Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class Login{
- private $_id;
- private $_username;
- private $_password;
- private $_passmd5;
- private $_errors;
- private $_access;
- private $_login;
- private $_token;
- public function __construct(){
- $this->_errors = array();
- $this->_login = isset($_POST['login']) ? 1 : 0;
- $this->_access = 0;
- $this->_token = $_POST['token'];
- $this->_id = 0;
- $this->_username = ($this->_login) ? $this->filter($_POST['username']) : $_SESSION['username'];
- $this->_password = ($this->_login) ? $this->filter($_POST['password']) : '';
- $this->_passmd5 = ($this->_login) ? md5($this->_password) : $_SESSION['password'];
- }
- public function isLoggedIn(){
- ($this->_login) ? $this->verifyPost() : $this->verifySession();
- return $this->_access;
- }
- public function filter($var){
- return preg_replace('/[^a-zA-z0-9]/','',$var);
- }
- public function verifyPost(){
- try{
- if(!$this->isTokenValid())
- throw new Exception('Invalid Form Submission!');
- if(!$this->isDataValid())
- throw new Exception('Invalid Form Data!');
- if(!$this->verifyDatabase())
- throw new Exception('Invalid Form Username/Password!');
- $this->_access = 1;
- $this->registerSession();
- }catch(Exception $e){
- $this->_errors[] = $e->getMessage();
- }
- }
- public function verifySession(){
- if($this->sessionExist() && $this->verifyDatabase()){
- $this->_access = 1;
- }
- }
- public function verifyDatabase(){
- mysqli_connect("localhost","root","") or die(mysql_error());
- mysqli_select_db("zite_daygostar") or die(mysql_error());
- $data = mysqli_query("SELECT id FROM admins WHERE username = '($this->_username)' AND password = '($this->_passmd5)'");
- if(mysqli_num_rows($data)){
- list($this->_id) = @array_values(mysqli_fetch_assoc($data));
- return true;
- }
- }
- public function isDataValid(){
- return (preg_match('/[^a-zA-Z0-9]{5,12}$/',$this->_username) && preg_match('/[^a-zA-Z0-9]{5,12}$/',$this->_password)) ? 1 : 0;
- }
- public function isTokenValid(){
- return (!isset($_SESSION['token']) || $this->_token != $_SESSION['token']) ? 0 : 1;
- }
- public function registerSession(){
- $_SESSION['id'] = $this->_id;
- $_SESSION['username'] = $this->_username;
- $_SESSION['password'] = $this->_passmd5;
- }
- public function sessionExist(){
- return (isset($_SESSION['username']) && isset($_SESSION['password'])) ? 1 : 0;
- }
- public function showErrors(){
- echo "<h3>Errors</h3>";
- foreach($this->_errors as $key=>$value){
- echo $value."</br>";
- }
- }
- }
- ?>
- <form class="login" method="POST" action="action.php">
- <p class="title">Sign In</p>
- <input type="text" name="username" placeholder="Username" autofocus/>
- <i class="fa fa-user"></i>
- <input type="password" name="password" placeholder="Password" />
- <i class="fa fa-key"></i>
- <a href="#">Forgot Your Password?</a></br>
- <a href="#">Having a Different Problem?</a></p>
- <input type="hidden" name="token" value="<?php=$token; ?>"></input>
- <input class="submititon" type="submit" value="Submit" name="submit"></input>
- </form>
- <?php
- session_start();
- if (isset($_POST['submit'])){
- include 'maint/php/libs/classes/Login.class.php';
- $login = new Login();
- if($login->isLoggedIn())
- echo "Success!";
- else
- $login->showErrors();
- }
- $token = $_SESSION['token'] = md5(uniqid(mt_rand(),true));
- ?>
- $this->_username = ($this->_login) ? $this->filter($_POST['username']) : $_SESSION['username'];
- $this->_passmd5 = ($this->_login) ? md5($this->_password) : $_SESSION['password'];
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement