====== Anhang H "Authentication“ Skript (scr.auth.php) ======
[[wiki:angewandte_informatik:kekse_ohne_salz_schmecken_nicht:szenario5:start|zurück zur Seite des Unterrichtsszenarios]]

<file php scr.auth.php>
<?php

/*!
 * scr.auth.php v4.2.0 (for Thesis Project)
 * Copyright (C) 2016 Simon Marik <simon.marik@univie.ac.at>
 * Licensed under the GNU General Public License v3.0
 */

session_start();
define(’ROOT’, ’../../’);
require_once(ROOT.’core/scr/scr.connect.php’);

/**
 * USER AUTHENTICATION
 * @param  int       $idnow
 * @uses   _SESSION  thesis-session
 * @uses   _SESSION  group
 * @uses   _SESSION  start
 * @uses   _SESSION  expire
 * @uses   _COOKIE   thesis-cookie
 * @uses   _COOKIE   thesis-token
 * @uses   _DB       usercheck
 * @uses   _DB       dbact
 * @var    arr       $pieces
 * @var    string    $cookiedec
 * @var    string    $time
 * @var    string    $date
 * @var    string    $username
 * @var    string    $group
 * @var    string    $now
 * @var    string    $activityen
 * @var    string    $activityde
 * @var    string    $cookietoken
 * @return void
 */

$idnow = $_SESSION[’user’];
$time = date(’H:i:s’);
$date = date(’Y-m-d’);
if(!isset($_COOKIE[’thesis-cookie’]))
{
   if (!isset($_SESSION[’thesis-session’]) || !$_SESSION[’thesis-session’])
   {
     echo ’<script> alert("Permission denied! Please sign in first.");
         window.location.href="’.ROOT.’core/index.php";</script>’;
else
   {
     $usercheck = ’SELECT username, groups FROM thesis_users WHERE
         id=\’’.$idnow.’\’;’;
     $dbconnect->real_escape_string($usercheck);
     $query = mysqli_query($dbconnect, $usercheck);
     $fetch = mysqli_fetch_object($query);
     $username = $fetch->username;
     $group = $fetch->groups;
     $now = time();
     if ($now > $_SESSION[’expire’])
     {
        session_unset();
        session_destroy();
        echo ’<script> alert("Session has expired! Please sign in again."); window.location.href="’.ROOT.’core/index.php";</script>’;
     }
     else
     {
        $_SESSION[’group’] = $group;
        $_SESSION[’start’] = time();
        $_SESSION[’expire’] = $_SESSION[’start’] + (30 * 60);
     } 
   }
}
if(isset($_COOKIE[’thesis-cookie’]))
{
   $cookiedec = base64_decode($_COOKIE["thesis-cookie"]);
   $pieces = explode(’-’, $cookiedec);
   $id = $pieces[0];
   $group = $pieces[1];
   
   $usercheck = ’SELECT username, password, groups FROM thesis_users WHERE id=\’’.$id.’\’;’;
   $dbconnect->real_escape_string($usercheck);
   $query = mysqli_query($dbconnect, $usercheck);
   $fetch = mysqli_fetch_object($query);
   
   $cookietoken = sha1(’’.$id.’-’.$group.’-’.substr($fetch->password, 7, 5).’-’.substr($fetch->username, 0, 5).’’);
   $username = $fetch->username;
   
   if(password_verify($cookietoken, $_COOKIE[’thesis-token’]))
   {
      $_SESSION[’thesis-session’] = true;
      $_SESSION[’user’] = $id;
      $_SESSION[’group’] = $group;
   }
   else
   {
      $_SESSION[’thesis-session’] = false;
      setcookie(’thesis-cookie’, ’’, time() - (86400 * 5000), "/");
      setcookie(’thesis-token’, ’’, time() - (86400 * 5000), "/");
      session_unset();
      session_destroy();
      echo ’<script> alert("Userdata changed! Please sign in again."); window.location.href="’.ROOT.’core/index.php";</script>’;
   }
}
?>
</file>