# normalize usernames (for case-insensitive etc. logins)
function format_auth_username($str) {
- $str = iconv('utf8', 'ascii//TRANSLIT', $str);
- $str = strtolower(trim($str));
- $str = preg_replace('/[^a-z0-9]/', '', $str);
- return $str;
+ $str = iconv('utf8', 'ascii//TRANSLIT', $str);
+ $str = strtolower(trim($str));
+ $str = preg_replace('/[^a-z0-9]/', '', $str);
+ return $str;
}
# Called automatically by session_auth().
# Only call if you've just verified that someone has logged in, or has clicked
# a valid password reset link.
function session_auth_init($id = false, $password_reset = false) {
- $GLOBALS['wfpl_session_auth'] = [
- 'id' => null,
- 'role' => null,
- 'name' => null,
- 'username' => null,
- 'last_active' => null,
- 'password_reset' => null
- ];
+ $GLOBALS['wfpl_session_auth'] = [
+ 'id' => null,
+ 'role' => null,
+ 'name' => null,
+ 'username' => null,
+ 'last_active' => null,
+ 'password_reset' => null
+ ];
- if ($id) {
- $user = db_get_assoc('users', 'role,name,username', 'where id=%i', $id);
- $now = time();
- db_update('users', 'last_active', $now, 'where id=%i', $id);
- $GLOBALS['wfpl_session_auth']['id'] = $id;
- $GLOBALS['wfpl_session_auth']['role'] = $user['role'];
- $GLOBALS['wfpl_session_auth']['name'] = $user['name'];
- $GLOBALS['wfpl_session_auth']['username'] = $user['username'];
- $GLOBALS['wfpl_session_auth']['last_active'] = $now;
- }
+ if ($id) {
+ $user = db_get_assoc('users', 'role,name,username', 'where id=%i', $id);
+ $now = time();
+ db_update('users', 'last_active', $now, 'where id=%i', $id);
+ $GLOBALS['wfpl_session_auth']['id'] = $id;
+ $GLOBALS['wfpl_session_auth']['role'] = $user['role'];
+ $GLOBALS['wfpl_session_auth']['name'] = $user['name'];
+ $GLOBALS['wfpl_session_auth']['username'] = $user['username'];
+ $GLOBALS['wfpl_session_auth']['last_active'] = $now;
+ }
- if ($password_reset) {
- $GLOBALS['wfpl_session_auth']['password_reset'] = true;
- $GLOBALS['wfpl_session_auth']['id'] = session_get('auth_password_reset_id');
- }
+ if ($password_reset) {
+ $GLOBALS['wfpl_session_auth']['password_reset'] = true;
+ $GLOBALS['wfpl_session_auth']['id'] = session_get('auth_password_reset_id');
+ }
}
# return an assoc containing info about the authenticated user, see session_auth_init
function session_auth() {
- if (!isset($GLOBALS['wfpl_session_auth'])) {
- $id = false;
- $reset = false;
- if (session_exists()) {
- $id = session_get('auth_id');
- if (!$id) {
- $r = session_get('auth_password_reset');
- if (strlen($r)) {
- $r = (int) format_int_0($r);
- if (time() < $r) {
- $reset = true;
- } else {
- message('Oops, your temporary access (to change your password) has expired');
- session_clear('auth_password_reset');
- }
- }
- }
- }
- session_auth_init($id, $reset);
- }
- return $GLOBALS['wfpl_session_auth'];
+ if (!isset($GLOBALS['wfpl_session_auth'])) {
+ $id = false;
+ $reset = false;
+ if (session_exists()) {
+ $id = session_get('auth_id');
+ if (!$id) {
+ $r = session_get('auth_password_reset');
+ if (strlen($r)) {
+ $r = (int) format_int_0($r);
+ if (time() < $r) {
+ $reset = true;
+ } else {
+ message('Oops, your temporary access (to change your password) has expired');
+ session_clear('auth_password_reset');
+ }
+ }
+ }
+ }
+ session_auth_init($id, $reset);
+ }
+ return $GLOBALS['wfpl_session_auth'];
}
# return true if the logged in user is allowed to $priv
# (false if they are not logged in, or aren't alowed to $priv)
function session_auth_can($priv) {
- $s = session_auth();
- if ($s['role'] === 'admin') {
- return true;
- }
- return false;
+ $s = session_auth();
+ if ($s['role'] === 'admin') {
+ return true;
+ }
+ return false;
}
# return ONLY IF the currently logged in user can $priv
# otherwise, it displays the login page, and exit early
function session_auth_must($priv) {
- if (session_auth_can($priv)) {
- return;
- }
- if (!isset($_REQUEST['after_login'])) {
- $_REQUEST['after_login_url'] = this_url();
- }
- wfpl_main('login');
- exit();
+ if (session_auth_can($priv)) {
+ return;
+ }
+ if (!isset($_REQUEST['after_login'])) {
+ $_REQUEST['after_login_url'] = this_url();
+ }
+ wfpl_main('login');
+ exit();
}