Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class session {
- var $sessID='';
- var $cookies=0;
- var $keel="";
- function session($sID="") {
- if(isset($sID)) $this->sessID=$sID;
- global $login,$HTTP_COOKIE_VARS,$HTTP_GET_VARS,$logout;
- if($this->cookies) {
- if(sizeof($HTTP_COOKIE_VARS)>0) {
- if(in_array("sessID",$HTTP_COOKIE_VARS)!=-1) {
- $this->sessID=$HTTP_COOKIE_VARS["sessID"];
- //echo $HTTP_COOKIE_VARS["sessID"];
- }
- }
- } else {
- if(isset($HTTP_GET_VARS["sessID"])) {
- $this->sessID=$HTTP_GET_VARS["sessID"];
- //echo $HTTP_COOKIE_VARS["sessID"];
- }
- }
- if($logout==1) {
- $this->logout_sess();
- }
- if($login==1) {
- $this->login();
- }
- if($this->sessID!='') {
- $this->update_sess();
- } else {
- $this->new_sess();
- }
- define("_sessID",$this->sessID);
- define("_keeeel",$this->keel);
- }
- function new_sess($loc=0) {
- global $user,$db_handler;
- $token=md5(microtime());
- $expires=time()+3600;
- $exp=date("Y-m-d H:i:s", $expires);
- mysqli_query($db_handler, "INSERT INTO session (cookie, in_time, out_time, last_ip, ipname) VALUES ('".$token."', NOW(), '".$exp."', '".$_SERVER["REMOTE_ADDR"]."', '".gethostbyaddr($_SERVER["REMOTE_ADDR"])."')") or die(mysqli_error($db_handler));
- $this->sessID=$token;
- $this->make_cookie("sessID",$token,time()+3600,$loc);
- $user='';
- log_("new_session","_");
- }
- function get_user1($user_id) {
- global $db_handler;
- $tmp="Array (";
- $query="SELECT id,usernim,mname,eomap FROM user ".
- "WHERE id='".$user_id."'";
- $result=mysqli_query($db_handler, $query) or die(mysqli_error($db_handler));
- if($rida=mysqli_fetch_array($result, MYSQLI_ASSOC)) {
- $tmp.="\"id\" => \"".$rida["id"]."\",\"usern\"=>\"".$rida["usernim"]."\",\"name\"=>\"".$rida["mname"]."\",\"eomap\"=>\"".$rida["eomap"]."\"\n";
- mysqli_free_result($result);
- }
- else
- $tmp.="\"id\" => \"0\",\"usern\"=>\"kylastaja\",\"name\"=>\"kylastaja\",\"eomap\"=>\"0\"\n";
- $tmp.=")";
- return $tmp;
- }
- function get_mods($user_id) {
- global $db_handler;
- $tmp="Array (";
- $rghts=Array();
- $query="SELECT DISTINCT t1.name,t1.disp_name,t1.disp_desc ".
- "FROM mods AS t1 LEFT JOIN user_mods AS t2 ON t1.id=t2.mods_id ".
- "WHERE t2.user_id='".$user_id."' OR t1.name='"._default_mod."' ORDER BY t2.seq";
- $result=mysqli_query($db_handler, $query) or die(mysqli_error($db_handler));
- $veel="";
- while($rida=mysqli_fetch_array($result, MYSQLI_ASSOC)) {
- $tmp.=$veel."\"".$rida["name"]."\" => Array(\"disp_name\"=>\"".$rida["disp_name"]."\",".
- "\"disp_desc\"=>\"".$rida["disp_desc"]."\")\n";
- $rghts[$rida["name"]]=Array("disp_name"=>$rida["disp_name"],"disp_desc"=>$rida["disp_desc"]);
- $veel=",";
- }
- $tmp.=")";
- mysqli_free_result($result);
- return $tmp;
- }
- function get_rights($user_id) {
- global $db_handler;
- $tmp="Array (";
- $query="SELECT DISTINCT ".
- "t6.seq,t6.name".$this->keel." as grupp,t5.size,t5.alpha,t5.layer_grupp".$this->keel." AS layer_grupp,t5.layer_grupp_nimetus".$this->keel." AS layer_grupp_nimetus,t5.filename,t5.table_name,t5.numpict,t5.key,t5.value,t5.default,".
- "IF(t5.have_nim=1,t5.nim,'') AS nim,t3.layer_id,t5.common,t5.pict,t5.minscale,t5.maxscale,".
- "t5.color,t5.filled,t5.fillcolor,t5.name".$this->keel." AS layer_name,t5.nimetus,t5.tyyp,t4.name ".
- "FROM user AS t1 LEFT JOIN user_in_group AS t2 ON t1.id=t2.user_id ".
- "LEFT JOIN user_rights AS t3 ON ".
- "((ISNULL(t3.user_id) AND t2.group_id=t3.group_id) ".
- "OR (ISNULL(t3.group_id) AND t1.id=t3.user_id)) ".
- "LEFT JOIN rights AS t4 ON t3.rights&t4.value!=0 ".
- "LEFT JOIN layers AS t5 ON t3.layer_id=t5.id ".
- "LEFT JOIN layers_group AS t6 ON t5.group_id=t6.id ".
- "WHERE t1.id=$user_id ORDER BY t6.seq,t5.seq DESC,t3.layer_id,t4.value;";
- //echo $query;
- $result=mysqli_query($db_handler, $query) or die(mysqli_error($db_handler));
- $veel="";
- $curr_lay=-1;
- $user_rights=Array();
- while($rida=mysqli_fetch_assoc($result)) {
- if($rida["layer_id"]=="") continue;
- if($rida["layer_id"]!=$curr_lay) {
- if($tmp!="Array (") {
- $tmp.=")\n";
- }
- $tmp.=$veel."\"".$rida["layer_id"]."\"=>Array (\"numpict\"=>".$rida["numpict"].",\"name\"=>\"".$rida["layer_name"]."\",\"nimetus\"=>\"".$rida["nimetus"]."\",\"tyyp\"=>\"".$rida["tyyp"]."\"".
- ",\"color\"=>\"".$rida["color"]."\",\"filled\"=>\"".$rida["filled"]."\",".
- "\"fillcolor\"=>\"".$rida["fillcolor"]."\",\"pict\"=>\"".$rida["pict"]."\",".
- "\"nim\"=>\"".$rida["nim"]."\",\"default\"=>\"".$rida["default"]."\",".
- "\"grupp\"=>\"".$rida["grupp"]."\",\"common\"=>\"".$rida["common"]."\",".
- "\"table\"=>\"".$rida["table_name"]."\",\"key\"=>\"".$rida["key"]."\",".
- "\"filename\"=>\"".$rida["filename"]."\",".
- "\"layer_grupp_nimetus\"=>\"".$rida["layer_grupp_nimetus"]."\",".
- "\"minscale\"=>\"".$rida["minscale"]."\",".
- "\"maxscale\"=>\"".$rida["maxscale"]."\",".
- "\"size\"=>\"".$rida["size"]."\",".
- "\"seq\"=>\"".$rida["seq"]."\",".
- "\"alpha\"=>\"".$rida["alpha"]."\",".
- //"\"value\"=>\"".$rida["value"]."\",\"layer_grupp\"=>\"".$rida["layer_grupp"]."\")\n";
- "\"value\"=>\"".$rida["value"]."\",\"layer_grupp\"=>\"".$rida["layer_grupp"]."\"";
- $veel=",";
- $user_rights[$rida["layer_id"]]=Array("numpict"=>$rida["numpict"],"name"=>$rida["layer_name"],"nimetus"=>$rida["nimetus"],"tyyp"=>$rida["tyyp"],"color"=>$rida["color"],"filled"=>$rida["filled"],"fillcolor"=>$rida["fillcolor"],"pict"=>$rida["pict"],"nim"=>$rida["nim"],"default"=>$rida["default"],"grupp"=>$rida["grupp"],"common"=>$rida["common"],"table"=>$rida["table_name"],"key"=>$rida["key"],"value"=>$rida["value"],"layer_grupp"=>$rida["layer_grupp"]);
- $curr_lay=$rida["layer_id"];
- $s=0;
- }
- $tmp.=",\"".$s."\"=>\"".$rida["name"]."\"";
- $user_rights[$curr_lay][$s++]=$rida["name"];
- }
- if($tmp!="Array (") {
- $tmp.=")\n";
- }
- $tmp.=")";
- mysqli_free_result($result);
- return $tmp;
- }
- function var_dump($mis) {
- ob_start();
- var_dump($mis);
- $cont=ob_get_contents();
- ob_end_clean();
- return $cont;
- }
- function make_cookie($name,$value,$time,$loc=0) {
- global $QUERY_STRING, $db_handler, $user;
- if($this->cookies) {
- setcookie($name,$value,$time);
- } else {
- $query="SELECT t2.*,t1.id AS sess FROM session AS t1 ".
- "LEFT JOIN user AS t2 ON t1.user=t2.id ".
- "WHERE t1.last_ip='".$_SERVER["REMOTE_ADDR"]."' ".
- "AND t1.cookie='".$value."' AND t1.out_time>NOW()";
- $result=mysqli_query($db_handler,$query) or die(mysqli_error($db_handler));
- if($rida=mysqli_fetch_assoc($result)) {
- //define("_asutus_id",$rida["asutus_id"]);
- $user_id=$rida["id"];
- $mods_text=$this->get_mods($user_id);
- $user1_text=$this->get_user1($user_id);
- $fl=fopen("tmp/$value.inc","w+");
- fwrite($fl,"<?\n");
- fwrite($fl,"\$GLOBALS[\"mod_rights\"]=".$mods_text.";\r\n");
- fwrite($fl,"\$GLOBALS[\"user1\"]=".$user1_text.";\r\n");
- fwrite($fl,"?>\n");
- fclose($fl);
- $fl=fopen("tmp/".$value."_1.inc","w");
- fwrite($fl,"<?\n");
- fwrite($fl,"\$GLOBALS[\"tooted\"]=Array();\r\n");
- fwrite($fl,"?>\n");
- fclose($fl);
- //$query=mysql_query("UPDATE session SET rights='$rights_text',mods='$mods_text' WHERE id=".$rida["sess"]) or die(mysql_error());
- mysqli_free_result($result);
- }
- $qry_str=preg_replace("/sessID=[0-9a-f]{32,32}/i","",$QUERY_STRING);
- // if(isset($user["user_id"])){
- Header("Location: index.php?sessID=".$value."&".$qry_str);
- // }
- }
- }
- function update_sess($sess="") {
- global $db_handler,$tooted,$user_rights,$mod_rights,$HTTP_GET_VARS;
- $this->sessID=($sess!="")?$sess:$this->sessID;
- $result=mysqli_query($db_handler, "SELECT t2.usernim,t2.masutus AS asutus,t2.mname AS name,t2.soodustus,t2.id AS user_id,t1.* FROM session AS t1 LEFT JOIN user AS t2 ON t1.user=t2.id WHERE t1.last_ip='".$GLOBALS["REMOTE_ADDR"]."' AND t1.cookie='".$this->sessID."' AND t1.out_time>NOW()") or die(mysqli_error($db_handler));
- if($rida=mysqli_fetch_assoc($result)) {
- //define("_asutus_id",$rida["asutus_id"]);
- $GLOBALS["user"]=$rida;
- $this->keel=$rida["keel"];
- $expires=time()+3600;
- $exp=date("Y-m-d H:i:s", $expires);
- mysqli_query("UPDATE session SET out_time='$exp' WHERE id='".$rida["id"]."'");
- mysqli_free_result($result);
- if(isset($HTTP_GET_VARS["lang"])) {
- $lang=$HTTP_GET_VARS["lang"]=="ee"?"":"_".$HTTP_GET_VARS["lang"];
- $this->keel=$lang;
- mysqli_query($db_handler, "UPDATE session SET keel='$lang' WHERE id='".$rida["id"]."'") or die(mysqli_error($db_handler));
- $user_id=$rida["user_id"];
- $mods_text=$this->get_mods($user_id);
- $user1_text=$this->get_user1($user_id);
- //echo $mods_text;
- $fl=fopen("tmp/".$this->sessID.".inc","w+");
- fwrite($fl,"<?\n");
- fwrite($fl,"\$GLOBALS[\"mod_rights\"]=".$mods_text.";\r\n");
- fwrite($fl,"\$GLOBALS[\"user1\"]=".$user1_text.";\r\n");
- fwrite($fl,"?>\n");
- fclose($fl);
- $fl=fopen("tmp/".$this->sessID."_1.inc","w");
- fwrite($fl,"<?\n");
- fwrite($fl,"\$GLOBALS[\"tooted\"]=Array();\r\n");
- fwrite($fl,"?>\n");
- fclose($fl);
- }
- //log_("update_session",$rida["usernim"]);
- include("tmp/".$this->sessID.".inc");
- include("tmp/".$this->sessID."_1.inc");
- } else {
- if($sess!="") { $GLOBALS["end_sess"]=1; return; }
- $this->new_sess();
- }
- }
- function logout_sess() {
- global $db_handler;
- mysqli_query($db_handler, "UPDATE session SET out_time=NOW(),cause='logout' WHERE cookie='$this->sessID'");
- log_("logout",$GLOBALS["user"]["usernim"]);
- if($this->cookies) $this->delete_cookie($this->sessID);
- $this->sessID='';
- }
- function close_sess() {
- $this->delete_cookie($this->sessID);
- }
- function delete_cookie($name) {
- setcookie($name);
- }
- function login() {
- global $HTTP_POST_VARS,$db_handler;
- $user_name=$HTTP_POST_VARS["user_name"];
- $user_pass=$HTTP_POST_VARS["user_pass"];
- $user_pass=md5($user_pass);
- $result=mysqli_query($db_handler, "SELECT * FROM user WHERE usernim='$user_name' AND password='$user_pass'");
- //trigger_error("SELECT * FROM user WHERE usernim='$user_name' AND password='$user_pass'");
- if($rida=mysqli_fetch_object($result)) {
- $mods_text=$this->get_mods($rida->id);
- $user1_text=$this->get_user1($rida->id);
- $fl=fopen("tmp/".$this->sessID.".inc","w+");
- fwrite($fl,"<?\n");
- fwrite($fl,"\$GLOBALS[\"mod_rights\"]=".$mods_text.";\r\n");
- fwrite($fl,"\$GLOBALS[\"user1\"]=".$user1_text.";\r\n");
- fwrite($fl,"?>\n");
- fclose($fl);
- $fl=fopen("tmp/".$this->sessID."_1.inc","w");
- fwrite($fl,"<?\n");
- fwrite($fl,"\$GLOBALS[\"tooted\"]=Array();\r\n");
- fwrite($fl,"?>\n");
- fclose($fl);
- mysqli_free_result($result);
- mysql_query($db_handler, "UPDATE session SET user='$rida->id' WHERE cookie='".$this->sessID."' AND last_ip='".$GLOBALS["REMOTE_ADDR"]."' AND out_time>NOW()");
- log_("login",$rida->usernim);
- return 1;
- }
- return -1;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement