API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 21st, 2017
109
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.27 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3. * Authentication class - G Data Auth
  4. */
  5.  
  6. class Auth {
  7.  
  8. private $_db, $_q;
  9.  
  10. // Construct auth class and configure db.
  11. public function __construct($conf)
  12. {
  13. // New DB class instance and new MySQL connection.
  14. $this->_db = new DB(array
  15. (
  16. 'username' => $conf['database']['user'],
  17. 'password' => $conf['database']['passw'],
  18. 'server' => $conf['database']['server']
  19. 'port' => 3336,
  20. 'prefix' => null,
  21. );
  22.  
  23. // Connection error.
  24. if (!$this->_db) return false;
  25.  
  26. // Test for fetch permissions.
  27. $this->_q = $this->_db->fetch_single($conf['authd']['table'], '*', 'WHERE id = 0');
  28. if (!$this->_q) return false;
  29. }
  30.  
  31. // Used for starting new session to auth actions in API - lasts for TTL ($conf['authd']).
  32. public function session_open($login, $password)
  33. {
  34. // First, shit cleanup.
  35. $_login = Enforcer::xss_clean($login);
  36. $_passw = md5(Enforcer::xss_clean($password));
  37.  
  38. // ADD SALT TO THE BAKED CAKE!!!11111111111111
  39. $_passw = explode('a', $_passw);
  40. $i = 0;
  41. foreach ($_passw as $saltie)
  42. {
  43. $str .= $_passw[$i++].base64_encode($conf['authd']['salt']);
  44. }
  45.  
  46. // Try authing.
  47. $this->_q = $this->_db->fetch_single($conf['authd']['table'], '*', 'WHERE username = \''.$_login.'\');
  48. if (!$this->_q) return false;
  49.  
  50. // Looks like we got username fine, how about the password?
  51. $this->_q = $this->_db->fetch_single($conf['authd']['table'], '*', 'WHERE username ='\''.$_login.'\' AND WHERE password = \''.$_passw.'\'');
  52. if (!$this->_q) return false;
  53.  
  54. // Successful auth, return random session ID and insert it to DB.
  55. $session = md5(sha1(base64_encode(rand(1000, 9000000000))));
  56. $this->_q = $this->_db->insert_row($conf['authd']['table'].'_sessions', array
  57. (
  58. 'username' => $_login,
  59. 'session' => $session,
  60. ));
  61. }
  62.  
  63. // Checks if session exists.
  64. public function session_check($session)
  65. {
  66. $this->_q = $this->_db->check_if_exists($conf['authd']['table'].'_sessions', 'WHERE session = \''.$session.'\'');
  67. if (!$this->_q) return false;
  68.  
  69. return true;
  70. }
  71.  
  72. // Destroys session.
  73. public function session_destroy($session)
  74. {
  75. $this->_q = $this->_db->drop($conf['authd']['table'].'_sessions', 'WHERE session = \''.$session/'\'');
  76. if (!$this->_q) return false;
  77.  
  78. return true;
  79. }
  80.  
  81. // Destroy DB instance (and therefore, disconnect from DB)
  82. public function __destruct()
  83. {
  84. unset($this->_db);
  85. }
  86. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!