Untitled

<?php # User Authentication Library : Initilization

# Environment Setup
$auth = array();
$auth['session_limit'] = day * 2; # Default expire time (move to mysql)
$UADecryptionKey = 'key'; # Move to sql, have change every week
setcookie('sess_id', 'to', day);
setcookie('sess_user', md5('testcatfacts'), day);
if(!is_null($_COOKIE['sess_id'])) { # Awake from valid session
	$sess_id = EXMySQLSafe($_COOKIE['sess_id']);
	$session = mysql_fetch_assoc(EXMySQLQuery("SELECT *  FROM `[prefix]sessions` WHERE `id` = CONVERT(_utf8 '{$sess_id}' USING latin1) COLLATE latin1_swedish_ci"));
	$user_result = EXMySQLQuery("SELECT * FROM `[prefix]users` WHERE `username` = CONVERT(_utf8 '{$session['user']}' USING latin1) COLLATE latin1_swedish_ci");
	$user_check = mysql_num_rows($user_result);
	$user = mysql_fetch_assoc($user_result);
	$username_md5 = md5($UAKey.$session['key'].$user['username']);
	# Validate the data
	if($_COOKIE['sess_user'] == $username_md5) { # Reload current session
		$t1 = explode(MLDF1, $session['conf']); # Session Configuration [transient]
		$auth['conf'] = explode(MLDF2, $t1);
		$t2 = explode(MLDF1, $user['conf']); # User Configuration [persistant]
		$auth['uconf'] = explode(MLDF2, $t2);
		$auth['user'] = array( # Common Info
			'id' => $user['id'], 'name' => $user['username'], 'display-name' => $user['dname'], 'first-name' => $user['fname'],
			'middle-name' => $user['mname'], 'last-name' => $user['lname'], 'email' => $user['email'] );
		$auth['role'] = $user['role'];
		$auth['type'] = $user['type'];
		$auth['permissions'] = str_split($user['permissions']);
		$auth['guest'] = false; # Don't touch the cookies
	} else { # Destroy current session and make new
		EXMySQLQuery("DELETE FROM `[prefix]sessions` WHERE CONVERT(`[prefix]sessions`.`id` USING utf8) = '{$sess_id}' LIMIT 1");
		setcookie('sess_id', null, destroy);
		setcookie('sess_user', null, destroy);
		$gsession = true;
	} # From here we play god
} if(isset($_POST['UAU']) and isset($_POST['UAP'])) { # Render from form input
	$username = EXMySQLSafe($_POST['UAU']); $password = md5($_POST['UAP']);
	$user = mysql_fetch_assoc(EXMySQLQuery("SELECT * FROM `[prefix]users` WHERE `username` = CONVERT(_utf8 '{$username}' USING latin1) COLLATE latin1_swedish_ci"));
	if($password == $user['password']) { # Verified
		$auth['conf'] = array(); # Session Configuration [transient]
		$t = explode(MLDF1, $user['conf']); # User Configuration [persistant]
		$auth['uconf'] = explode(MLDF2, $t2);
		$auth['user'] = array( # Common Info
			'id' => $user['id'], 'name' => $user['username'], 'display-name' => $user['dname'], 'first-name' => $user['fname'],
			'middle-name' => $user['mname'], 'last-name' => $user['lname'], 'email' => $user['email'] );
		$auth['role'] = $user['role']; $auth['type'] = $user['type'];
		$auth['permissions'] = str_split($user['permissions']);
		$auth['guest'] = false;
		$sess = md5(date(EXDateSDF_YMDHMSM));
		$sess_user = md5($UAKey.$sess.$username);
		setcookie('sess_id', $sess, day);
		setcookie('sess_user', $sess_user, day);
		EXMySQLQuery();
	} else $gsession = true;
} if($gsession) { # Render from guest template
	# Um... is there any point to loading any user config at all? or is this a good solution?
	$auth['conf'] = $auth['uconf'] = EXConfRead('guest-config');
	$auth['user'] = array( # Common Info
		'id' => 0, 'name' => 'guest', 'display-name' => 'Guest', 'first-name' => 'Johnny',
		'middle-name' => 'T', 'last-name' => 'Guest', 'email' => null );
	$username = 'guest';
	$role = 'UAGuestAccount';
	$type = UAGuest;
	$auth['guest'] = true;
	$sess = md5(date(EXDateSDF_YMDHMSM));
	$sess_user = md5($UAKey.$sess.$username);
	setcookie('sess_id', $sess, day);
	setcookie('sess_user', $sess_user, day);
	EXMySQLQuery();
}

/* things to set up
user conf
sess conf
username
display name
fname, mname, lname
role
type
permissions?
is guest */