Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- Error_reporting(E_ALL);
- class Session {
- public $mysql;
- private $db_host = 'localhost';
- private $db_username = 'cody';
- private $db_password = 'aSuSsyc9nMf7';
- private $db_name = 'cody_AdminCMS';
- function __construct(){
- $this->mysql = new mysqli($this->db_host, $this->db_username, $this->db_password, $this->db_name) or die('error');
- }
- function VaildateUser($username, $password){
- $verifyUser = $this->CheckUserAndPass($username, md5($password));
- if($verifyUser){
- $_SESSION['username'] = $username;
- $_SESSION['registered'] = 'true';
- header('Location: index.php');
- }
- else{
- echo "<div class='error'>Invaild Username and/or Password</div>";
- }
- }
- function CheckUserAndPass($username, $password){
- $query = "SELECT *
- FROM users
- WHERE username = ?
- AND password = ?
- LIMIT 1";
- if($result = $this->mysql->prepare($query)){
- $result->bind_param('ss', $username, $password);
- $result->execute();//Run above function
- if($result->fetch()){
- $result->close();//Close
- return true;
- }//End iF
- }// End iF
- }//End Fucntion
- function VerifyUser(){
- session_start();
- if($_SESSION['registered'] = 'true'){
- echo '<div class="success">You are now logged in!</div>';
- }
- else{
- header('Location: login.php');
- }
- }
- function has_permission($var) {
- $username = $_SESSION['username'];
- $sql = "SELECT id, username, permission_type FROM users WHERE username='$username' LIMIT 1";
- $result = mysql_query($sql);
- $load = mysql_fetch_row($result);
- mysql_free_result($result);
- $type = $load[2];
- if ($type == 'group') {
- $user_id = $load[0];
- $sql = "SELECT group_id, user_id FROM groupusers WHERE user_id='$user_id'";
- $result = mysql_query($sql);
- while($load=mysql_fetch_assoc($result)) {
- $group_id = $load['group_id'];
- $sql2 = "SELECT * FROM groups WHERE group_id='$group_id' LIMIT 1";
- $result2 = mysql_query($sql2) or die(mysql_error());
- $load2 = mysql_fetch_assoc($result2);
- $data = $load2[$permission];
- if ($data == 1) {
- $return = true;
- break;
- }
- else {
- $return = false;
- }
- }
- return $return;
- }
- else {
- $sql = "SELECT * FROM users WHERE username='username' LIMIT 1";
- $result = mysql_query($sql);
- $load = mysql_fetch_assoc($result);
- $permission = "PERM_" . $var;
- $data = $load[$permission];
- if ($data == 1) {
- return true;
- }
- else {
- return false;
- }
- }
- }
- function userInfo($info){
- $username = $_SESSION['username'];
- $sql = "SELECT '$info' FROM information WHERE username = '$username' LIMIT 1";
- $results = $this->mysql->query($sql) or die(mysql_error());
- if($results->num_rows){
- while($row = $results->fetch_object()){
- return $row;
- }
- }
- }
- }
Add Comment
Please, Sign In to add comment