API tools faq
paste
Guest User

Untitled

a guest
Dec 7th, 2017
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 3.20 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.     /**
  4.     * @name PHP 5 Login Class
  5.     * @version 1.0
  6.     * @abstract PHP 5 Login Class with support for MySQL databases
  7.     **/
  8.  
  9.     /* Define connection details to the MySQL server */
  10.     define("DB_HOST", "localhost");
  11.     define("DB_NAME", "casemanagement");
  12.     define("DB_USER", "LoginWizard");
  13.     define("DB_PASS", "12345");
  14.        
  15.  
  16.     class Login {
  17.                
  18.         /* The username of a member */
  19.         private $myusername;
  20.        
  21.         /* The password of a member */
  22.         private $mypassword;   
  23.    
  24.         /* Runs when an instance of the class is created. It automatically connects to the MySQL server
  25.         and checks if the IP is not banned before contining
  26.         */
  27.         public function __construct() {
  28.             session_start();
  29.             $this->connectToMySQL();       
  30.             if(!isset($_SESSION['auth'])){
  31.                 $_SESSION['auth'] = 0;
  32.             }      
  33.         }
  34.    
  35.         /* Return the username of a member*/
  36.         public function getUsername() {
  37.             return $this->myusername;
  38.         }
  39.    
  40.         /* Return the plain text password of a member */
  41.         public function getPassword() {
  42.             return $this->mypassword;
  43.         }
  44.            
  45.         /* Return the encrypted password of a member */
  46.         public function getEncryptedPassword() {
  47.             return sha1($this->mypassword);
  48.         }  
  49.        
  50.         /* Get a member's IP Address */
  51.         public function getUserIP() {
  52.             return $_SERVER['REMOTE_ADDR'];
  53.         }
  54.    
  55.         /* Connection to a MySQL database using the defined connection details */
  56.         public function connectToMySQL() { 
  57.             @mysql_connect(DB_HOST, DB_USER, DB_PASS)or die("Cannot connect to Database");
  58.             mysql_select_db(DB_NAME) OR die("Cannot select database!");
  59.         }
  60.    
  61.         /* Validate a member login from data in a MySQL Database. */
  62.         public function verifyLogin($myusername, $mypassword) {
  63.             $this->myusername = $myusername;
  64.             $this->mypassword = $mypassword;
  65.             if(empty($myusername) || empty($mypassword)) {
  66.                 header("Location: authfail.php");
  67.             }  
  68.             else {
  69.                
  70.                 $query = "SELECT * FROM cmt_user WHERE username='$myusername' and password='$mypassword'";                                         
  71.                         $this->clean($myusername);
  72.                         $this->clean($mypassword);
  73.                            
  74.             $result = mysql_query($query) OR die('Cannot perform query!'); 
  75.            
  76.                 if (mysql_num_rows($result) == 1) {    
  77.                     $this->sessionVerify();
  78.                     $_SESSION['myusername']=$myusername;
  79.                     header("Location: login_success.php");
  80.                 }
  81.                 else {
  82.                     session_destroy();
  83.                     header("Location: authfail.php");
  84.                 }
  85.             }  
  86.             mysql_free_result($result);        
  87.         }
  88.    
  89.        
  90.         /* Verify the session login.
  91.         Used for protected pages on your website
  92.         */
  93.         public function sessionVerify() {  
  94.             session_regenerate_id();
  95.             $_SESSION['auth'] = 1;
  96.             $_SESSION['name'] = $this->myusername;
  97.             $user = md5($_SERVER['HTTP_USER_AGENT']. $_SERVER['REMOTE_ADDR']);
  98.             $_SESSION['user_details']=$user;
  99.             $user= 0;
  100.            
  101.         }
  102.         /* Checks if the Session data is correct before continuing
  103.         the script */
  104.         public function verifyAccess() {
  105.             $user = md5($_SERVER['HTTP_USER_AGENT']. $_SERVER['REMOTE_ADDR']);
  106.             if(isset($_SESSION['name']) && $_SESSION['auth'] == 1 && $_SESSION['user_details'] == $user) {
  107.                 return true;
  108.             }
  109.             header("Location: login.php");
  110.             exit;
  111.         }
  112.    
  113.         /* Escape the input */
  114.         public function clean($input) {
  115.             return mysql_real_escape_string($input);
  116.         }  
  117.     }
  118. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!