Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class MySession
- {
- // Creates a session
- function Create($id = NULL, $username = NULL, $password = NULL, $cookie = FALSE) {
- $_SESSION['id'] = $id;
- $_SESSION['username'] = $username;
- $_SESSION['password'] = md5($password);
- $_SESSION['sid'] = md5(rand(1,1000) . rand(1,100) . rand(1,10));
- $insert_session = "UPDATE `users`
- SET `session_id` = '".mysql_real_escape_string($_SESSION['sid'])."'
- WHERE `id` = '".mysql_real_escape_string($id)."';";
- mysql_query($insert_session) or die('Error: ' . mysql_error());
- // We create the cookie here
- if($cookie!=FALSE){
- $expire=time()+60*60*24*30;
- setcookie("id", $_SESSION['id'], "username", $_SESSION['username'], "password", $_SESSION['password'], "sid", $_SESSION['sid'], $expire);
- }
- // Done Creating a happy cookie
- }
- // Validates a session with the db
- function Validate($fail=FALSE) {
- if(isset($_SESSION['username'])) {
- $id = $_SESSION['id'];
- $username = $_SESSION['username'];
- $password = $_SESSION['password'];
- $sid = $_SESSION['sid'];
- } elseif(isset($_COOKIE['username'])) {
- $id = $_COOKIE['id'];
- $username = $_COOKIE['username'];
- $password = $_COOKIE['password'];
- $sid = $_COOKIE['sid'];
- }else {
- $fail=TRUE;
- }
- $sql = "SELECT *
- FROM `users`
- WHERE
- `username` = '".mysql_real_escape_string($username)."' AND
- `password` = '".mysql_real_escape_string($password)."' AND
- `session_id` = '".mysql_real_escape_string($sid)."' AND
- `ID` = '".mysql_real_escape_string($id)."' LIMIT 0,1;";
- $result = mysql_query($sql) or die('Error: ' . mysql_error());
- $count = mysql_num_rows($result);
- if($count==1 && $fail==FALSE) {
- return TRUE;
- }
- else {
- return FALSE;
- }
- }
- // Login the user
- function Login($username = NULL, $password = NULL) {
- $sql = "SELECT *
- FROM users
- WHERE `username` = '".mysql_real_escape_string($username)."'
- AND `password` = '".md5($password)."'
- LIMIT 0,1;";
- $sqlresult = mysql_query($sql) or die('Error: ' . mysql_error());
- $count = mysql_num_rows($sqlresult);
- $user_row = mysql_fetch_assoc($sqlresult);
- if($count==1) {
- return $user_row['ID'];
- }
- else {
- return FALSE;
- }
- }
- // Logout the user
- function Logout($id = NULL, $username = NULL, $password = NULL, $sid = NULL) {
- if(Validate()==TRUE) {
- $sql = "UPDATE `users`
- SET `session_id` = 'NULL'
- WHERE `ID` = 'ID';";
- mysql_query($sql);
- session_destroy();
- setcookie("id", "", "username", "", "password", "", "sid", "", time()-3600);
- return TRUE;
- } else {
- return FALSE;
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement