Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class Login
- {
- private $_id;
- private $_username;
- private $_password;
- private $_passmd5;
- private $_errors;
- private $_access
- private $_login
- private $_token
- public function _construct()
- {
- $this->_errors = array(); //empty array to carry error messages
- $this->_login = isset($_POST['login'])? 1 : 0; //login indicater, if login button is clicked = true else false
- $this->_acess = 0; //access area, level of access 0 by default
- $this->_token = $_POST['token']; //assigned form token
- $this->_id = 0; //id, default is 0
- $this->_username = ($this->_login)? $this->filter($_POST['username']) : $_SESSION['username']; // has users submitted form? filter out post username variable and assigne to username
- $this->_password = ($this->_login)? $this->filter($_POST['password']) : ''; // contains original password text, needed for validation
- $this->_passmd5 = ($this->_login)? md5($this->_password) : $_SESSION['password']; //contains password in encrypted password
- //all rely on form being submitted
- }
- public function isLoggedIn()
- {
- ($this->_login)? $this->verifyPost() : $this->verifySession(); //verify's post data and session
- return $this->_access; //checks access level
- }
- public function filter()
- {
- return preg_replace('/[a-zA-Z0-9]/','',$var); //filters bad chars
- }
- public function verifyPost()
- {
- try
- {
- if(!$this->isTokenValid())
- throw new Exeption('Invalid Form Submission');
- if(!$this->isDataValid())
- throw new Exception('Invalid Form Data');
- if(!$this->verifyDatabase());
- throw new Exception('Invalid Username or Password');
- $this->_acess = 1;
- $this->registerSession();
- }
- }
- catch (Exception $e)
- {
- $this->_erorrs[] = $e->getMessage();
- }
- public funtcion verifySession()
- {
- if($this->sessionExist() && $this->verifyDatabase();
- }
- public function verifyDatabase()
- {
- //Database Connection Info
- mysql_connect("db_location", "username", "password") or die("Could not connect to database");
- mysql_select_db("db_name") or die("Could not select databse");
- $data = mysql_query("SELECT IF FROM tablename WHERE username = '($this->_username)' AND password = '($this->_passmd5'");
- if(mysql_num_rows($data))
- {
- list($this->_id) = @array_values(mysql_fetch_assoc($data));
- return true;
- }
- else
- {
- return false;
- }
- }
- public function isDataValid()
- {
- return(preg_match('/^[a-zA-Z0-9)(5,12)$/',$this->_username) && (preg_match('/^[a-zA-Z0-9)(5,12)$/',$this->_password))? 1 : 0;
- }
- public function isTokenValid()
- {
- return (!isset($_SESSION['token']) || $this->_token != $_SESSION['token'])? 0 : 1;
- }
- public function registerSession()
- {
- $_SESSION['ID'] = $this->_id;
- $_SESSION['username'] = $this->_username;
- $_SESSION['password'] = $this->_passmd5;
- }
- public function sessionExist()
- {
- return(isset($_SESSION['username']) && isset(['password']))? 1 : 0;
- public function showErrors()
- {
- echo "<h3>Errors></h3>";
- foreach($this->_errors as $key=>$value)
- echo $value."<br>";
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement