Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php if(!(isset($_SESSION['username']))): ?>
- <P class="lead">No has iniciado sesión <a href="login.php">Inicia sesión</a>
- </P>
- <?php else: ?>
- <p class="lead">Has iniciado sesión como <?php if(isset($_SESSION['username'])) echo $_SESSION['username']; ?>
- <?php endif ?>
- function rememberMe($user_id){
- $encryptCookieData = base64_encode("UaQteh5i4y3dntstemYODEC{$user_id}");
- // Cookie set to expire in about 30 days
- setcookie("rememberUserCookie", $encryptCookieData, time()+60*60*24*100, "/");
- }
- /**
- * checked if the cookie used is same with the encrypted cookie
- * @param $db, database connection link
- * @return bool, true if the user cookie is valid
- */
- function isCookieValid($db){
- $isValid = false;
- if (isset($_COOKIE['rememberUserCookie'])) {
- /**
- * Decode cookies and extract user ID
- */
- $decryptCookieData = base64_decode($_COOKIE['rememberUserCookie']);
- $user_id = explode("UaQteh5i4y3dntstemYODEC", $decryptCookieData);
- $userID = $user_id[1];
- /**
- * check if id retrieved from the cookie exist in the database
- * */
- $sqlQuery = "SELECT * FROM users WHERE id = :id";
- $statement = $db->prepare($sqlQuery);
- $statement->execute(array(':id' => $userID));
- if($row = $statement->fetch()){
- $id = $row['id'];
- $username = $row['username'];
- /**
- * Create the user session variable
- */
- $_SESSION['id'] = $id;
- $_SESSION['username'] = $username;
- $isValid = true;
- }else{
- /**
- * cookie ID is invalid destroy session and logout user
- */
- $isValid = false;
- signout();
- }
- }
- return $isValid;
- }
- /**
- * kill all sessions, cookies and regenrate session ID
- * Redirect to index page after all
- */
- function signout(){
- unset($_SESSION['username']);
- unset($_SESSION['id']);
- if(isset($_COOKIE['rememberUserCookie'])){
- unset($_COOKIE['rememberUserCookie']);
- setcookie('rememberUserCookie', null, -1, '/');
- }
- session_destroy();
- session_regenerate_id(true);
- redirectTo('index');
- }
- /**
- *
- * @return bool, true if all good
- */
- function guard(){
- $isValid = true;
- $inactive = 60 * 15; //15 mins
- $fingerprint = md5($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']);
- if((isset($_SESSION['fingerprint']) && $_SESSION['fingerprint'] != $fingerprint)){
- $isValid = false;
- signout();
- }else if((isset($_SESSION['last_active']) && (time() - $_SESSION['last_active']) > $inactive) && $_SESSION['username']){
- $isValid = false;
- signout();
- }else{
- $_SESSION['last_active'] = time();
- }
- return $isValid;
- }
- function isValidImage($file){
- $form_errors = array();
- //split file name into an array using the dot (.)
- $part = explode(".", $file);
- //target the last element in the array
- $extension = end($part);
- switch(strtolower($extension)){
- case 'jpg':
- case 'gif':
- case 'bmp':
- case 'png':
- return $form_errors;
- }
- $form_errors[] = $extension . " is not a valid image extension";
- return $form_errors;
- }
- function _token(){
- $randonToken = base64_encode(openssl_random_pseudo_bytes(32));
- //$randonToken = md5(uniqid(rand(), true))." md5";
- return $_SESSION['token'] = $randonToken;
- }
- function validate_token($requestToken){
- if(isset($_SESSION['token']) && $requestToken === $_SESSION['token']){
- unset($_SESSION['token']);
- return true;
- }
- return false;
- }
- function prepLogin ($id, $username, $remember){
- $_SESSION['id'] = $id;
- $_SESSION['username'] = $username;
- $fingerprint = md5($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']);
- $_SESSION['last_active'] = time();
- $_SESSION['fingerprint'] = $fingerprint;
- if($remember === "yes"){
- rememberMe($id);
- }
- //call sweet alert
- echo $welcome = "<script type="text/javascript">
- swal({
- title: "Welcome back $username!",
- text: "You're being logged in.",
- type: 'success',
- timer: 3000,
- showConfirmButton: false });
- setTimeout(function(){
- window.location.href = 'index.php';
- }, 3000);
- </script>";
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement