Untitled

<?php

    function process_doLogin($username, $password, $remember) {
        global $DBH;
        if(!$username || trim($username) == "") {
            messages_newError("You did not enter a username. A username must be entered.");
        }
        if(!eregi("^([0-9a-zA-Z])*$", $username)) {
            messages_newError("Your username is invalid. Usernames must be alphanumeric.");
        }
        if(!$password || trim($password) == "") {
            messages_newError("Your password is invalid. A password must be entered.");
        }
        if(messages_numErrors() == 0){
            $password = md5($password);
            $STH_userdetails = $DBH->prepare('SELECT * FROM users WHERE username = :username');
            $STH_userdetails->execute(array(':username' => $username));
            $STH_userdetailsres = $STH_userdetails->fetch(PDO::FETCH_OBJ);
            if($STH_userdetails->rowCount() == 0){
                messages_newError("The username '".$username."' could not be found in the database.");
            } else {
                if($password != $STH_userdetailsres->password){
                    messages_newError("An incorrect password was entered for user '".$username."'.");
                } else {
                    $_SESSION['userinfo'] = common_objectToArray($STH_userdetailsres);
                    $_SESSION['username'] = $_SESSION['userinfo']['username'];
                    messages_newSuccess("You've succesfully logged in. Enjoy your stay!");
                }
            }
        }
    }

    function process_generatePassword(){
        $chars = "abcdefghijkmnopqrstuvwxyz023456789";
        srand((double)microtime()*1000000);
        $i = 0;
        $pass = '' ;
        while ($i <= 7) {
            $num = rand() % 33;
            $tmp = substr($chars, $num, 1);
            $pass = $pass . $tmp;
            $i++;
        }
        return $pass;
    }

    function process_doLogout(){
        unset($_SESSION['userInfo']);
        unset($_SESSION['username']);
        messages_newSuccess("You've succesfully logged out. See you next time!");
    }

    function process_updateOnlineUsers(){
        global $DBH;
        $username = $_SESSION['username'];
        $ip = $_SERVER['REMOTE_ADDR'];
        $key = md5(uniqid(rand(), true));
        $timeout = time();
        //echo time();
        if($username){
            $STH_useronline = $DBH->prepare('SELECT username FROM users_online WHERE username = :username');
            $STH_useronline->execute(array(':username' => $username));
            if($STH_useronline->rowCount() == 0){
                $STH_updateonline = $DBH->prepare('INSERT INTO users_online (username,lastactive,ip,key,timeout) VALUES (:username,time(),:ip,:key,:timeout)');
                $STH_updateonline->execute(array(':username' => '$username', ':ip' => '$ip', ':key' => '$key', ':timeout' => '$timeout'));
            } else {
                mysql_query("UPDATE users_online SET timestamp = NOW() WHERE username = '$username'");
            }
        } else {
            try {
                $STH_insertonlineguest = $DBH->prepare('INSERT INTO users_online (username,lastactive,ip) VALUES (:username,:lastactive,:ip)');
            } catch(PDOException $e) {
                echo $e->getMessage();
            }
            $STH_insertonlineguest = $DBH->prepare('INSERT INTO users_online (username,lastactive,ip) VALUES (:username,:lastactive,:ip)');
            //$STH_insertonlineguest->execute(array(':username' => 'guest',':lastactive' => '1293039944',':ip' => $ip));
        }
    }

?>