X-Git-Url: https://jasonwoof.com/gitweb/?p=wfpl-cms.git;a=blobdiff_plain;f=inc%2Fsession_auth.php;fp=inc%2Fsession_auth.php;h=5f25ffe6af294393e6c88e1a888c8ac8eadf81a2;hp=9e49d37606bd9992ebb4d8ebf2acda2eb0ac18af;hb=01c953a17babb9d6fedb751671d7e05bc6f33a92;hpb=9cd73aa3d18a76feb8fe640071c9e7e90abf4f8f

diff --git a/inc/session_auth.php b/inc/session_auth.php
index 9e49d37..5f25ffe 100644
--- a/inc/session_auth.php
+++ b/inc/session_auth.php
@@ -2,86 +2,86 @@
 
 # normalize usernames (for case-insensitive etc. logins)
 function format_auth_username($str) {
-	$str = iconv('utf8', 'ascii//TRANSLIT', $str);
-	$str = strtolower(trim($str));
-	$str = preg_replace('/[^a-z0-9]/', '', $str);
-	return $str;
+    $str = iconv('utf8', 'ascii//TRANSLIT', $str);
+    $str = strtolower(trim($str));
+    $str = preg_replace('/[^a-z0-9]/', '', $str);
+    return $str;
 }
 
 # Called automatically by session_auth().
 # Only call if you've just verified that someone has logged in, or has clicked
 # a valid password reset link.
 function session_auth_init($id = false, $password_reset = false) {
-	$GLOBALS['wfpl_session_auth'] = [
-		'id' => null,
-		'role' => null,
-		'name' => null,
-		'username' => null,
-		'last_active' => null,
-		'password_reset' => null
-	];
+    $GLOBALS['wfpl_session_auth'] = [
+        'id' => null,
+        'role' => null,
+        'name' => null,
+        'username' => null,
+        'last_active' => null,
+        'password_reset' => null
+    ];
 
-	if ($id) {
-		$user = db_get_assoc('users', 'role,name,username', 'where id=%i', $id);
-		$now = time();
-		db_update('users', 'last_active', $now, 'where id=%i', $id);
-		$GLOBALS['wfpl_session_auth']['id'] = $id;
-		$GLOBALS['wfpl_session_auth']['role'] = $user['role'];
-		$GLOBALS['wfpl_session_auth']['name'] = $user['name'];
-		$GLOBALS['wfpl_session_auth']['username'] = $user['username'];
-		$GLOBALS['wfpl_session_auth']['last_active'] = $now;
-	}
+    if ($id) {
+        $user = db_get_assoc('users', 'role,name,username', 'where id=%i', $id);
+        $now = time();
+        db_update('users', 'last_active', $now, 'where id=%i', $id);
+        $GLOBALS['wfpl_session_auth']['id'] = $id;
+        $GLOBALS['wfpl_session_auth']['role'] = $user['role'];
+        $GLOBALS['wfpl_session_auth']['name'] = $user['name'];
+        $GLOBALS['wfpl_session_auth']['username'] = $user['username'];
+        $GLOBALS['wfpl_session_auth']['last_active'] = $now;
+    }
 
-	if ($password_reset) {
-		$GLOBALS['wfpl_session_auth']['password_reset'] = true;
-		$GLOBALS['wfpl_session_auth']['id'] = session_get('auth_password_reset_id');
-	}
+    if ($password_reset) {
+        $GLOBALS['wfpl_session_auth']['password_reset'] = true;
+        $GLOBALS['wfpl_session_auth']['id'] = session_get('auth_password_reset_id');
+    }
 }
 
 # return an assoc containing info about the authenticated user, see session_auth_init
 function session_auth() {
-	if (!isset($GLOBALS['wfpl_session_auth'])) {
-		$id = false;
-		$reset = false;
-		if (session_exists()) {
-			$id = session_get('auth_id');
-			if (!$id) {
-				$r = session_get('auth_password_reset');
-				if (strlen($r)) {
-					$r = (int) format_int_0($r);
-					if (time() < $r) {
-						$reset = true;
-					} else {
-						message('Oops, your temporary access (to change your password) has expired');
-						session_clear('auth_password_reset');
-					}
-				}
-			}
-		}
-		session_auth_init($id, $reset);
-	}
-	return $GLOBALS['wfpl_session_auth'];
+    if (!isset($GLOBALS['wfpl_session_auth'])) {
+        $id = false;
+        $reset = false;
+        if (session_exists()) {
+            $id = session_get('auth_id');
+            if (!$id) {
+                $r = session_get('auth_password_reset');
+                if (strlen($r)) {
+                    $r = (int) format_int_0($r);
+                    if (time() < $r) {
+                        $reset = true;
+                    } else {
+                        message('Oops, your temporary access (to change your password) has expired');
+                        session_clear('auth_password_reset');
+                    }
+                }
+            }
+        }
+        session_auth_init($id, $reset);
+    }
+    return $GLOBALS['wfpl_session_auth'];
 }
 
 # return true if the logged in user is allowed to $priv
 # (false if they are not logged in, or aren't alowed to $priv)
 function session_auth_can($priv) {
-	$s = session_auth();
-	if ($s['role'] === 'admin') {
-		return true;
-	}
-	return false;
+    $s = session_auth();
+    if ($s['role'] === 'admin') {
+        return true;
+    }
+    return false;
 }
 
 # return ONLY IF the currently logged in user can $priv
 # otherwise, it displays the login page, and exit early
 function session_auth_must($priv) {
-	if (session_auth_can($priv)) {
-		return;
-	}
-	if (!isset($_REQUEST['after_login'])) {
-		$_REQUEST['after_login_url'] = this_url();
-	}
-	wfpl_main('login');
-	exit();
+    if (session_auth_can($priv)) {
+        return;
+    }
+    if (!isset($_REQUEST['after_login'])) {
+        $_REQUEST['after_login_url'] = this_url();
+    }
+    wfpl_main('login');
+    exit();
 }