X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;f=session.php;h=26523c22d1e47a3b4deb0be522615f87107536a2;hb=9f4dd08b3d81e9200d8486655df7cd2fc7cf307a;hp=4f1cb67285d25a6b171887bcd77b83dc937a2be5;hpb=b0b28a4587992b92f47abb0429df0e1eaf7f151f;p=wfpl.git diff --git a/session.php b/session.php index 4f1cb67..26523c2 100644 --- a/session.php +++ b/session.php @@ -2,34 +2,21 @@ # Copyright (C) 2006 Jason Woofenden # -# This file is part of wfpl. -# -# wfpl is free software; you can redistribute it and/or modify it under the -# terms of the GNU Lesser General Public License as published by the Free -# Software Foundation; either version 2.1 of the License, or (at your option) -# any later version. -# -# wfpl is distributed in the hope that it will be useful, but WITHOUT ANY -# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS -# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for -# more details. -# -# You should have received a copy of the GNU Lesser General Public License -# along with wfpl; if not, write to the Free Software Foundation, Inc., 51 -# Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - -# you'll need this file that calls db_connect() -if(!isset($GLOBALS['wfpl_db_handle'])) { - if(file_exists('db_connect.php')) { - require_once('db_connect.php'); - } elseif(file_exists('code/db_connect.php')) { - require_once('code/db_connect.php'); - } else { - die("session.php requires a file db_connect.php or that you call db_connect() first. See code/wfpl/db.php for more information."); - } -} - -# and these database tables: +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +# you'll need these database tables: # create table wfpl_sessions (id int unique auto_increment, session_key varchar(16), length int, expires int); # create table wfpl_session_data (id int unique auto_increment, session_id int, name varchar(100), value text); # run this command to install/clear the tables: @@ -39,7 +26,7 @@ if(!isset($GLOBALS['wfpl_db_handle'])) { # GLOSSARY # # session_key 16 digit string identifying the session -# session_id integer id of the record in the "sessions" table of the database +# session_id integer id of the record in the "wfpl_sessions" table of the database # UNTIL_CLOSE a constant passed as session length to indicate "until browser window closes" @@ -138,8 +125,29 @@ function session_exists() { return true; } -# return username if a session exists and is authenticated +# depricated function session_exists_and_authed() { + return logged_in(); +} + + +# generate a random password using only letters and numbers that look +# particularly unique +function new_readable_password($length = 8) { + $character_set = "ABCDEFHJKLMNPQRTUVWXY34789"; + $code = ""; + + # PHP 4.2.0 and up seed the random number generator for you. + # Lets hope that it seeds with something harder to guess than the clock. + while($length--) { + $code .= $character_set{mt_rand(0, 25)}; # inclusive + } + + return $code; +} + +# return username if a session exists and is authenticated +function logged_in() { if(!session_exists()) { return false; } @@ -148,6 +156,20 @@ function session_exists_and_authed() { } + +# return username if a session exists and is authenticated +function logged_in_as_admin() { + if(!session_exists()) { + return false; + } + + if(session_get('auth_admin')) { + return true; + } + return false; +} + + # find existing session, or make one function init_session() { if(!session_exists()) {