Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // fichier configuration
- include_once 'config.inc.php';
- // fichier d'options
- include_once str_replace('admin/', '', ROOT).'includes/common.global.inc.php';
- /**
- * verification du l'auth du user, sinon retour en bool.
- * @return bool
- */
- function check_login() {
- if(!isset($_SESSION['User'])) {
- $_SESSION['flash'] = array('type'=>'bad','msg'=>'You need to be logged to access that section');
- header('Location: '.ROOT_URL.'login.php');
- exit;
- }
- // verification du temps de session
- if(isset($_SESSION['Time'])) {
- // temps de la session
- $period = 60*60;
- if( mktime() - $_SESSION['Time'] >= $period ) {
- unset($_SESSION['User']);
- $_SESSION['flash'] = array('type'=>'bad','msg'=>'Your session has expired, please log in again');
- header('Location: '.ROOT_URL.'login.php');
- exit;
- }
- }
- return TRUE;
- }
- /**
- * l'utilisateur se déconnecte
- */
- function logout() {
- unset($_SESSION['User']);
- redirect(ROOT_URL.'login.php');
- }
- /**
- * connection à la DB
- * @return db class
- */
- function db_connect() {
- // instance de la DB
- $db = new DB(array(
- 'hostname'=>HOSTNAME,
- 'username'=>DB_USERNAME,
- 'password'=>DB_PASSWORD,
- 'db_name'=>DB_NAME
- ));
- // error DB
- if($db===FALSE) {
- pr($db->errors);
- exit;
- }
- return $db;
- }
- /**
- * verification utilisateur dans la DB
- * @param string $username
- * @param string $password
- * @return bool
- */
- function check_user($username, $password) {
- // connection à la DB
- $db = db_connect();
- // trouver user
- $user = $db->get_row("SELECT users.* FROM users WHERE users.username='".$db->escape($username)."'");
- // username non trouver
- if(empty($user)) {
- return FALSE;
- }
- // password non correcte
- if(md5($password.SALT) != $user['password']) {
- return FALSE;
- }
- // sauvegarde de la session
- $_SESSION['User'] = $user;
- // sauvegarde du temps de session pour le redéfinir
- $_SESSION['Time'] = mktime();
- return TRUE;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement