Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class login{
- function login($name,$pwd,$con,$sessid){
- try{
- $sql = $con->prepare('SELECT * FROM users WHERE name=:name OR email=:name');
- $sql->bindValue(':name', $name);
- $result = $sql->fetch();
- }catch(PDOException $ex){
- echo 'Error! '.$ex->getMessage();
- }
- // check password
- if(password_verify($pwd,$result['password'])){
- //calculate when the session should expire
- $expires = time() + (60 * SESSION_LENGTH);
- //log in
- $sql = $con->prepare("INSERT INTO `active_users` (`user`,`session_id`,`expires`) VALUES (`:user`,`:id`,`:expires`)");
- $sql->bindValue(':user', $result['id']);
- $sql->bindValue(':id', $sessid);
- $sql->bindValue(':expires', $expires);
- $sql->execute();
- if($result['side']){
- $side = 'heaven';
- }else{
- $side = 'hell';
- }
- // redirect to game
- header('Location: /'.$side);
- }else{
- //password incorrect
- die("INCORRECT PASSWORD YOU BASTARD!");
- }
- }
- function check($sessid,$con){
- // delete old users
- $query = $con->prepare('DELETE * FROM `active_users` WHERE `expires`<=`:time`');
- $query->bindValue(':time', time());
- $query->execute();
- // find current user in active users
- $sql = $con->prepare('SELECT * FROM `active_users` WHERE `session_id` = `:sessid`');
- $sql->bindValue(':sessid', $sessid);
- $res = $sql->fetch();
- if($res->rowCount()){
- // is logged in
- return true;
- }else{
- //is not logged it (or timed out)
- header('location: ' . HOST);
- return false;
- }
- }
- // extend user log in session, so he can use it longer (the default timeout from current time)
- function extendSession(){
- // connect to database
- $con = new PDO('mysql:host='.DB_HOST.';dbname='.DB_DB.';charset=utf8_general_ci', DB_USERNAME, DB_PASSWORD, array(PDO::ATTR_EMULATE_PREPARES => false, PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
- $con->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
- // calculate new timeout
- $newexp = time() + (60 * SESSION_LENGTH);
- // insert new timeout: prepare
- $myquery = $con->prepare('UPDATE `active_users` SET `expires`=`:expires` WHERE `session_id`=`:id`');
- // bind values
- $myquery->bindValue(':expires',$newexp);
- $myquery->bindValue(':id', session_id());
- // execute
- $myquery->execute();
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement