-
Notifications
You must be signed in to change notification settings - Fork 0
/
user_auth_fns.php
102 lines (81 loc) · 2.06 KB
/
user_auth_fns.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
function login($email, $password) {
// check username and password with db
// if yes, return login type
// else return false
// connect to db
$conn = db_connect();
if (!$conn) {
return 0;
}
$query = "select admin from subscribers
where email='".$email."'
and password = sha1('".$password."')";
$result = $conn->query($query);
if (!$result) {
return false;
}
if ($result->num_rows<1) {
return false;
}
$row = $result->fetch_array();
if($row[0] == 1) {
return 'admin';
} else {
return 'normal';
}
}
function check_logged_in() {
return ( check_normal_user() || check_admin_user() );
}
function get_email() {
if (isset($_SESSION['normal_user'])) {
return $_SESSION['normal_user'];
}
if (isset($_SESSION['admin_user'])) {
return $_SESSION['admin_user'];
}
return false;
}
function change_password($email, $old_password, $new_password,
$new_password_conf) {
// change password for email/old_password to new_password
// return true or false
// if the old password is right
// change their password to new_password and return true
// else return false
if (login($email, $old_password)) {
if($new_password==$new_password_conf) {
if (!($conn = db_connect())) {
return false;
}
$query = "update subscribers
set password = sha1('".$new_password."')
where email = '".$email."'";
$result = $conn->query($query);
return $result;
} else {
echo "<p>Your passwords do not match.</p>";
}
} else {
echo "<p>Your old password is incorrect.</p>";
}
return false; // old password was wrong
}
function check_normal_user() {
// see if somebody is logged in and notify them if not
if (isset($_SESSION['normal_user'])) {
return true;
} else {
return false;
}
}
function check_admin_user() {
// see if somebody is logged in and notify them if not
if (isset($_SESSION['admin_user'])) {
return true;
} else {
return false;
}
}
?>