<?php
# Copyright 2001-2006 by VIKO team and contributors
#
# This file is part of VIKO.
#
# VIKO is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# VIKO is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with VIKO; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA


/**
 * Functions for managing the authentication process.
 *
 */


/**
 * Authenticates user.
 *
 * Tries to authenticate the user with supplied $username and $password
 * returns true on success.
 */
function authenticate($username, $password)
{
    // Try authenticating the user with applying
    // SHA1 function to the password
    if ( auth_with_sha1($username, $password) )
    {
        return true;
    }
    // If this fails, then the password might be stored
    // with either PASSWORD() or OLD_PASSWORD() function.
    // First try with PASSWORD and then with OLD_PASSWORD.
    elseif (
        auth_with_password($username, $password) ||
        auth_with_old_password($username, $password)
    ) {
        // re-save the password
        // using the current password encryption technology of VIKO
        save_password($username, $password);

        return true;
    }
    // Finally give up and return error
    else
    {
        return false;
    }
}


/**
 * Authenticates student.
 *
 * Use for authenticating students instead
 * of the general authenticate() function.
 */
function authenticate_student($username, $password)
{
    return authenticate($username, $password);
}


/**
 * Authenticates teacher.
 *
 * Ensures, that level is > 0.
 */
function authenticate_teacher($username, $password)
{
    return (
        authenticate($username, $password) &&
        get_user_level($username) > 0
    );
}


/**
 * Authenticates administrator.
 *
 * Ensures, that level is > 1.
 */
function authenticate_admin($username, $password)
{
    return (
        authenticate($username, $password) &&
        get_user_level($username) > 1
    );
}


/**
 * Saves new password.
 *
 * Changes the password belonging to $username.
 * Since VIKO 1.1 SHA1 function is used to encrypt the password.
 */
function save_password($username, $password)
{
    mysql_query("
        UPDATE
            Users
        SET
            password = SHA1('$password')
        WHERE
            username='$username'
    ");
}


/**
 * Get the user level number.
 *
 * Returns the level number, corresponding to supplied $username.
 * If username does not exist, returns FALSE.
 */
function get_user_level($username)
{
    $result = mysql_query("
        SELECT
            level
        FROM
            Users
        WHERE 
            username = '$username'
        LIMIT 1
    ");

    if ( mysql_num_rows($result) == 1 )
    {
        $user = mysql_fetch_array($result);
        return $user["level"];
    }
    else
    {
        return false;
    }
}


// Authenticates the user by applying
// custom hashfunction to the $password.
// On success returns true.
function auth_with_custom_password_function($username, $password, $function)
{
    $result = mysql_query("
        SELECT
            user_id
        FROM
            Users
        WHERE 
            username = '$username' AND
            password = $function('$password')
        LIMIT 1
    ");

    return ( mysql_num_rows($result) == 1 ) ? true : false;
}


// uses OLD_PASSWORD() to authent
function auth_with_old_password($username, $password)
{
    return auth_with_custom_password_function($username, $password, "OLD_PASSWORD");
}


// uses PASSWORD() to authent
function auth_with_password($username, $password)
{
    return auth_with_custom_password_function($username, $password, "PASSWORD");
}


// uses SHA1() to authent
function auth_with_sha1($username, $password)
{
    return auth_with_custom_password_function($username, $password, "SHA1");
}


?>