<?php

require_once ('php/db/db.php');

class Auth
{
	static function login ($conn)
	{
		global $conf;
	
		// Trying to get the user name and password.	

		$user = NULL;
		$password = NULL;
		$remember = FALSE;

		if (isset ($_POST['user']) && isset ($_POST['password']))
		{
			$user = $_POST['user'];
			$password = $_POST['password'];

			if (isset ($_POST['remember']))
				$remember = $_POST['remember'];
		}
		elseif (isset ($_SESSION['user']))
		{
			$user = $_SESSION['user'];
			$password = $_SESSION['password'];
		}
		elseif (isset ($_COOKIE['hedera_pass']) && isset ($_COOKIE['hedera_pass']))
		{
			$user = $_COOKIE['hedera_user'];
			$password = base64_decode ($_COOKIE['hedera_pass']);
			$remember = TRUE;
		}
		elseif (isset ($_GET['guest']))
		{
			$user = $conf['guest']['user'];
			$password = base64_decode ($conf['guest']['pass']);
		}

		// Validating the user against the database.

		if (isset ($user))
		{
			$conn->open ($conf['db']['host'], $user, $password, $conf['db']['name']);

			if ($conn->isOpen ())
			{
				if ($user != $conf['guest']['user'])
				{
					$cookieLife = time () + $conf['cookieLife'] * (60*60*24);
					setcookie ('hedera_user', $user, $cookieLife);

					if ($remember)
						setcookie ('hedera_pass',
							base64_encode ($password), $cookieLife);
				}

				$_SESSION['user'] = $user;
				$_SESSION['password'] = $password;

				return TRUE;
			}
			else
				Error::trigger ('Auth', 'badLogin',
					s('Invalid user or password'));
		}
		else
			Error::trigger ('Auth', 'sessionExpired',
				s('You have been idle too long and your session has expired'));

		return FALSE;
	}

	static function logout ($conn)
	{
		$conn->close ();
		setcookie ('hedera_pass', '', -1);
		unset ($_COOKIE['hedera_pass']);
		unset ($_SESSION['user']);
		unset ($_SESSION['password']);
	}
}

?>