NEW FEATURE: provide an RSS feed for each user showing in which games it's his turn
[e-DoKo.git] / include / login.php
1 <?php
2 /* make sure that we are not called from outside the scripts,
3  * use a variable defined in config.php to check this
4  */
5 if(!isset($HOST))
6   exit;
7
8 include_once('openid.php');
9
10 function escape($thing) {
11     return htmlentities($thing);
12 }
13
14 /* check for openid stuff */
15 if($OPENIDPATH && myisset('openid_identity') && $_REQUEST['openid_identity']!='')
16   {
17     /* what openid is being used? */
18     $openid_url = OpenIDUrlEncode($_REQUEST['openid_identity']);
19     /* get the userid from the database, openids need to be registered within E-DoKo */
20     $data = OpenIDVerify();
21     $ok  = 0;
22
23     /* verify ok? */
24     if($data)
25       {
26         /* do we know this openid?*/
27         $myid = DB_GetUserId($openid_url);
28
29         if(!$myid)
30           {
31             /* openid unknown, perhaps not registered? */
32             echo "<p>Openid ok, but not registered with any account. If you have an account ".
33               "on E-DoKo, please log in and add your openid in your preferences first. </p>\n";
34
35
36             /* or perhaps a new user...*/
37             $email = $data['email'];
38             $name  = $data['fullname'];
39             echo "<p>If you wan to register a new account with this OpenID, please follow this ".
40               "<a href=\"index.php?action=register&amp;openid_url=".$openid_url.
41               "&amp;openidname=$name&amp;openidemail=$email\">link</a>.</p>";
42           }
43         else
44           $ok=1;
45       }
46
47     if($ok)
48       {
49         /* user information is ok, set session variabel */
50         $email  = DB_get_email('userid',$myid);
51         $myname = DB_get_name('email',$email);
52         $password =  DB_get_passwd_by_userid($myid);
53         $_SESSION['name'] = $myname;
54         $_SESSION['id']   = $myid;
55         $_SESSION['pass'] = $password;
56       }
57   }
58 else if($OPENIDPATH && myisset('openid_url') && $_REQUEST['openid_url']!='')
59   {
60     OpenIDAskForVerification(OpenIDUrlEncode($_REQUEST['openid_url']));
61   }
62 /* check if normal login information is present */
63 else if(myisset('email','password'))
64   {
65     $email     = $_REQUEST['email'];
66     $password  = $_REQUEST['password'];
67
68     /* verify password and email */
69     if(strlen($password)!=32)
70       $password = md5($password);
71
72     $ok  = 1;
73     $myid = DB_get_userid('email-password',$email,$password);
74     if(!$myid)
75       $ok = 0;
76
77     if($ok)
78       {
79         /* user information is ok, set session variabel */
80         $myname = DB_get_name('email',$email);
81         $_SESSION['name'] = $myname;
82         $_SESSION['id']   = $myid;
83         $_SESSION['pass'] = $password;
84       }
85   }
86 else
87   {
88     echo "can't log you in... missing login information.";
89   }
90 ?>