Advertisement
Guest User

Untitled

a guest
Jul 5th, 2016
78
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.81 KB | None | 0 0
  1. <?php
  2. class User {
  3. public $authorized = false;
  4. public $uid;
  5. public $username;
  6.  
  7.  
  8. public function __construct() {
  9. $this->db = new PDO($dsn, $db_user, $db_pass);
  10. $this->db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_OBJ);
  11.  
  12. if (isset($_SESSION['uid'])) {
  13. $this->authorized = true;
  14. $this->uid = $_SESSION['uid'];
  15. $this->username = $_SESSION['username'];
  16. } else if (isset($_POST['reset'])) {
  17. $user = $_POST['reset'];
  18. $this->reset($user);
  19. } else if (isset($_POST['username']) && isset($_POST['password'])) {
  20. $user = $_POST['username'];
  21. $pass = $_POST['password'];
  22. $this->login($user, $pass);
  23. }
  24. }
  25.  
  26.  
  27. private function login($user, $pass) {
  28. $st = $this->db->prepare('SELECT `uid`, `username`, `password`
  29. FROM users
  30. WHERE username = :u');
  31. $st->execute(array(':u' => $user));
  32. $row = $st->fetch();
  33.  
  34. if ($row && $row->password == sha1($pass)) {
  35. $this->authorized = true;
  36.  
  37. $this->uid = $row->uid;
  38. $_SESSION['uid'] = $this->uid;
  39.  
  40. $this->username = $row->username;
  41. $_SESSION['username'] = $this->username;
  42.  
  43. return true;
  44. } else {
  45. return false;
  46. }
  47. }
  48.  
  49.  
  50. private function reset($user) {
  51. $st = $this->db->prepare('SELECT `uid`, `username`, `email`
  52. FROM users
  53. WHERE username = :u');
  54. $st->execute(array(':u' => $user));
  55. $row = $st->fetch();
  56.  
  57. if ($row) {
  58. $token = $this->generateRequest();
  59.  
  60. $st = $this->db->prepare('UPDATE users SET `reset` = :reset, password = 0 WHERE uid = :uid LIMIT 1');
  61. $status = $st->execute(array(':uid' => $row->uid, ':reset' => $token));
  62.  
  63. $body = "We received a request for your account details.<br/><br/>Username: {$row->username}<br/>To reset your password, click on this link: <a href='http://www.example.org/?reset={$token}'>http://www.example.org/?reset={$token}/a>";
  64.  
  65. $to = $row->email;
  66. $subject = 'Password request';
  67. $from = 'no-reply@example.org';
  68.  
  69. // To send HTML mail, the Content-type header must be set
  70. $headers = 'MIME-Version: 1.0' . "rn";
  71. $headers .= 'Content-type: text/html; charset=iso-8859-1' . "rn";
  72.  
  73. // Create email headers
  74. $headers .= 'From: '.$from."rn".
  75. 'Reply-To: '.$from."rn";
  76.  
  77. mail($to, $subject, $body, $headers);
  78. }
  79. }
  80.  
  81. private function generateRequest() {
  82. $token = md5(openssl_random_pseudo_bytes(32));
  83. return $token;
  84. }
  85.  
  86. }
  87. ?>
  88.  
  89. <?php
  90. session_start();
  91.  
  92. require('class.user.php');
  93. $user = new User();
  94.  
  95. ?>
  96.  
  97. <!doctype html>
  98.  
  99. <html lang="en">
  100. <head>
  101. <meta charset="utf-8">
  102. <title>Login</title>
  103.  
  104. <link rel="stylesheet" href="styles.css">
  105. </head>
  106.  
  107. <body>
  108. <?php
  109. if ($user->authorized):
  110. ?>
  111. Welcome, <?=$user->username;?>!
  112. <?php
  113. elseif (isset($_GET['forgot'])):
  114. ?>
  115. <div class="module form-module">
  116. <div class="form">
  117. <h2>Reset password</h2>
  118. <?php if (isset($_POST['reset'])): ?>
  119. <div class="success">Email sent</div>
  120. <?php endif; ?>
  121. <form method="POST">
  122. <input type="text" name="reset" placeholder="Username"/>
  123. <button>Reset</button>
  124. </form>
  125. </div>
  126. <div class="cta"><a href="./">Login</a></div>
  127. </div>
  128. <?php
  129. else:
  130. ?>
  131. <div class="module form-module">
  132. <div class="form">
  133. <h2>Login to your account</h2>
  134. <?php if (isset($_POST['username']) && isset($_POST['password'])): ?>
  135. <div class="error">Invalid login</div>
  136. <?php endif; ?>
  137. <form method="POST">
  138. <input type="text" name="username" placeholder="Username"/>
  139. <input type="password" name="password" placeholder="Password"/>
  140. <button>Login</button>
  141. </form>
  142. </div>
  143. <div class="cta"><a href="?forgot">Forgot your password?</a></div>
  144. </div>
  145. <?php
  146. endif;
  147. ?>
  148. </body>
  149. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement