http user auth, password changer in preferences

author: Andrew Dolgov <[email protected]> 2005-11-18 07:04:32 +0100
committer: Andrew Dolgov <[email protected]> 2005-11-18 07:04:32 +0100
commit: 1c7f75ed2c8e0c914bba2134158e483aa1c3af40 (patch)
tree: 7368b36fa6d75454c0def17bcad7469c7a88df96 /functions.php
parent: 99620a7fe0e16679c88e5a84115e1a15e25f309d (diff)
1 files changed, 27 insertions, 2 deletions
diff --git a/functions.php b/functions.php
index d07ce024f..fc9818021 100644
--- a/functions.php
+++ b/functions.php
@@ -4,8 +4,8 @@
 	require_once 'config.php';
 	require_once 'db-prefs.php';
 
-	$_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder
-	$_SESSION["name"] = PLACEHOLDER_NAME;
+//	$_SESSION["uid"] = PLACEHOLDER_UID; // FIXME: placeholder
+//	$_SESSION["name"] = PLACEHOLDER_NAME;
 
 	define('MAGPIE_OUTPUT_ENCODING', 'UTF-8');
 
@@ -516,4 +516,29 @@
 
 	}
 
+	function authenticate_user($link) {
+
+		if (!$_SERVER['PHP_AUTH_USER']) {
+
+			header('WWW-Authenticate: Basic realm="Tiny Tiny RSS"');
+			header('HTTP/1.0 401 Unauthorized');
+			print "<h1>401 Unathorized</h1>";
+			exit;
+			
+		} else {
+
+			$login = db_escape_string($_SERVER['PHP_AUTH_USER']);
+			$password = db_escape_string($_SERVER['PHP_AUTH_PW']);
+			$pwd_hash = 'SHA1:' . sha1($password);
+
+			$result = db_query($link, "SELECT id,login FROM ttrss_users WHERE 
+				login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')");
+
+			if (db_num_rows($result) == 1) {
+				$_SESSION["uid"] = db_fetch_result($result, 0, "id");
+				$_SESSION["name"] = db_fetch_result($result, 0, "login");
+			}			
+		}
+	}
+
 ?>
author	Andrew Dolgov <[email protected]>	2005-11-18 07:04:32 +0100
committer	Andrew Dolgov <[email protected]>	2005-11-18 07:04:32 +0100
commit	1c7f75ed2c8e0c914bba2134158e483aa1c3af40 (patch)
tree	7368b36fa6d75454c0def17bcad7469c7a88df96 /functions.php
parent	99620a7fe0e16679c88e5a84115e1a15e25f309d (diff)