|
|
|
@ -515,8 +515,26 @@
|
|
|
|
|
db_query($link, "COMMIT");
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function authenticate_user($link, $login, $password) {
|
|
|
|
|
|
|
|
|
|
$pwd_hash = 'SHA1:' . sha1($password);
|
|
|
|
|
|
|
|
|
|
$result = db_query($link, "SELECT id,login FROM ttrss_users WHERE
|
|
|
|
|
login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')");
|
|
|
|
|
|
|
|
|
|
if (db_num_rows($result) == 1) {
|
|
|
|
|
$_SESSION["uid"] = db_fetch_result($result, 0, "id");
|
|
|
|
|
$_SESSION["name"] = db_fetch_result($result, 0, "login");
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function authenticate_user($link) {
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function http_authenticate_user($link) {
|
|
|
|
|
|
|
|
|
|
if (!$_SERVER['PHP_AUTH_USER']) {
|
|
|
|
|
|
|
|
|
@ -529,16 +547,9 @@
|
|
|
|
|
|
|
|
|
|
$login = db_escape_string($_SERVER['PHP_AUTH_USER']);
|
|
|
|
|
$password = db_escape_string($_SERVER['PHP_AUTH_PW']);
|
|
|
|
|
$pwd_hash = 'SHA1:' . sha1($password);
|
|
|
|
|
|
|
|
|
|
$result = db_query($link, "SELECT id,login FROM ttrss_users WHERE
|
|
|
|
|
login = '$login' AND (pwd_hash = '$password' OR pwd_hash = '$pwd_hash')");
|
|
|
|
|
|
|
|
|
|
if (db_num_rows($result) == 1) {
|
|
|
|
|
$_SESSION["uid"] = db_fetch_result($result, 0, "id");
|
|
|
|
|
$_SESSION["name"] = db_fetch_result($result, 0, "login");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return authenticate_user($link, $login, $password);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
?>
|
|
|
|
|