$session_timeout = 10*60*60;
// DEBUG
//error_reporting(E_ALL);
//ini_set('display_errors', '1');
/* simple session-based authentication
if got login/pass ->
try to establish a session
if ok redirect to previous page
else show error and a login prompt
else
do nothing, function authorize() will be available to the calling script
*/
function sql_connect_auth() {
global $auth_db;
if (isset($auth_db)) {
// already connected
return;
}
$auth_db = new mysqli('localhost','fans','Bt2bX8CWEduA4Vb2', 'npcs');
if (mysqli_connect_error()) {
throw new Exception('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
}
$auth_db->set_charset('utf8');
}
function sql_query($query,$debug=false) {
global $auth_db;
if ($debug) {
die(htmlspecialchars($query));
} else {
$res = $auth_db->query($query);
if ($res === false) {
throw new Exception ($auth_db->error.' query was '.$query.'');
} else {
return $res;
}
}
}
function authorize() {
global $auth_db;
$success = false;
if ( isset($_COOKIE['npcs_reader_sid']) ) {
$sid=$_COOKIE['npcs_reader_sid'];
$temp=sql_query("select * from `sessions` natural join `users` where `sid`='".$auth_db->real_escape_string($sid).
"' and `ip`=inet_aton('".$auth_db->real_escape_string($_SERVER['REMOTE_ADDR'])."')" );
if ($temp->num_rows == 1) {
$sessionData=$temp->fetch_assoc();
if($sessionData['expires']