Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- Salt pass md5 if you did with existing
- fix queries according to what your phpadmin outputs
- fix login call in sample according to your spec
- */
- class Login
- {
- private $user;
- private $pass;
- private $name;
- private $host;
- function __construct()
- {
- /* could also load a config file here to hold db data */
- $this->user = "username";
- $this->pass = "password";
- $this->name = "dbname";
- $this->host = "host:port";
- }
- public function stat()
- {
- if(isset($_COOKIE["user"]))
- {
- if($handle = @mysql_connect($this->host,$this->user,$this->pass))
- {
- if(@mysql_select_db($this->name,$handle))
- {
- $sid = @mysql_real_escape_string($_COOKIE["user"]);
- if(@mysql_query("SELECT * WHERE `session` = '$sid'",$handle))
- {
- mysql_close($handle);
- return true;
- }
- }
- @mysql_close($handle);
- }
- }
- return false;
- }
- public function logout()
- {
- if(isset($_COOKIE["user"]))
- {
- if($handle = @mysql_connect($this->host,$this->user,$this->pass))
- {
- $sid = mysql_real_escape_string($_COOKIE["user"],$handle);
- setcookie("user","",time()-3600);
- if(@mysql_select_db($this->name,$handle))
- {
- if(@mysql_query("UPDATE `b32_5133578_ghfghfghfh`.`member` SET `session` = '' WHERE `member`.`session` ='$sid'",$handle))
- {
- @mysql_close($handle);
- return true;
- }
- }
- @mysql_close($handle);
- }
- }
- return false;
- }
- /* checks login+makes cookie and db entry for session id */
- public function login($user,$pass,$path,$domain,$duration)
- {
- if($handle = @mysql_connect($this->host,$this->user,$this->pass))
- {
- if(@mysql_select_db($this->name,$handle))
- {
- $user = @mysql_real_escape_string($user);
- $pass = @mysql_real_escape_string($pass);
- $pass = md5($pass);
- for($i=0;$i<33;$i++)
- {
- $sid .= rng(0,9);
- }
- if(@mysql_query("SELECT * FROM `member` WHERE `member`.`username` = '$user' AND `member`.`password` = '$pass'"))
- {
- if(!setcookie("user",$sid,$duration,$path,$domain))
- {
- mysql_close($handle);
- return false;
- }
- if(@mysql_query("UPDATE `b32_5133578_ghfghfghfh`.`member` SET `session` = '$sid' WHERE `member`.`username` ='$user' AND `member`.`password` = '$pass' ;",$handle))
- {
- mysql_close($handle);
- return true;
- }
- mysql_close($handle);
- }
- }
- mysql_close($handle);
- }
- return false;
- }
- }
- ?>
- <?php
- require_once('./login.php');
- $auth = new Login();
- if(!$auth->stat())
- {
- if($_POST["username"] && $_POST["password"] && $_POST["submit"])
- {
- /* expire in 1 hour */
- if($auth->login($_POST["username"],$_POST["password"],"/myname/www/","domain.com",time()+3600))
- {
- echo "passed";
- } else {
- echo "failed";
- }
- }
- } else {
- echo "already logged in.";
- }
- ?>
- <html>
- <head><title>gkgkg</title></head>
- <body>
- <form action="./index.php" method="post">
- <input type="text" name="username"></ br>
- <input type="password" name="password"></ br>
- <input type="submit" name="submit">
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement