check_admin_pass
Quote
check_admin_pass ( string $password )
Parameters
password
User's Administrative password in clear text, this will later be hashed with md5 by the function before checked against the original password to the user.
Return Values
This function will return true if the if the $password matches the user's Administrative password or if the Administrator´s cookie or session is set and is valid.
Example
Code
<?php
// Check if the user is an admin and that the aid link is correct
if (iADMIN || !defined("iAUTH") || $_GET['aid'] != iAUTH) { redirect("../index.php"); }
// Check if the form is submitted
if (isset($_POST['save'])) {
// Check if the admin password is correct
if (check_admin_pass(isset($_POST['admin_password']) ? stripinput($_POST['admin_password']) : "")) {
// Set/update admin pass cookie/session
set_admin_pass(isset($_POST['admin_password']) ? stripinput($_POST['admin_password']) : "");
// Secure actions goes here
} else {
// Redirect if admin password fails
redirect(FUSION_SELF.$aidlink);
}
}
// Start the form
echo "<form name='inputform' method='post' action='".FUSION_SELF.$aidlink."'>n";
// Here goes other elements of the form
// Here comes the admin password part
if (!check_admin_pass(isset($_POST['admin_password']) ? stripinput($_POST['admin_password']) : "")) {
echo "<input type='password' name='admin_password' value='".(isset($_POST['admin_password']) ? stripinput($_POST['admin_password']) : "")."' class='textbox' style='width:150px;' />n";
}
// Submit button
echo "<input type='submit' name='save' value='Submit' class='button' />n";
echo "</form>n";
?>
The above example demonstrates how the check_admin_pass() and set_admin_pass() works together.
Changelog
7.01.00 - Function added to PHPFusion
Notes
The function uses the $_SESSION[COOKIE_PREFIX.'admin'] if sessions are enables instead of cookies.