--- a/ajax.php	Wed Sep 24 13:47:42 2008 -0400
+++ b/ajax.php	Wed Oct 08 21:22:48 2008 -0400
@@ -150,3 +150,75 @@
   }
 }
 
+function api_request_handler($httpd, $socket)
+{
+  global $json;
+  $httpd->header('Content-type: text/javascript');
+  if ( !isset($_POST['request']) )
+  {
+    return json_die("No request specified on POST.");
+  }
+  $req = $json->decode($_POST['request']);
+  if ( !isset($req['action']) )
+  {
+    return json_die("No action specified.");
+  }
+  switch($req['action'])
+  {
+    case 'check_login':
+      global $use_auth, $auth_data;
+      if ( $use_auth )
+      {
+        $return = array(
+          'need_login' => true
+        );
+        if ( isset($req['username']) && isset($req['password']) )
+        {
+          $return['auth_valid'] = ( isset($auth_data[$req['username']]) && $auth_data[$req['username']] === $req['password'] );
+        }
+      }
+      else
+      {
+        $return = array(
+          'need_login' => false,
+          'auth_valid' => true
+        );
+      }
+      break;
+    case 'login':
+      global $use_auth, $auth_data;
+      if ( $use_auth )
+      {
+        if ( !isset($req['username']) || !isset($req['password']) )
+        {
+          return json_die("Username or password not provided");
+        }
+        if ( $session = login($req['username'], $req['password']) )
+        {
+          $return = array(
+            'need_login' => true,
+            'login_cookie' => $session
+          );
+        }
+        else
+        {
+          $return = array(
+            'need_login' => true,
+            'login_cookie' => false
+          );
+        }
+      }
+      else
+      {
+        $return = array(
+          'need_login' => false,
+          'login_cookie' => false
+        );
+      }
+      break;
+    default:
+      return json_die("Undefined action '{$req['action']}'.");
+      break;
+  }
+  echo $json->encode($return);
+}