<?php

function CheckLogin($username='', $password='', $chat=-1) {
	if ($chat == -1)
		$chat = $GLOBALS['id'];
	$chat = SQL_EscapeString($chat)+0;
	
	$chap = false;
	if ((intval($_REQUEST['chap_selftest']) == 1) && ($_REQUEST['chap_challenge'] == $_SESSION['chap']['challenge'])) {
		$chap = true;
	}
	$_REQUEST['chap'] = $chap;

	if (empty($username))
		$username = PChoose($_SESSION['chats'][$GLOBALS['id']]['username'], $_SESSION['chats'][0]['username']);
	$query_username = SQL_EscapeString($username);

	if (empty($password))
		$password = PChoose($_SESSION['chats'][$GLOBALS['id']]['password'], $_SESSION['chats'][0]['password']);
	if (strlen($password) != 40)
		$password = SQL_EscapeString(sha1($password));
	else
		$password = SQL_EscapeString($password);

	$country = $_SESSION['host']['country']['name2'] != 'XX' ? "'".$_SESSION['host']['country']['name2']."'" : 'null';

	if (($chat > 0) && ($_SESSION['chats'][$chat]['oldname'] != $username)) {
		$sqlchat = $chat;
		if ($GLOBALS['chat']['parent'])
			$sqlchat = $GLOBALS['chat']['parent']+0;
		else if ($_SESSION['chats'][$chat]['sqlchat'])
			$sqlchat = $_SESSION['chats'][$chat]['sqlchat']+0;

		$rez = SQL_SingleQuery("SELECT
			id,parent,username,password,style,prefs,timezone,COALESCE(secur_slevel, 2) as secur_slevel
			FROM {$GLOBALS['sql_prefix']}users
			WHERE (chat={$sqlchat} OR chat=0)
			AND username ILIKE '{$query_username}'
			AND verified='yes'
			AND (inet '{$_SESSION['host']['ip']}' <<= COALESCE(secur_ipmask, inet '0/0'))
			AND ('{$_SESSION['host']['addr']}' LIKE COALESCE(secur_hostmask, '%'))
			AND (((now()>=(lastlogin + INTERVAL '10 minutes'))
			AND (prefs IS NOT NULL AND prefs LIKE '%a%')
			AND (secur_sessionid!='{$_SESSION['session_id']}')) IS FALSE)
			ORDER BY chat DESC", NULL, __FILE__.' : '.__LINE__.' : '.__FUNCTION__);

		$num = SQL_NumRows($rez);
		if ($num) {
			for($i=0;$i<$num;$i++) {
				$row = SQL_FetchAssoc($rez, $i);
				if (($chap == false && $row['password'] == $password) || ($chap == true && sha1($row['password'].$_SESSION['chap']['challenge']) == $password)) {
					if ($row['secur_slevel']+0 > $_SESSION['security'])
						$_SESSION['security'] = $row['secur_slevel']+0;
					unset($row['secur_slevel']);

					$row['chat'] = $chat;
					$row['sqlchat'] = $sqlchat;

					if (!empty($row['timezone']))
						$row['timezone'] = TZ2DST($row['timezone']);

					$row['flags'] = '';
					$res = SQL_SingleQuery("SELECT chat,flags,visual_symbol,visual_link,visual_image,visual_color,visual_icon FROM {$GLOBALS['sql_prefix']}userassoc WHERE (chat={$sqlchat} OR chat=0) AND id={$row['id']} ORDER BY chat DESC", NULL, __FILE__.' : '.__LINE__.' : '.__FUNCTION__);
					$num = SQL_NumRows($res);
					for($i=0;$i<$num;$i++) {
						$frow = SQL_FetchAssoc($res, $i);
						$row['flags'] .= $frow['flags'];
						if ($frow['chat'] != 0) {
							$row['flags'] .= '1';
						}
						$row['saved']['symbol'] = PChoose($frow['visual_symbol'], $row['saved']['symbol'], $_SESSION['chats'][$chat]['saved']['symbol'], $_SESSION['chats'][$chat]['symbol'], $_REQUEST['prefs']['symbol']);
						$row['saved']['link'] = PChoose($frow['visual_link'], $row['saved']['link'], $_SESSION['chats'][$chat]['saved']['link'], $_SESSION['chats'][$chat]['link'], $_REQUEST['prefs']['link']);
						$row['saved']['image'] = PChoose($frow['visual_image'], $row['saved']['image'], $_SESSION['chats'][$chat]['saved']['image'], $_SESSION['chats'][$chat]['image'], $_REQUEST['prefs']['image']);
						$row['saved']['color'] = PChoose($frow['visual_color'], $row['saved']['color'], $_SESSION['chats'][$chat]['saved']['color'], $_SESSION['chats'][$chat]['color'], $_REQUEST['prefs']['color']);
						$row['saved']['icon'] = PChoose($frow['visual_icon'], $row['saved']['icon'], $_SESSION['chats'][$chat]['saved']['icon'], $_SESSION['chats'][$chat]['icon'], $_REQUEST['prefs']['icon']);
					}
					SQL_FreeResult($res);

					if ($GLOBALS['chat']['owner'] == $row['id'])
						$row['flags'] .= 'M';
					if (!$row['flags'] && CheckFlags($GLOBALS['chat']['flags'], 'G')) {
						continue;
					} else if (!CheckFlags($row['flags'], '1')) {
						SQL_EmptyQuery("INSERT INTO {$GLOBALS['sql_prefix']}userassoc (chat,id,flags) VALUES ({$sqlchat}, {$row['id']}, '1')", __FILE__.' : '.__LINE__.' : '.__FUNCTION__);
						$row['flags'] .= '1';
					}

					$row['faction'] = array();
					$res = SQL_SingleQuery("SELECT assoc.flags,assoc.id FROM ({$GLOBALS['sql_prefix']}factionassoc as assoc JOIN {$GLOBALS['sql_prefix']}factions as fact ON fact.id=assoc.id) WHERE fact.chat={$sqlchat} AND assoc.userid={$row['id']}", NULL, __FILE__.' : '.__LINE__.' : '.__FUNCTION__);
					$num = SQL_NumRows($res);
					for($i=0;$i<$num;$i++) {
						$frow = SQL_FetchAssoc($res, $i);
						$row['faction'][$frow['id']] = array();
						$row['faction'][$frow['id']]['flags'] = $frow['flags'].'1';
					}
					SQL_FreeResult($res);

					foreach($row as $key => $val)
						$_SESSION['chats'][$chat][$key] = $val;
					
					$_SESSION['chats'][$chat]['recheck'] = time()+600;

					SQL_EmptyQuery("UPDATE {$GLOBALS['sql_prefix']}users SET lastlogin=now(),secur_sessionid='{$_SESSION['session_id']}',country={$country} WHERE id={$row['id']}", __FILE__.' : '.__LINE__.' : '.__FUNCTION__);
					SQL_EmptyQuery("UPDATE {$GLOBALS['sql_prefix']}users SET country={$country} WHERE id={$row['id']} AND country IS NULL", __FILE__.' : '.__LINE__.' : '.__FUNCTION__);
					SQL_EmptyQuery("UPDATE {$GLOBALS['sql_prefix']}userassoc SET lastvisit=now() WHERE id={$row['id']} AND chat={$sqlchat}", __FILE__.' : '.__LINE__.' : '.__FUNCTION__);
					unset($_SESSION['chats'][$chat]['falselogin']);

					FetchIgnores($row['id'], $chat);
					GetUserImagebans($row['id']);
					$_SESSION['chats'][$chat]['flags'] .= GetFlagsForChat($chat);
					break;
				} else {
					unset($_SESSION['chats'][$chat]);
					$_SESSION['chats'][$chat]['falselogin'] = TRUE;
				}
			}
		} else {
			unset($_SESSION['chats'][$chat]['id']);
			unset($_SESSION['chats'][$chat]['parent']);
			unset($_SESSION['chats'][$chat]['flags']);
			$_SESSION['chats'][$chat]['username'] = $username;
			$_SESSION['chats'][$chat]['recheck'] = time()+600;
		}
		SQL_FreeResult($rez);
		$_SESSION['chats'][$chat]['ident'] = substr(md5($_SESSION['session_id'].$chat), 0, 8);
		if ($GLOBALS['chat']['s_identlength'])
			$_SESSION['chats'][$chat]['ident'] = substr($_SESSION['chats'][$chat]['ident'], 0, $GLOBALS['chat']['s_identlength']);
	}

	if ((empty($_SESSION['chats'][0]['username']) || ($chat==0)) && ($_SESSION['chats'][0]['oldname'] != $username)) {
		$rez = SQL_SingleQuery("SELECT
			u.timezone,u.id,u.parent,u.username,u.password,u.style,u.prefs,
			COALESCE(u.secur_slevel, 2) as secur_slevel,assoc.flags,assoc.visual_symbol,
			assoc.visual_link,assoc.visual_image,assoc.visual_color,assoc.visual_icon
			FROM {$GLOBALS['sql_prefix']}users as u
			LEFT JOIN {$GLOBALS['sql_prefix']}userassoc as assoc ON (u.id=assoc.id AND assoc.chat=0)
			WHERE u.username ILIKE {$GLOBALS['sql_prefix']}ec_like('{$query_username}')
			AND u.chat=0
			AND u.verified='yes'
			AND (inet '{$_SESSION['host']['ip']}' <<= COALESCE(secur_ipmask, inet '0/0'))
			AND ('{$_SESSION['host']['addr']}' LIKE COALESCE(u.secur_hostmask, '%'))
			AND (((now()>=(u.lastlogin + INTERVAL '10 minutes'))
			AND (u.prefs IS NOT NULL
			AND u.prefs LIKE '%a%')
			AND (u.secur_sessionid!='{$_SESSION['session_id']}')) IS FALSE)", NULL, __FILE__.' : '.__LINE__.' : '.__FUNCTION__);
		if (SQL_NumRows($rez) > 0) {
			$row = SQL_FetchAssoc($rez);
			if ($row['secur_slevel']+0 > $_SESSION['security'])
				$_SESSION['security'] = $row['secur_slevel']+0;
			unset($row['secur_slevel']);

			if (($chap == false && $row['password'] == $password) || ($chap == true && sha1($row['password'].$_SESSION['chap']['challenge']) == $password)) {
				$row['saved']['symbol'] = PChoose($row['visual_symbol'], $_SESSION['chats'][0]['saved']['symbol'], $_SESSION['chats'][0]['symbol'], $_REQUEST['prefs']['symbol']);
				$row['saved']['link'] = PChoose($row['visual_link'], $_SESSION['chats'][0]['saved']['link'], $_SESSION['chats'][0]['link'], $_REQUEST['prefs']['link']);
				$row['saved']['image'] = PChoose($row['visual_image'], $_SESSION['chats'][0]['saved']['image'], $_SESSION['chats'][0]['image'], $_REQUEST['prefs']['image']);
				$row['saved']['color'] = PChoose($row['visual_color'], $_SESSION['chats'][0]['saved']['color'], $_SESSION['chats'][0]['color'], $_REQUEST['prefs']['color']);
				$row['saved']['icon'] = PChoose($row['visual_icon'], $_SESSION['chats'][0]['saved']['icon'], $_SESSION['chats'][0]['icon'], $_REQUEST['prefs']['icon']);
				unset($row['visual_symbol']);
				unset($row['visual_image']);
				unset($row['visual_icon']);
				unset($row['visual_link']);
				unset($row['visual_color']);

				if (!empty($row['timezone']))
					$row['timezone'] = TZ2DST($row['timezone']);

				$row['chat'] = 0;
				foreach($row as $key => $val)
					$_SESSION['chats'][0][$key] = $val;

				$_SESSION['chats'][0]['recheck'] = time()+600;
				$_SESSION['chats'][0]['username'] = $username;
				$_SESSION['chats'][0]['oldname'] = $_SESSION['chats'][0]['username'];

				SQL_EmptyQuery("UPDATE {$GLOBALS['sql_prefix']}users SET lastlogin=now(),secur_sessionid='{$_SESSION['session_id']}',country={$country} WHERE id={$row['id']}", __FILE__.' : '.__LINE__.' : '.__FUNCTION__);
				unset($_SESSION['chats'][0]['falselogin']);

				FetchIgnores($row['id']);
				GetUserImagebans($row['id']);
			} else {
				unset($_SESSION['chats'][0]);
				$_SESSION['chats'][0]['falselogin'] = TRUE;
			}
		} else {
			unset($_SESSION['chats'][0]);
			$_SESSION['chats'][0]['falselogin'] = TRUE;
		}
		SQL_FreeResult($rez);
	}

	if ($chap == true) {
		$_SESSION['chap']['challenge'] = sha1(uniqid(rand()));
	}
}

function ReCheckLogin() {
	foreach($_SESSION['chats'] as $key => $val) {
		unset($_SESSION['chats'][$key]['oldname']);
		CheckLogin($val['username'], $val['password'], $key);
		$_SESSION['chats'][$key]['oldname'] = $val['username'];
	}
}

function CheckAnyLogin($id=0, $chat=0) {
	if (empty($chat))
		$chat = $GLOBALS['id'];
/*
	if ($id && ($_SESSION['active']['id'] == $id))
		return $_SESSION['active'];
*/
	if ($id && ($_SESSION['chats'][$chat]['id'] == $id))
		return $_SESSION['chats'][$chat];

	if (is_array($_SESSION['chats']) && !empty($_SESSION['chats'])) {
		if ($id) {
			foreach($_SESSION['chats'] as $login) {
				if ($login['id'] == $id)
					return $login;
			}
		}
		foreach($_SESSION['chats'] as $login) {
			if ($login['id'])
				return $login;
		}
	}
	return FALSE;
}

?>