[Phpslash-commit] CVS: phpslash-ft/class slashAuthCR.class,1.8,1.9
Brought to you by:
joestewart,
nhruby
From: Joe S. <joe...@us...> - 2002-05-20 22:00:00
|
Update of /cvsroot/phpslash/phpslash-ft/class In directory usw-pr-cvs1:/tmp/cvs-serv16412/phpslash-ft/class Modified Files: slashAuthCR.class Log Message: reg mode Index: slashAuthCR.class =================================================================== RCS file: /cvsroot/phpslash/phpslash-ft/class/slashAuthCR.class,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** slashAuthCR.class 20 May 2002 19:54:17 -0000 1.8 --- slashAuthCR.class 20 May 2002 21:59:56 -0000 1.9 *************** *** 26,32 **** function slashAuth() { ! global $_PSL; $this->psl = $_PSL; } --- 26,41 ---- function slashAuth() { ! global $_PSL, $mode; $this->psl = $_PSL; + // if( !empty($_PSL['authmode'])) { + // $mode = $_PSL['authmode']; + // } + if ($mode=='reg') { + $this->mode='reg'; + } else { + $this->mode='log'; + } + } *************** *** 66,70 **** slashfoot(); } ! function auth_preauth() { --- 75,79 ---- slashfoot(); } ! /* function auth_preauth() { *************** *** 110,114 **** } ! function auth_validatelogin() { --- 119,123 ---- } ! */ function auth_validatelogin() { *************** *** 200,203 **** --- 209,363 ---- return false; } + + function auth_registerform() { + global $sess; + + $templ = new Template($this->psl['templatedir']); + $templ->set_file(array( + form => "registerform.tpl" + )); + + $templ->set_var(ACTION_URL,$this->psl['rooturl']."/login.php3?mode=reg"); + $templ->set_var(PHP_SELF,$this->psl[phpself]); + if (isset($this->auth["uname"])) { + $templ->set_var(USERNAME,$this->auth['uname']); + } else { + $templ->set_var(USERNAME,""); + $this->auth["error"] = ""; + } + if (isset($this->auth["email"])) { + $templ->set_var(EMAIL,$this->auth["email"]); + } else { + $templ->set_var(EMAIL,""); + } + if (isset($this->auth["realname"])) { + $templ->set_var(REALNAME,$this->auth["realname"]); + } else { + $templ->set_var(REALNAME,""); + } + if (isset($this->auth["url"])) { + $templ->set_var(URL,$this->auth["url"]); + } else { + $templ->set_var(URL,""); + } + if (isset($this->auth["quote"])) { + $templ->set_var(QUOTE,$this->auth["quote"]); + } else { + $templ->set_var(QUOTE,""); + } + if (isset($this->auth["seclev"])) { + $templ->set_var(SECLEV,$this->auth["seclev"]); + } else { + $templ->set_var(SECLEV,""); + } + + if (isset($this->auth["error"])) { + $templ->set_var(ERROR,$this->auth["error"]); + } else { + $templ->set_var(ERROR,""); + } + slashhead("Register", "Register"); + $templ->pparse(OUT,"form"); + slashfoot(); + } + + + function auth_doregister() { + + global $username,$pass1, $pass2, $realname, $email, $mode; + global $password, $url, $quote, $seclev, $HTTP_POST_VARS; + + # the login form will save the username + $this->auth["uname"] = $username; + $this->auth["realname"] = $realname; + $this->auth["email"] = $email; + $this->auth["url"] = $url; + $this->auth["quote"] = $quote; + $this->auth["seclev"] = $seclev; + + + if ($username == "" || $pass1 == ""){ + $this->auth["error"] = "Username or password missing. Please try again."; + return false; + } + + // $debug = true; + + ## Check the passwords for validity. + if ($pass1 != $pass2) { + $this->auth["error"] = "Password and repeated password do not match. Please try again."; + return false; + } + if (($pass1 == "") OR ($pass2 == "")) { + $this->auth["error"] = "Please enter your password."; + return false; + + } + + # assume the check is gonna fail + $uid = false; + + $q = "SELECT * + FROM psl_author + WHERE author_name = '$username' "; + + # debug ("QUERY", $q); + + $this->db->query($q); + + while ($this->db->next_record()) { + ## If user is present and password matches, silently log + ## the user in. + if ($this->db->f("password") == md5($username .":". $pass1)) { + $uid = $this->db->f("author_id"); + $this->auth["uid"] = $this->db->f("author_id"); + $this->auth["uname"] = $this->db->f("author_name"); + $this->auth["perm"] = $this->db->f("perms"); + $this->auth["email"] = $this->db->f("email"); + $this->auth["realname"] = $this->db->f("realname"); + return $uid; + } + ## If user is present and password does not match, + ## complain and fail. + $this->auth["error"] = "This username is already taken. Please choose a different one."; + return false; + + } + + // add new user + $author = new Author; + $ary["author_name"] = $username; + $ary["password"] = $pass1; + $ary["email"] = $email; + $ary["url"] = $url; + $ary["quote"] = $quote; + $ary["author_realname"] = $realname; + $ary["seclev"] = $seclev; + $perm_ary = array("nobody", + "user"); + + $ary["permission"] = $perm_ary; + + // use Author.class saveStory for account creation + if ($author->saveAuthor($ary)) { + // $password = $pass1; + $HTTP_POST_VARS['username'] = $username; + $HTTP_POST_VARS['password'] = $pass1; + $HTTP_POST_VARS['challenge'] = md5(uniqid($this->magic)); + $HTTP_POST_VARS['response'] = ''; + // debug("username", $username); + // debug("pass1", $pass1); + $uid = $this->auth_validatelogin(); + if( $uid == false) { + $this->auth["error"] = "Account created, but validation failed"; + } + return $uid; + } else { + $this->auth["error"] = "User Registration failed"; + return false; + } + + } + } |