From 9f4927825bb5efeefdff9a2aac05c5b3200f5ef6 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Wed, 28 Jun 2017 12:32:48 +0300
Subject: move to internal user management because it's impossible to implement
 proper transparent offline mode with http auth (worker is incapable of
 authenticating properly)

MIGRATION:

1. disable HTTP authentication (this is important!)
2. add two new tables to db/scratch.db (sessions & users)
3. create users via useradm.php (same names and passwords, previous data
is kept)
---
 backend.php | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

(limited to 'backend.php')

diff --git a/backend.php b/backend.php
index 7a4b63e..4ab000d 100644
--- a/backend.php
+++ b/backend.php
@@ -1,15 +1,16 @@
 <?php
 
 	require_once "config.php";
+	require_once "sessions.php";
+	require_once "db.php";
+
+	$ldb = Db::get();
 
 	$op = $_REQUEST["op"];
 
 	header("Content-type: text/json");
 
-	$ldb = new SQLite3(SCRATCH_DB);
-	$ldb->busyTimeout(30*1000);
-
-	$owner = SQLite3::escapeString($_SERVER["PHP_AUTH_USER"]);
+	$owner = SQLite3::escapeString($_SESSION["owner"]);
 
 	if (!$owner) {
 		header($_SERVER["SERVER_PROTOCOL"]." 401 Unauthorized");
@@ -43,7 +44,11 @@
 		}
 
 		break;
+	case "getowner":
+		$owner = SQLite3::escapeString($_SESSION["owner"]);;
 
+		print json_encode(["owner" => $owner]);
+		break;
 	case "getinfo":
 		$id = (int) $_REQUEST["id"];
 
-- 
cgit v1.2.3