X-Git-Url: http://andersk.mit.edu/gitweb/sql-web.git/blobdiff_plain/7d64c09fae72f64fbee6d512d2ad681f99307954..89905822275ff9062a8fefb007b088abee0b0b45:/lib/security.lib.php

diff --git a/lib/security.lib.php b/lib/security.lib.php
index f7a50b0..00874c2 100644
--- a/lib/security.lib.php
+++ b/lib/security.lib.php
@@ -12,9 +12,9 @@ class Login {
 		if (empty($u)) return;
    		$this->u = $u;
 		$this->p = $p;
-		if ((string)intval($u)===(string)$u) {
+		if (is_null($p)) {
 			$this->id = $u;
-			$opt = sprintf(" Username = '%s' OR UserId = '%s'", mysql_escape_string($u), mysql_escape_string($u));
+			$opt = sprintf(" UserId = '%s'", mysql_escape_string($u));
 		} else {
 			$opt = sprintf(" Username = '%s'", mysql_escape_string($u));
 			$opt .= (is_null($p)?'':sprintf(" AND Password='%s'", mysql_escape_string(base64_encode($p))));
@@ -58,13 +58,6 @@ class Login {
     function expire() {
         $this->info = null;
     }
-    function refresh() {
-		if (!empty($this->id)) {
-			$this->Login($this->id);
-		} else {
-			$this->Login($this->u,$this->p);
-		}
-    }
     function update($name=null,$email=null) {
         if (!$this->exists()) return;
         $arr = array();
@@ -292,6 +285,13 @@ function getSSLCert() {
 	}
 }
 
+function getUsernameID($username) {
+	$sql = sprintf("SELECT UserId FROM User USE INDEX (UsernameID) WHERE Username = '%s'", mysql_escape_string($username));
+	$r = fetchRows(DBSelect($sql), 'UserId');
+	$r = array_shift($r);
+	return count($r)?$r['UserId']:null;
+}
+
 ## 302 REDIRECTS
 
 function redirect($target=null,$secure=null) {