rewrite

1 files changed, 47 insertions, 0 deletions

diff --git a/includes/sys_auth.php b/includes/sys_auth.php
new file mode 100644
index 00000000..1c15122e
--- /dev/null
+++ b/includes/sys_auth.php
@@ -0,0 +1,47 @@
+<?php
+
+
+// Testet ob ein User eingeloggt ist und lädt die entsprechenden Privilegien
+function load_auth() {
+	global $user;
+
+	$user = null;
+	if (isset ($_SESSION['uid'])) {
+		$user = sql_select("SELECT * FROM `User` WHERE `UID`=" . sql_escape($_SESSION['uid']) . " LIMIT 1");
+		if (count($user) > 0) {
+			// User ist eingeloggt, Datensatz zur Verfügung stellen und Timestamp updaten
+			list ($user) = $user;
+			sql_query("UPDATE `User` SET " . "`lastLogIn` = '" . time() . "'" . " WHERE `UID` = '" . $_SESSION['uid'] . "' LIMIT 1;");
+		} else
+			unset ($_SESSION['uid']);
+	}
+
+	load_privileges();
+}
+
+function load_privileges() {
+	global $privileges, $user;
+
+	$privileges = array ();
+	if (isset ($user)) {
+		$user_privs = sql_select("SELECT `Privileges`.`name` FROM `User` JOIN `UserGroups` ON (`User`.`UID` = `UserGroups`.`uid`) JOIN `GroupPrivileges` ON (`UserGroups`.`group_id` = `GroupPrivileges`.`group_id`) JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `User`.`UID`=" . sql_escape($user['UID']) . ";");
+		foreach ($user_privs as $user_priv)
+			$privileges[] = $user_priv['name'];
+	} else {
+		$guest_privs = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`=-1;");
+		foreach ($guest_privs as $guest_priv)
+			$privileges[] = $guest_priv['name'];
+	}
+}
+
+function PassCrypt($passwort) {
+	global $crypt_system;
+
+	switch ($crypt_system) {
+		case "crypt" :
+			return "{crypt}" . crypt($passwort, "77");
+		case "md5" :
+			return md5($passwort);
+	}
+}
+?>
\ No newline at end of file