diff options
author | Andrew Dolgov <[email protected]> | 2005-11-18 07:04:32 +0100 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2005-11-18 07:04:32 +0100 |
commit | 1c7f75ed2c8e0c914bba2134158e483aa1c3af40 (patch) | |
tree | 7368b36fa6d75454c0def17bcad7469c7a88df96 /functions.php | |
parent | 99620a7fe0e16679c88e5a84115e1a15e25f309d (diff) |
http user auth, password changer in preferences
Diffstat (limited to 'functions.php')
-rw-r--r-- | functions.php | 29 |
1 files changed, 27 insertions, 2 deletions
diff --git a/functions.php b/functions.php index d07ce024f..fc9818021 100644 --- a/functions.php +++ b/functions.php @@ -4,8 +4,8 @@ require_once 'config.php'; require_once 'db-prefs.php'; - $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder - $_SESSION["name"] = PLACEHOLDER_NAME; +// $_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder +// $_SESSION["name"] = PLACEHOLDER_NAME; define('MAGPIE_OUTPUT_ENCODING', 'UTF-8'); @@ -516,4 +516,29 @@ } + function authenticate_user($link) { + + if (!$_SERVER['PHP_AUTH_USER']) { + + header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"'); + header('HTTP/1.0 401 Unauthorized'); + print "<h1>401 Unathorized</h1>"; + exit; + + } else { + + $login = db_escape_string($_SERVER['PHP_AUTH_USER']); + $password = db_escape_string($_SERVER['PHP_AUTH_PW']); + $pwd_hash = 'SHA1:' . sha1($password); + + $result = db_query($link, "SELECT id,login FROM ttrss_users WHERE + login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')"); + + if (db_num_rows($result) == 1) { + $_SESSION["uid"] = db_fetch_result($result, 0, "id"); + $_SESSION["name"] = db_fetch_result($result, 0, "login"); + } + } + } + ?> |