1 files changed, 92 insertions, 0 deletions

diff --git a/app/model/login.php b/app/model/login.php
new file mode 100644
index 0000000..af4a5b3
--- /dev/null
+++ b/app/model/login.php
@@ -0,0 +1,92 @@
+<?php
+
+/*
+ * SCROTT IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+ * IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ *
+ * For more information, please refer to UNLICENSE
+ */
+
+require_once "class/form.class.php";
+require_once "class/user.class.php";
+require_once "class/settings.class.php";
+
+/*
+ * Action: login - Attempt to authenticate new user
+ */
+if (isAction("login"))
+{
+    $form = new form();
+    $form->text("uname");
+    $form->text("passwd", false);
+
+    if (!$form->populate(input()))
+        goto prep;
+
+    if (!(($user = user::getByUname($form->uname)) &&
+           $user->validatePasswd($form->passwd)))
+    {
+        logError(ERROR, "Username or password is incorrect");
+        goto prep;
+    }
+
+    user::setCurrent($user);
+    location("/");
+}
+
+/*
+ * Action: signup - Attempt to register a new account
+ */
+if (isAction("signup"))
+{
+    if (!settings::allowPublicSignup() &&
+        count(user::getAll_ordByUname()) > 0)
+    {
+        logError(ERROR, "You may not signup at this time");
+        goto prep;
+    }
+
+    $form = new form();
+    $form->text("uname");
+    $form->text("passwd", false);
+    $form->text("cpasswd", false);
+
+    if (!$form->populate(input()))
+        goto prep;
+
+    if ($form->passwd != $form->cpasswd)
+    {
+        logError(ERROR, "Passwords do not match");
+        goto prep;
+    }
+
+    if (!($user = user::initNew($form->uname, $form->passwd)))
+    {
+        logError(ERROR, "Your requested username is already in use");
+        goto prep;
+    }
+
+    user::setCurrent($user);
+    location("/");
+}
+
+prep:
+
+    if (count(user::getAll_ordByUname()) == 0)
+    {
+        $noaccounts = true;
+        $activeTab['signup'] = "in active";
+        $tabSwap = false;
+    }
+    else
+    {
+        $activeTab['login'] = "in active";
+        $tabSwap = settings::allowPublicSignup();
+    }
+
+?>