librefm-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Librefm-commits] [1629] convert api/auth/index.php to adodb


From: Clint Adams
Subject: [Librefm-commits] [1629] convert api/auth/index.php to adodb
Date: Fri, 15 May 2009 16:55:30 +0000

Revision: 1629
          http://svn.sv.gnu.org/viewvc/?view=rev&root=librefm&revision=1629
Author:   clint
Date:     2009-05-15 16:55:30 +0000 (Fri, 15 May 2009)
Log Message:
-----------
convert api/auth/index.php to adodb

Modified Paths:
--------------
    trunk/nixtape/api/auth/index.php

Modified: trunk/nixtape/api/auth/index.php
===================================================================
--- trunk/nixtape/api/auth/index.php    2009-05-15 16:42:46 UTC (rev 1628)
+++ trunk/nixtape/api/auth/index.php    2009-05-15 16:55:30 UTC (rev 1629)
@@ -17,74 +17,81 @@
    You should have received a copy of the GNU Affero General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
-*/
+ */
 
-require_once('../../database.php');
+require_once('../../database2.php');
 ?>
 
 <html>
 
 <body>
 
-<?php if (isset($_POST['username'], $_POST['api_key'], $_POST['token'])) { ?>
+<?php if (isset($_POST['username'], $_POST['api_key'], $_POST['token'])) {
+       // Authenticate the user using the submitted password
+       try {
+               $result = $adodb->GetOne('SELECT username FROM Users WHERE '
+                               . 'username = ' . 
$adodb->qstr($_POST['username']) . ' AND '
+                               . 'password = ' . 
$adodb->qstr(md5($_POST['password'])));
+       }
+       catch (exception $e) {
+               die('Database error');
+       }
+       if (!$result)
+               die('Authentication failed');
 
-<?php
-// Authenticate the user using the submitted password
-$result = $mdb2->query('SELECT username FROM Users WHERE '
-       . 'username = ' . $mdb2->quote($_POST['username'], 'text') . ' AND '
-       . 'password = ' . $mdb2->quote(md5($_POST['password']), 'text'));
-if (PEAR::isError($result))
-       die('Database error');
-if (!$result->numRows())
-       die('Authentication failed');
+       // Bind the user to the token and cancel the expiration rule
+       try {
+               $result = $adodb->Execute('UPDATE Auth SET '
+                               . 'username = ' . 
$adodb->qstr($_POST['username']) . ', '
+                               . 'expires = 0 '
+                               . 'WHERE '
+                               . 'token = ' . $adodb->qstr($_POST['token']));
+       }
+       catch (exception $e) {
+               die('Database error');
+       }
+       ?>
 
-// Bind the user to the token and cancel the expiration rule
-$result = $mdb2->query('UPDATE Auth SET '
-       . 'username = ' . $mdb2->quote($_POST['username'], 'text') . ', '
-       . 'expires = ' . $mdb2->quote(0, 'integer') . ' '
-       . 'WHERE '
-       . 'token = ' . $mdb2->quote($_POST['token']));
-if (PEAR::isError($result))
-       die('Database error');
-?>
+               <p>Thank you very much, <?php print($_POST['username']); ?>.  
Your authorization has been recorded.</p>
 
-<p>Thank you very much, <?php print($_POST['username']); ?>.  Your 
authorization has been recorded.</p>
+               <p>You may now close the browser.</p>
 
-<p>You may now close the browser.</p>
+               <?php } elseif (!isset($_GET['api_key'], $_GET['token'])) { ?>
 
-<?php } elseif (!isset($_GET['api_key'], $_GET['token'])) { ?>
+                       <p>Must submit an api_key and token to proceed.</p>
 
-<p>Must submit an api_key and token to proceed.</p>
+                               <?php
+               } else {
 
-<?php } else { ?>
+                       // Ensures the token exists and is not already bound to 
a user
+                       try {
+                               $result = $adodb->GetRow('SELECT * FROM Auth 
WHERE '
+                                               . 'token = ' . 
$adodb->qstr($_GET['token']) . ' AND '
+                                               . 'username IS NULL');
+                       }
+                       catch (exception $e) {
+                               die('Database error');
+                       }
+                       if (!$result)
+                               die('Invalid token');
+                       ?>
 
-<?php
-// Ensures the token exists and is not already bound to a user
-$result = $mdb2->query('SELECT * FROM Auth WHERE '
-       . 'token = ' . $mdb2->quote($_GET['token'], 'text') . ' AND '
-       . 'username IS NULL');
-if (PEAR::isError($result))
-       die('Database error');
-if (!$result->numRows())
-       die('Invalid token');
-?>
+                               <form method="post" action="">
 
-<form method="post" action="">
+                               <p>Your Username: <input type="text" 
name="username" /></p>
 
-<p>Your Username: <input type="text" name="username" /></p>
+                               <p>Your Password: <input type="password" 
name="password" /></p>
 
-<p>Your Password: <input type="password" name="password" /></p>
+                               <p>
+                               <input type="submit" value="Submit" />
+                               <input type="hidden" name="api_key" 
value="<?php print($_GET['api_key']); ?>" />
+                               <input type="hidden" name="token" value="<?php 
print($_GET['token']); ?>" />
+                               </p>
 
-<p>
-<input type="submit" value="Submit" />
-<input type="hidden" name="api_key" value="<?php print($_GET['api_key']); ?>" 
/>
-<input type="hidden" name="token" value="<?php print($_GET['token']); ?>" />
-</p>
+                               </form>
 
-</form>
+                               <?php } ?>
 
-<?php } ?>
+                               </body>
 
-</body>
-
-</html>
+                               </html>





reply via email to

[Prev in Thread] Current Thread [Next in Thread]