Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Added way to interface a API to login instead.

  • Loading branch information...
commit 324c413d22b3185af46f5f791ea91f5c498a7440 1 parent 742995e
@benjojo authored
Showing with 46 additions and 15 deletions.
  1. +7 −0 auth.php
  2. +2 −0  config.php
  3. +37 −15 login.php
View
7 auth.php
@@ -0,0 +1,7 @@
+<?php
+
+function GetAuthAPIStatus($username,$password) {
+ return true;
+}
+
+?>
View
2  config.php
@@ -1,4 +1,6 @@
<?php
+$USE_AUTH_API = 0; // Change if you want to use in a diffrent system.
+
$con = mysql_connect("localhost","root","-Removed-");
if (!$con)
{
View
52 login.php
@@ -13,23 +13,45 @@
require 'session.php';
require 'config.php';
if (isset($_POST["login"])){
- $esc_usr = mysql_real_escape_string($_POST["login"]);
- $esc_pas = hash('haval128,5', $_POST["password"]);
- $result = mysql_query("SELECT * FROM `auth` WHERE `username` = '$esc_usr' AND `password` = '$esc_pas';");
+ if ($USE_AUTH_API == 0){
+ $esc_usr = mysql_real_escape_string($_POST["login"]);
+ $esc_pas = hash('haval128,5', $_POST["password"]);
+ $result = mysql_query("SELECT * FROM `auth` WHERE `username` = '$esc_usr' AND `password` = '$esc_pas';");
- $count=mysql_num_rows($result);
-
- if($count==1){
- $row = mysql_fetch_array($result);
- $_SESSION['id'] = $row['userID'];
+ $count=mysql_num_rows($result);
+
+ if($count==1){
+ $row = mysql_fetch_array($result);
+ $_SESSION['id'] = $row['userID'];
+ $_SESSION['authlevel'] = $row['authlevel'];
+ header("location:home.php");
+ }
+ else
+ {
+ die('Failed to login, User / Password combo not found in database. Also: ' . $esc_pas);
+ }
+ }else{
+ if(GetAuthAPIStatus($_POST["login"],$_POST["password"])){
+ $esc_usr = mysql_real_escape_string($_POST["login"]);
+ $StatusQuery = mysql_query("SELECT * FROM `auth` WHERE `username` = '$esc_usr';"); // Query to see if he is a new user...
+ $count=mysql_num_rows($StatusQuery);
+ if($count == 1){
+ // We know this guy.
+ $row = mysql_fetch_array($result);
+ $_SESSION['id'] = $row['userID'];
$_SESSION['authlevel'] = $row['authlevel'];
- header("location:home.php");
+ header("location:home.php");
+ }else{
+ // We don't know this guy, Lets add him to the DB.
+ // Make up a email
+ $fake_email = $esc_user . "@cabot.ac.uk";
+ mysql_query("INSERT INTO `notorac`.`auth` (`username`, `password`, `userID`, `authlevel`, `email`) VALUES ('$esc_user', '2ae66f90b7788ab8950e8f81b829c947', NULL, '1', '$fake_email');");
+ header("location:home.php"); // We are done here. (I think.)
+ }
+ }else{
+ die('Failed to login, User / Password combo not found in database.';
+ }
}
- else
- {
- die('Failed to login, User / Password combo not found in database. Also: ' . $esc_pas);
- }
-
}
mysql_close($con);
-?>
+?>
Please sign in to comment.
Something went wrong with that request. Please try again.