API tools faq
paste
Guest User

Untitled

a guest
Jul 7th, 2018
101
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.84 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. Error_reporting(E_ALL);
  3. class Session {
  4.  
  5. public $mysql;
  6. private $db_host = 'localhost';
  7. private $db_username = 'cody';
  8. private $db_password = 'aSuSsyc9nMf7';
  9. private $db_name = 'cody_AdminCMS';
  10.  
  11. function __construct(){
  12. $this->mysql = new mysqli($this->db_host, $this->db_username, $this->db_password, $this->db_name) or die('error');
  13. }
  14.  
  15. function VaildateUser($username, $password){
  16.  
  17. $verifyUser = $this->CheckUserAndPass($username, md5($password));
  18.  
  19. if($verifyUser){
  20. $_SESSION['username'] = $username;
  21. $_SESSION['registered'] = 'true';
  22. header('Location: index.php');
  23. }
  24. else{
  25. echo "<div class='error'>Invaild Username and/or Password</div>";
  26. }
  27. }
  28.  
  29. function CheckUserAndPass($username, $password){
  30.  
  31. $query = "SELECT *
  32. FROM users
  33. WHERE username = ?
  34. AND password = ?
  35. LIMIT 1";
  36.  
  37. if($result = $this->mysql->prepare($query)){
  38. $result->bind_param('ss', $username, $password);
  39. $result->execute();//Run above function
  40.  
  41. if($result->fetch()){
  42. $result->close();//Close
  43. return true;
  44. }//End iF
  45.  
  46. }// End iF
  47.  
  48. }//End Fucntion
  49.  
  50. function VerifyUser(){
  51. session_start();
  52. if($_SESSION['registered'] = 'true'){
  53. echo '<div class="success">You are now logged in!</div>';
  54. }
  55. else{
  56. header('Location: login.php');
  57. }
  58. }
  59.  
  60. function has_permission($var) {
  61. $username = $_SESSION['username'];
  62. $sql = "SELECT id, username, permission_type FROM users WHERE username='$username' LIMIT 1";
  63. $result = mysql_query($sql);
  64. $load = mysql_fetch_row($result);
  65. mysql_free_result($result);
  66. $type = $load[2];
  67. if ($type == 'group') {
  68. $user_id = $load[0];
  69. $sql = "SELECT group_id, user_id FROM groupusers WHERE user_id='$user_id'";
  70. $result = mysql_query($sql);
  71. while($load=mysql_fetch_assoc($result)) {
  72. $group_id = $load['group_id'];
  73. $sql2 = "SELECT * FROM groups WHERE group_id='$group_id' LIMIT 1";
  74. $result2 = mysql_query($sql2) or die(mysql_error());
  75. $load2 = mysql_fetch_assoc($result2);
  76. $data = $load2[$permission];
  77. if ($data == 1) {
  78. $return = true;
  79. break;
  80. }
  81. else {
  82. $return = false;
  83. }
  84. }
  85. return $return;
  86. }
  87. else {
  88. $sql = "SELECT * FROM users WHERE username='username' LIMIT 1";
  89. $result = mysql_query($sql);
  90. $load = mysql_fetch_assoc($result);
  91. $permission = "PERM_" . $var;
  92. $data = $load[$permission];
  93. if ($data == 1) {
  94. return true;
  95. }
  96. else {
  97. return false;
  98. }
  99. }
  100. }
  101.  
  102. function userInfo($info){
  103. $username = $_SESSION['username'];
  104. $sql = "SELECT '$info' FROM information WHERE username = '$username' LIMIT 1";
  105.  
  106. $results = $this->mysql->query($sql) or die(mysql_error());
  107.  
  108. if($results->num_rows){
  109. while($row = $results->fetch_object()){
  110.  
  111. return $row;
  112.  
  113. }
  114. }
  115. }
  116. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!