<?PHP
session_start();
//session_regenerate_id();

//Database login:
//include_once 'db.inc.php';


$mydomain = "http://www.mazetd.4xg.net";

//https://www.google.com/accounts/o8/id?id=AItOawl4GX29ka40T4ZeuXnR2FVsP4LZWaED_T8
//https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3DAItOawl


include_once("./includes/header.php");



function sql_clean($string) { 
   if (get_magic_quotes_gpc()) { 
      $string = stripslashes($string); 
   }
   $string = mysql_real_escape_string($string);  
   return $string; 
} 

function CookieLogin() {
	include_once "includes/db.inc.php";
	$userID = $_COOKIE['userID'];
	$auth = $_COOKIE['auth'];

	$sql = "SELECT `openID`, `displayName`, `isAdmin`
	FROM `users`
	WHERE `ID` = '$userID'
	";
	
	$result = mysql_query($sql);
	if (mysql_num_rows($result) == 0)
		return;
		
	list($claimedid, $display, $isAdmin) = mysql_fetch_row($result);
		
	$salt = "33qs5d4j6z98gt1a7n6b5d4x1c66f5nuh8a6d8g9j09aphgf56z5745";
	$pepper = "Dear sir, have you ever heard of a wild goose chase? 
		If you've gotten this far, please email me: snapwilliam@gmail.com with this message.
		I'll give you some sort of prize.";
	$one = MD5($claimedid);
	$two = MD5($one.$salt);
	$three = MD5($pepper.$two);
	
	if ($auth == $three) {
		$_SESSION['accepted'] = 1;
      $_SESSION['userID'] = $userID;
      $_SESSION['displayName'] = $display;
		if ($isAdmin == 1)
			$_SESSION['isAdmin'] = true;

	}
	header("Location: $mydomain");
}


//error_reporting(0); 
//$old_error_handler = set_error_handler("userErrorHandler");
function userErrorHandler ($errno, $errmsg, $filename, $linenum,  $vars) {
  $time=date("d M Y H:i:s"); 
  // Get the error type from the error number 
  $errortype = array (1    => "Error",
							 2    => "Warning",
							 4    => "Parsing Error",
							 8    => "Notice",
							 16   => "Core Error",
							 32   => "Core Warning",
							 64   => "Compile Error",
							 128  => "Compile Warning",
							 256  => "User Error",
							 512  => "User Warning",
							 1024 => "User Notice");
	$errlevel=$errortype[$errno];

	//Write error to log file (CSV format) 
	$errfile=fopen("errors.csv","a"); 
	fputs($errfile,"\"$time\",\"$filename: 
	$linenum\",\"($errlevel) $errmsg\"\r\n"); 
	fclose($errfile);

	//if($errno!=2 && $errno!=8) {
		//Terminate script if fatal error
		//die("A fatal error has occurred. Script execution has been aborted");
	//} 
}






Function DoLogin($Username, $Password, $RememberMe = False, $EN = False) {
   
   If ($EN == False) {
      $MD5Salt = "LoveSnap";
      $Password = MD5($Password.$MD5Salt);
      //Echo " .Encrypted Entry. ";
   }
   If ($RememberMe = True) {
      setcookie("RUsername", $Username, time()+(60*60*24*30));
      setcookie("RPassword", $Password, time()+(60*60*24*30));
      setcookie("DoLogin", "True", time()+(60*60*24*30));
   }
   //Echo "Logging in...";
   
   $sql = "SELECT `ID`, `Username`, `Password`, `Status` FROM `USERS` 
   WHERE `Username` = '$Username' AND `Password` = '$Password'";
   $result = mysql_query($sql);
   If (mysql_num_rows($result) == 0) {
      Return "Error username/password did not match";
   } Else {
   $theID = mysql_result($result, 0, 'ID');
   $Username = mysql_result($result, 0, 'Username');
   $Password = mysql_result($result, 0, 'Password');
   $Status = mysql_result($result, 0, 'Status');
   
   $Pepper = "MyPepperWuvsMe!@#$1234";
   
   $_SESSION['accepted'] = 1;
   //If 'remember me' use this for cookie password
   $_SESSION['passcode'] = MD5($Password.$Pepper.$Username);
   $_SESSION['userID'] = $theID;
   $_SESSION['displayName'] = $Username;
   $_SESSION['status'] = $Status;
   
   
   $sql = "UPDATE `USERS` SET `Last_Logon` = ".Time()." WHERE `ID` = $theID LIMIT 1";
   $result = mysql_query($sql);
   return 1;
   exit;
   }
}


Function CheckAuth($page) {
   //!!
   if ($_SESSION['Accepted'] == 1) {
      return true;
   } else {
      //DoRedirect("Logging you in...", "$mydomain?page=login&ref=$mydomain$page", 1);
      header("Location: $mydomain?page=login&ref=$mydomain?page=$page");
      return false;
   }
}

//!! Contains domain !!
Function DoRedirect($message = "Thanks", $to = "http://www.mazetd.4xg.net/", $duration = "3") {
   $to=(is_null($to)?'http://www.mazetd.4xg.net/':$to);
   
   if ($duration == 0) {
      header("Location: $to");
   }
   
   //require "format/header.php";
   echo "
   <meta http-equiv='refresh' content='$duration; url=$to' />
   <br />
   <br />
   <br />
   <br />
   <br />
   <center>
   <table>
   <tr><td>
      <center>$message
      <br />You are now being redirected.
      <br /><a href='$to'>Click here if not redirected in $duration seconds.</a>
      </center>
   </td></tr>
   </table>
   </center>
   </body>
   </html>
";

}




?>