                               }
+                       }
+                       return isset($this->admin[$permission]);  # check level
+               }
+               if (!$this->dir or !@file_exists("{$this->dir}/.admin")) {
+                       return FALSE;  # not an admin
+               }
+               return array_fill_keys(explode("\n", file_get_contents("{$this->dir}/.admin")), TRUE);
        }
 
        function seen()
        {
                return @filemtime("{$this->dir}/last.log");
        }
+
+       function logclient()
+       {
+               if ($log = @fopen("{$this->dir}/last.log", 'w')) {
+                       $line = $_SERVER['REMOTE_ADDR'].' '.$_SERVER['HTTP_USER_AGENT'];
+                       fwrite($log, $line."\n");
+               }
+       }
 }
 
 function login_password_verify($input, $test)
@@ -50,7 +92,7 @@ function login_password_verify($input, $test)
 function login_setcookie()
 {
        global $User;
-       return setcookie('login', $User['auth'], 0, '/');
+       return setcookie('login', $User->auth, 0, '/');
 }
 
 function login($inuser, $inpass = NULL)
@@ -78,21 +120,18 @@ function login($inuser, $inpass = NULL)
 
        if (function_exists('apache_note')) apache_note('user', $inuser);
 
-       if ($log = @fopen("$userdir/last.log", 'w')) {
-               fwrite($log, "{$_SERVER['REMOTE_ADDR']} {$_SERVER['HTTP_USER_AGENT']}\n");
-       }
-
-       return [
-               'name'  => $inuser,
-               'dir'   => $userdir,
-               'admin' => file_exists("$userdir/.admin"),
-               'pass'  => $usertest,
-               'auth'  => "$inuser:$authhash",
-       ];
+       $user = new User($userdir);
+       $user->logclient();
+       $user->pass = $usertest;
+       $user->auth = "$inuser:$authhash";
+       return $user;
 }
 
+global $User;
 if (isset($_COOKIE['login'])) {
-       global $User;
        $User = login($_COOKIE['login']);
 }
+if (!$User) {
+       $User = new User;
+}