X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;f=code%2Fconfig.php;h=30691abadbcdb32241647889a25794f7591c0215;hb=HEAD;hp=1e59d64fd25280c49fee9f992716d2fdb0d6c2cc;hpb=a8968f20cd3b06b2cc19de6871019d4aaae6b79b;p=contractor-progress.git

diff --git a/code/config.php b/code/config.php
index 1e59d64..30691ab 100644
--- a/code/config.php
+++ b/code/config.php
@@ -10,17 +10,45 @@ function cms_get() {
 	return false;
 }
 
-function logged_in_as_admin() {
+# whether currently logged in as admin (can be changed with su)
+function logged_in_as_contractor() {
 	if(!isset($GLOBALS['logged_in_as_admin'])) {
 		$GLOBALS['logged_in_as_admin'] = (logged_in() == 1); # logged_in() returns id. id #1 is admin
 	}
 	return $GLOBALS['logged_in_as_admin'];
 }
 
-function logged_in_as_contractor() {
+# whether originally logged in as contractor (reguardless of current su)
+function ever_was_contractor() {
 	return logged_in_as_admin();
 }
 
 function enc_money($float) {
-	return format_money($float, $cents = true);
+	return format_money($float, $cents = false);
+}
+
+# 1st arg: the correct encrypted password
+# 2nd arg: clear-text password entered by someone
+function check_password($encrypted, $pass) {
+	if(strpos($encrypted, ':') !== 32) {
+		die("password field corrupted");
+	}
+	
+	list($md5, $salt) = explode(':', $encrypted);
+
+	if(md5($salt . $pass) == $md5) {
+		return true;
+	}
+
+	return false;
+}
+
+function encrypt_password($plain) {
+	$password = '';
+
+	$salt = substr(md5(rand() . "f"), 0, 2); # FIXME make this more effecient and clear
+
+	$password = md5($salt . $plain) . ':' . $salt;
+
+	return $password;
 }