X-Git-Url: http://git.shiar.net/minimedit.git/blobdiff_plain/d1fc7642f0b954b69058b0cc041374f30608e6a5..HEAD:/auth.inc.php

diff --git a/auth.inc.php b/auth.inc.php
index a2db9f3..34c83db 100644
--- a/auth.inc.php
+++ b/auth.inc.php
@@ -3,13 +3,18 @@ date_default_timezone_set('Europe/Amsterdam');
 
 class User
 {
-	function __construct($dir)
+	public $dir, $login;
+
+	function __construct($dir = NULL, $existing = TRUE)
 	{
-		if (!file_exists($dir)) {
+		if (empty($dir)) {
+			return;
+		}
+		if (!file_exists($dir) and $existing) {
 			throw new Exception("Gebruiker niet gevonden in $dir");
 		}
 		$this->dir = $dir;
-		$this->login = basename($dir);
+		$this->login = preg_replace('{.*/}', '', $dir);
 	}
 
 	function __get($col)
@@ -19,7 +24,7 @@ class User
 
 	function rawname()
 	{
-		return @file_get_contents("{$this->dir}/name.txt");
+		return rtrim(@file_get_contents("{$this->dir}/name.txt"));
 	}
 
 	function name()
@@ -27,15 +32,52 @@ class User
 		return htmlspecialchars(implode(' & ', explode("\n", $this->rawname)));
 	}
 
-	function admin()
+	function html()
+	{
+		$name = htmlspecialchars($this->login);
+		if ($this->name and $this->name != $name) {
+			$name = "{$this->name}<small> @$name</small>";
+		}
+		return $name;
+	}
+
+	function email()
 	{
-		return @file_exists("{$this->dir}/.admin");
+		return rtrim(@file_get_contents("{$this->dir}/email.txt"));
+	}
+
+	function admin($permission = NULL)
+	{
+		if (isset($permission)) {
+			if (!$this->admin) {
+				return FALSE;  # empty results
+			}
+			preg_match_all('{[ /]}', $permission, $parts, PREG_OFFSET_CAPTURE);
+			foreach ($parts[0] as $part) {
+				if (isset($this->admin[substr($permission, 0, $part[1])])) {
+					return TRUE;  # partial match
+				}
+			}
+			return isset($this->admin[$permission]);  # check level
+		}
+		if (!$this->dir or !@file_exists("{$this->dir}/.admin")) {
+			return FALSE;  # not an admin
+		}
+		return array_fill_keys(explode("\n", file_get_contents("{$this->dir}/.admin")), TRUE);
 	}
 
 	function seen()
 	{
 		return @filemtime("{$this->dir}/last.log");
 	}
+
+	function logclient()
+	{
+		if ($log = @fopen("{$this->dir}/last.log", 'w')) {
+			$line = $_SERVER['REMOTE_ADDR'].' '.$_SERVER['HTTP_USER_AGENT'];
+			fwrite($log, $line."\n");
+		}
+	}
 }
 
 function login_password_verify($input, $test)
@@ -50,7 +92,7 @@ function login_password_verify($input, $test)
 function login_setcookie()
 {
 	global $User;
-	return setcookie('login', $User['auth'], 0, '/');
+	return setcookie('login', $User->auth, 0, '/');
 }
 
 function login($inuser, $inpass = NULL)
@@ -78,21 +120,18 @@ function login($inuser, $inpass = NULL)
 
 	if (function_exists('apache_note')) apache_note('user', $inuser);
 
-	if ($log = @fopen("$userdir/last.log", 'w')) {
-		fwrite($log, "{$_SERVER['REMOTE_ADDR']} {$_SERVER['HTTP_USER_AGENT']}\n");
-	}
-
-	return [
-		'name'  => $inuser,
-		'dir'   => $userdir,
-		'admin' => file_exists("$userdir/.admin"),
-		'pass'  => $usertest,
-		'auth'  => "$inuser:$authhash",
-	];
+	$user = new User($userdir);
+	$user->logclient();
+	$user->pass = $usertest;
+	$user->auth = "$inuser:$authhash";
+	return $user;
 }
 
+global $User;
 if (isset($_COOKIE['login'])) {
-	global $User;
 	$User = login($_COOKIE['login']);
 }
+if (!$User) {
+	$User = new User;
+}