WWW/lib/auth_ver.php

<?php

   ///////////////////////////////////////////////////////////
  // Функция верификации аутентификации                    //
 //                                                       //
//////////// (c) 2006, Виталий Филиппов [VMX]  ////////////
         ////////////////////////////////////////

require_once 'config.php';

function get_display_name ($username)
{
        global $result, $UsersTable;
        $username = strip_tags ($username); // anti-XSS
        $usernameM = mysql_escape_string ($username);
        $result = amysql_query ("SELECT `firstname`, `thirdname` FROM `$UsersTable` WHERE `login`='$usernameM' LIMIT 1");
        if (!$result)
                return false;
        $row = mysql_fetch_assoc ($result);
        return $row ['firstname'] . ' ' . $row ['thirdname'];
}

function auth_verify ($username, $usermd5, &$userid, &$userlevel, &$displayname)
{
        global $result, $UsersTable;
        $userid = -1;
        $userlevel = -1;
        $username = strip_tags ($username); // anti-XSS
        $usernameM = mysql_escape_string ($username);
        $result = amysql_query ("SELECT `id`, `password`, `level`, `firstname`, `thirdname` FROM `$UsersTable` WHERE `login`='$usernameM' LIMIT 1");
        if (!$result)
                return false;
        $row = mysql_fetch_assoc ($result);
        if (strcmp ($row ['password'], $usermd5) != 0)
                return false;
        $userid = 1 + $row ['id'] - 1;
        $userlevel = 1 + $row ['level'] - 1;
        $displayname = $row ['firstname'] . ' ' . $row ['thirdname'];
        return true;
}

?>
1	vitalif	2	<?php
2
3			///////////////////////////////////////////////////////////
4			// Функция верификации аутентификации //
5			// //
6			//////////// (c) 2006, Виталий Филиппов [VMX] ////////////
7			////////////////////////////////////////
8
9	vitalif	8	require_once 'config.php';
10	vitalif	2
11			function get_display_name ($username)
12			{
13			global $result, $UsersTable;
14			$username = strip_tags ($username); // anti-XSS
15			$usernameM = mysql_escape_string ($username);
16			$result = amysql_query ("SELECT `firstname`, `thirdname` FROM `$UsersTable` WHERE `login`='$usernameM' LIMIT 1");
17			if (!$result)
18			return false;
19			$row = mysql_fetch_assoc ($result);
20			return $row ['firstname'] . ' ' . $row ['thirdname'];
21			}
22
23			function auth_verify ($username, $usermd5, &$userid, &$userlevel, &$displayname)
24			{
25			global $result, $UsersTable;
26			$userid = -1;
27			$userlevel = -1;
28			$username = strip_tags ($username); // anti-XSS
29			$usernameM = mysql_escape_string ($username);
30			$result = amysql_query ("SELECT `id`, `password`, `level`, `firstname`, `thirdname` FROM `$UsersTable` WHERE `login`='$usernameM' LIMIT 1");
31			if (!$result)
32			return false;
33			$row = mysql_fetch_assoc ($result);
34			if (strcmp ($row ['password'], $usermd5) != 0)
35			return false;
36			$userid = 1 + $row ['id'] - 1;
37			$userlevel = 1 + $row ['level'] - 1;
38			$displayname = $row ['firstname'] . ' ' . $row ['thirdname'];
39			return true;
40			}
41
42			?>
Powered by ViewVC 1.2.svn2905+4intranet-1
Admin address:	ViewVC Help