add auth

app/routes/anpdf.php

@@ -189,14 +189,12 @@ function promo_kuri($hash, $page = 1, $promo = true){
    }
    
 
-    
+
    $tempcontent = VIEWPATH.'anpdf2.phtml'; //подшаблон
    include VIEWPATH.'layout.phtml'; //центральный шаблон
 
 
 
-
-
 }
 
 

app/routes/auth.php

@@ -1,26 +1,132 @@
 <?php
 
-function login(){
+function login_kuri(){
+
+
+    if (isset($_POST['username']) and isset($_POST['password'])){
+        $result = api_login($_POST['username'], $_POST['password']);
+
+        if (isset($result['error'])){
+            $error = $result['error'];
+        }
+
+
+        if (isset($result['data'])) {
+            
+            add_user_cookie($result['data']['client_id'], $result['data']['clientpassword']);
+            header('Location: '.SITE.'mybooks');
+        }    
+                 
+    }
+
+    $tempcontent =  VIEWPATH.'login.phtml';
+    include VIEWPATH.'layout_lite.phtml'; 
+
+    return true;
+
+}
+
+
+function out_kuri(){
+
+    unset($_COOKIE['user']); 
+    setcookie('user', null, -1); 
+
+    unset($_COOKIE['pwd']); 
+    setcookie('pwd', null, -1);   
+
+    header('Location: '.SITE.'login');
+
+
+}
+
+
+function add_user_cookie($user, $pwd){
+
+    $timeout = time()+(60*60*24*30);
+
+  //  ini_set ("session.use_trans_sid", true);
+   // session_start();
+
+    setcookie ("user", $user, $timeout, '/', $_SERVER['HTTP_HOST']);
+    setcookie ("pwd", md5($user.$pwd), $timeout, '/', $_SERVER['HTTP_HOST']);   
 
 }
 
 
 
-function resetpwd_kuri($mail){
-
-    $url = "/resetpwd/$mail";
+function check_login_kuri(){
+ //ini_set ("session.use_trans_sid", true);
+    //session_start(); 
     
-    if (isset($_POST['submit'])){
-        $result = client_add_password($mail, $_POST['pass'], $_POST['pass2']);
-        if ($result){
-            echo 'пароль установлен';
-        }    
+    $client = client_check_auth($_COOKIE['user'], $_COOKIE['pwd']);
+    
+    if (!isset($client['data'])){
+      return  $client;
     }
+    else {
+        return $client['data'];
+    }
+
+
+     
+    //$_SESSION['id'] = $row['id'];   //записываем в сессию id пользователя     
+
+
+}
+
+
+function redirect_login(){
+    header('Location: '.SITE.'login');
+    exit;
+}
+
+
+
+
+
+
+// if(password_verify($_POST["password"],$hashed_password))
+
+function resetpwd_kuri($hash){
+
+    $url = "/resetpwd/$hash";
+    $minlen = 5;
+    $viewform = true;
+
+    $client = client_find_hash($hash);
+
+    if (isset($client['error'])) {
+        $error = $client['error'];
+        $viewform = False;
         
+    }  
+    else if ($client['clientpassword'] !== ''){
+        $error = 'Пароль уже был изменен';
+        $viewform = False;
+    }
+
+    if (isset($_POST['reset-submit'])){ //пришла форма 
+       
+        $result = client_add_password($client['client_id'], $_POST['new-password'], $_POST['confirm-password'], $minlen);
+        if ($result){
+            add_user_cookie($client['client_id'], $_POST['new-password']);
+            $linklab  = SITE.'mybooks';
+            $viewform = False;
+        }  
+        else {
+            $error = $result['error'];
+        }  
+
+    }
+       
+   
+
+    $tempcontent =  VIEWPATH.'reset.phtml';
+    include VIEWPATH.'layout_lite.phtml'; //центральный шаблон
 
     
    
-    include VIEWPATH.'reset.phtml';
 
 
 }

app/routes/client.php

@@ -80,11 +80,18 @@ function addcard($id, $date) {
 }
 
 
-function mybooks_kuri($clienthash, $page = 1){
+function mybooks_kuri($page = 1){
 
+    $login = check_login_kuri();
+
+    if (!isset($login['data']['clienthash'])){
+     //  header('Location: '.SITE.'login');
+      //  exit;
+    }
+    
     $limit = 25;
-    $client = api_client_kuri($clienthash);
-    $baseurl = SITE."mybooks/$clienthash/";
+    $client = api_client_kuri($login['data']['clienthash']);
+    $baseurl = SITE."mybooks/";
 
     if (!$client) {
         echo 'Пользователь не найден';