safechat/html/login.php

<?php
/*! @file
    
    @id $Id$
*/
//       1         2         3         4         5         6         7         8
// 45678901234567890123456789012345678901234567890123456789012345678901234567890


/// Verify a user
/** Check if a user is consistent to the data in the server's database
    or create a user, if he does not yet exist in the usertable
    (and the user name is available).

    @param $user user's name
    @param $pubkey user's public key

    @return json encoded status with text:
       - success() in case of success (user exists or has been created)
       - error() in case of mismatch

    @api Verify a User
*/
function login($user, $pubkey) {
  try {
    require_once("opendb.php");
    if ($user=="safechat") error("username safechat is reserved for server");
    $verify = gnupg_import($pgp, $pubkey);
    if (!$verify) error("wrong identity");
    $user = $db->real_escape_string($user);
    $pubkey = $db->real_escape_string($pubkey);
    $q = $db->query("select * from user where name='$user' and pubkey='$pubkey';");
    if ($q->num_rows==1) {
      success("user $user found on server");
    } elseif ($q->num_rows==0) {
      $q = $db->query("insert into user (name, pubkey) values ('$user', '$pubkey');");
      if (!$q) error("creation of user failed");
      success("user $user created on server");
    } else {
      error("server database defect");
    }
  } catch (Exception $e) {
    error("login failed");
  }
}
login($_REQUEST['user'], $_REQUEST['pubkey']);
?>