Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * Authentication class - G Data Auth
- */
- class Auth {
- private $_db, $_q;
- // Construct auth class and configure db.
- public function __construct($conf)
- {
- // New DB class instance and new MySQL connection.
- $this->_db = new DB(array
- (
- 'username' => $conf['database']['user'],
- 'password' => $conf['database']['passw'],
- 'server' => $conf['database']['server']
- 'port' => 3336,
- 'prefix' => null,
- );
- // Connection error.
- if (!$this->_db) return false;
- // Test for fetch permissions.
- $this->_q = $this->_db->fetch_single($conf['authd']['table'], '*', 'WHERE id = 0');
- if (!$this->_q) return false;
- }
- // Used for starting new session to auth actions in API - lasts for TTL ($conf['authd']).
- public function session_open($login, $password)
- {
- // First, shit cleanup.
- $_login = Enforcer::xss_clean($login);
- $_passw = md5(Enforcer::xss_clean($password));
- // ADD SALT TO THE BAKED CAKE!!!11111111111111
- $_passw = explode('a', $_passw);
- $i = 0;
- foreach ($_passw as $saltie)
- {
- $str .= $_passw[$i++].base64_encode($conf['authd']['salt']);
- }
- // Try authing.
- $this->_q = $this->_db->fetch_single($conf['authd']['table'], '*', 'WHERE username = \''.$_login.'\');
- if (!$this->_q) return false;
- // Looks like we got username fine, how about the password?
- $this->_q = $this->_db->fetch_single($conf['authd']['table'], '*', 'WHERE username ='\''.$_login.'\' AND WHERE password = \''.$_passw.'\'');
- if (!$this->_q) return false;
- // Successful auth, return random session ID and insert it to DB.
- $session = md5(sha1(base64_encode(rand(1000, 9000000000))));
- $this->_q = $this->_db->insert_row($conf['authd']['table'].'_sessions', array
- (
- 'username' => $_login,
- 'session' => $session,
- ));
- }
- // Checks if session exists.
- public function session_check($session)
- {
- $this->_q = $this->_db->check_if_exists($conf['authd']['table'].'_sessions', 'WHERE session = \''.$session.'\'');
- if (!$this->_q) return false;
- return true;
- }
- // Destroys session.
- public function session_destroy($session)
- {
- $this->_q = $this->_db->drop($conf['authd']['table'].'_sessions', 'WHERE session = \''.$session/'\'');
- if (!$this->_q) return false;
- return true;
- }
- // Destroy DB instance (and therefore, disconnect from DB)
- public function __destruct()
- {
- unset($this->_db);
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement