Sure. The following function and test case takes a user and pass from the url (e.g. page.php?user=phil&pass=supersecretpassword) and checks it against the xml database. The function returns true on match and false on non-match. Test case echoes test data as appropriate.
<?php
if (authCheck('../../anope.xml', $_GET['user'], $_GET['pass'])) {
echo $_GET['user'] . ' is valid';
}
else {
echo $_GET['user'] . ' is invalid';
}
function authCheck($file, $user, $pass) {
// Make object
$xml = simplexml_load_file($file);
// Loop through and find user objects by their password
// This is more efficient to do this first since we must only
// loop nickcores and not every alias in every nick core
foreach ($xml->nickcores->nickcore as $core) {
// Check for password match
if (bin2hex(base64_decode($core->password)) == sha1($pass)) {
// Now loop through the aliases of the matching core
foreach ($core->aliases->alias as $alias) {
// Check for nick match
if ($alias->nick == $user) {
return true;
}
}
}
}
return false;
}
?>
You can run a simplexml object through print_r to see the full data output.
Phil