}
return $xml;
}
-
+
/*
* Check that supplied credentials are valid using basic authentication
*
*/
public function login(){
- if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])){
- $user = new User_Model();
- if ($user->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
- print "OK";
- else {
- header('HTTP/1.0 401 Unauthorized');
- print "Invalid credentials";
- die;
- }
- }
- else {
- header('HTTP/1.0 401 Unauthorized');
+ if (isset($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])){
+ $user = new User_Model();
+ if ($user->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
+ print "OK";
+ else {
+ header('HTTP/1.0 401 Unauthorized');
+ print "Invalid credentials";
+ die;
+ }
+ }
+ else {
+ header('HTTP/1.0 401 Unauthorized');
print "No credentials supplied";
die;
- }
-
+ }
+
}
}
\ No newline at end of file
* @return bool Returns True if operation was successfull and exception otherwise
*/
private function register($username, $password, $email){
- // hash password
+ // hash password
$password = $this->hash($password);
-
+
// @todo I can't seem to get query working when password binding has '' around it like others
if ($this->user_exists($username, $email)==false)
- return $this->db->query("INSERT into users SET username = '?', password = ?, email = '?'",
- $username, $password, $email);
+ return $this->db->query("INSERT into users SET username = '?', password = ?, email = '?'",
+ $username, $password, $email);
else
return false;
}
-
+
/*
* Hash password supplied by user using salt stored in config file
- *
+ *
* @param string $password Password in plain text format
* @return string Returns string containing hash generated from password
*/
private function hash($password){
- return sha1($password.Kohana::config('api.salt'));
+ return sha1($password.Kohana::config('api.salt'));
}
/*
* @return bool Returns True if user exists and false otherwise
*/
private function user_exists($username, $email){
- if ($this->db->query("SELECT id FROM users WHERE username = '?' OR email = '?'",
+ if ($this->db->query("SELECT id FROM users WHERE username = '?' OR email = '?'",
$username, $email)->count()>0)
return true;
else
- return false;
+ return false;
}
-
+
/*
* Check if supplied credentials are valid
- *
+ *
* @param string $username Username
* @param string $password Password in plain text format
* @return bool True if credentials match and false if supplied credentials are invalid
public function login($username, $password){
// hash password
$password = $this->hash($password);
-
+
if ($this->db->query("SELECT id FROM users WHERE username = ? AND password = ?",
$username, $password)->count()>0)
return true;
projects / speedfreak / commitdiff