From 67a347bafb875be60e7554f308d80d7f0a1d2747 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 14 May 2008 10:54:36 -0400 Subject: considerable coding darcs-hash:20080514145436-84dde-d0994cb35d3fe8545d3f08abeec3cdfe7559c67d.gz --- common.php | 104 ++++++++++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 85 insertions(+), 19 deletions(-) (limited to 'common.php') diff --git a/common.php b/common.php index a6061920d..de0529a2e 100644 --- a/common.php +++ b/common.php @@ -5,7 +5,7 @@ // default configuration, overwritten in config.php $config = - array('site' => + array('site' => array('name' => 'Just another µB'), 'dsn' => array('phptype' => 'mysql', @@ -20,20 +20,7 @@ $config = require_once(INSTALLDIR . '/config.php'); require_once('DB.php'); -function common_database() { - global $config; - $db =& DB::connect($config['dsn'], $config['dboptions']); - if (PEAR::isError($db)) { - common_server_error($db->getMessage()); - } else { - return $db; - } -} - -function common_read_database() { - // XXX: read from slave server - return common_database(); -} +# Show a server error function common_server_error($msg) { header('Status: 500 Server Error'); @@ -43,12 +30,14 @@ function common_server_error($msg) { exit(); } -function common_user_error($msg) { +# Show a user error +function common_user_error($msg, $code=200) { common_show_header('Error'); common_element('div', array('class' => 'error'), $msg); common_show_footer(); } +# Start an HTML element function common_element_start($tag, $attrs=NULL) { print "<$tag"; if (is_array($attrs)) { @@ -67,7 +56,7 @@ function common_element_end($tag) { function common_element($tag, $attrs=NULL, $content=NULL) { common_element_start($tag, $attrs); - if ($content) print $content; + if ($content) print htmlspecialchars($content); common_element_end($tag); } @@ -75,7 +64,8 @@ function common_show_header($pagetitle) { global $config; common_element_start('html'); common_element_start('head'); - common_element('title', NULL, $pagetitle . " - " . $config['site']['name']); + common_element('title', NULL, + $pagetitle . " - " . $config['site']['name']); common_element_end('head'); common_element_start('body'); } @@ -85,6 +75,82 @@ function common_show_footer() { common_element_end('html'); } -// TODO: set up gettext +# salted, hashed passwords are stored in the DB + +function common_munge_password($id, $password) { + return md5($id . $password); +} + +# check if a username exists and has matching password +function common_check_user($nickname, $password) { + $user = User::staticGet('nickname', $nickname); + if (is_null($user)) { + return false; + } else { + return (0 == strcmp(common_munge_password($password, $user->id), + $user->password)); + } +} + +# is the current user logged in? +function common_logged_in() { + return (!is_null(common_current_user())); +} + +function common_have_session() { + return (0 != strcmp(session_id(), '')); +} + +function common_ensure_session() { + if (!common_have_session()) { + @session_start(); + } +} + +function common_set_user($nickname) { + if (is_null($nickname) && common_have_session()) { + unset($_SESSION['userid']); + return true; + } else { + $user = User::staticGet('nickname', $nickname); + if ($user) { + common_ensure_session(); + $_SESSION['userid'] = $user->id; + return true; + } else { + return false; + } + } + return false; +} + +# who is the current user? +function common_current_user() { + static $user = NULL; # FIXME: global memcached + if (is_null($user)) { + if (common_have_session()) { + $id = $_SESSION['userid']; + if ($id) { + $user = User::staticGet($id); + } + } + } + return $user; +} + +# get canonical version of nickname for comparison +function common_canonical_nickname($nickname) { + # XXX: UTF-8 canonicalization (like combining chars) + return strtolower($nickname); +} + +function common_render_content($text) { + # XXX: @ messages + # XXX: # tags + # XXX: machine tags + return htmlspecialchars($text); +} + +// XXX: set up gettext function _t($str) { $str } -- cgit v1.2.3-54-g00ecf