First of all, a sample XML user file (passwords are SHA256, file name should be users.xml.php):
Code: Select all
<?xml version="1.0" encoding="UTF-8"?><?php exit; ?><users> <user> <username>username</username> <password>5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8</password> </user></users>Code: Select all
<?php
/*
XML User Management System
(C) Copyright 2008 Blake Buckalew
*/
session_start();
define(HASH,'sha256');
define(XUMSVER,'0.1');
define(XMLFILE,'users.xml.php');
# Let's do some checks first:
if (!in_array(HASH,hash_algos()))
{
exit('The selected hash is unvailable on this server.'); // error
}
# Start of Functions
$XML = simplexml_load_file(XMLFILE);
function debug_xml()
{
echo '<pre>';
global $XML;
print_r($XML);
echo '</pre>';
}
# Add user function, returns false if user already exists.
function add_user($user,$pass)
{
global $XML;
foreach($XML->user as $u)
{
if($u->username == $user) // Does the user already exist?
{
return false;
}
}
$newuser = $XML->addChild('user');
$newuser->addChild('username',$user);
$newuser->addChild('password',hash(HASH,$pass));
file_put_contents(XMLFILE,$XML->asXML());
}
# Login function, returns true on success and can optionally set variables for you.
function login($username,$password,&$authvar=false,&$unamevar=false)
{
global $XML;
foreach($XML->user as $u)
{
if($u->username == $username and comparetohash($password,$u->password))
{
$r = true;
# Set variables
if($authvar) {$authvar = $r;}
if($unamevar) {$unamevar = $username;}
return $r;
}
}
}
function comparetohash($pass,$hash)
{
return hash(HASH,$pass) == $hash ? true : false;
}
# TESTING the functions:
login('username','password',$_SESSION['auth']);
if($_SESSION['auth'] == true){echo 'Logged in';}else{echo 'Wrong password';}
add_user('fred','password');
debug_xml();
?>