login / logout

src/auth.php

@@ -0,0 +1,32 @@
+<?php
+require_once('common.php');
+require_once('config_sanddir.php');
+function login()
+{
+    if (checkpw())
+    {
+        $_SESSION['token'] = md5($_POST['user'] .  $_POST['password']);
+        header('Location: /');
+    }
+}
+
+session_start();
+
+if (isset($_POST['user']) && isset($_POST['password']))
+{
+    login();
+}
+?>
+
+<form method="POST" action="/auth.php">
+    <label>User:
+        <input type="text" name="user" id="user" />
+    </label>
+    </br>
+    <label>Password:
+        <input type="password" name="password" id="password" />
+    </label>
+    </br>
+    <input type="submit" value="Submit" />
+</form>
+

src/common.php

@@ -1,4 +1,16 @@
 <?php
+function checkpw()
+{
+    return (
+            isset($_SESSION['token']) &&
+            $_SESSION['token'] == md5($GLOBALS['SANDDIR_USER'] . $GLOBALS['SANDDIR_PASSWORD'])
+        ) ||
+        isset($_POST['user']) &&
+        isset($_POST['password']) &&
+        $_POST['user'] == $GLOBALS['SANDDIR_USER'] &&
+        $_POST['password'] == $GLOBALS['SANDDIR_PASSWORD'];
+}
+
 
 function gen_identifier($share)
 {

src/config_sanddir.php

@@ -1,4 +1,6 @@
 <?php
 $SANDDIR_ROOT_DIR = './share';
 $SANDDIR_SALT = 'abcde12345abcde12345';
+$SANDDIR_USER = 'a';
+$SANDDIR_PASSWORD = 'b';
 ?>

src/index.php

@@ -3,10 +3,17 @@
 $new_share = NULL;
 $selected_dir = NULL;
 
+session_start();
+
 require_once('./common.php');
 
 require_once('./config_sanddir.php');
 
+if (!checkpw())
+{
+    header('Location: /auth.php');
+}
+
 if (isset($_GET['dir']))
 {
     $selected_dir = $_GET['dir'];
@@ -34,4 +41,10 @@ else if ($selected_dir)
 }
 
 ?>
+
+<footer>
+    <form method="POST" action="/auth.php">
+        <input type="submit" value="Log out" />
+    </form>
+</footer>
 </html>