Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- date_default_timezone_set('Europe/London');
- $debug = false;// false for live website
- $contact_email = "rhyslaval@gmail.com";
- # **************************** #
- # ***** ERROR MANAGEMENT ***** #
- // Create the error handler.
- function my_error_handler ($e_number, $e_message, $e_file, $e_line, $e_vars) {
- global $debug, $contact_email;
- // Build the error message.
- $message = "An error occurred in script '$e_file' on line $e_line: \n<br />$e_message\n<br />";
- // Add the date and time.
- $message .= "Date/Time: " . date('n-j-Y H:i:s') . "\n<br />";
- // Append $e_vars to the $message.
- $message .= "<pre>" . print_r ($e_vars, 1) . "</pre>\n<br />";
- if ($debug) { // Show the error.
- echo '<p class="error">' . $message . '</p>';
- } else {
- // Log the error:
- error_log ($message, 1, $contact_email); // Send email.
- // Only print an error message if the error isn't a notice or strict.
- if ( ($e_number != E_NOTICE) && ($e_number < 2048)) {
- echo '<p class="error">A system error occurred. We apologize for the inconvenience.</p>';
- }
- } // End of $debug IF.
- } // End of my_error_handler() definition.
- // Use my error handler:
- set_error_handler ('my_error_handler');
- # **************************** #
- # ***** MYSQL CONNECTION ***** #
- $mysql_hostname = ("mysql-50.int.mythic-beasts.com");
- $mysql_database = ("rhyslaval2");
- $mysql_username = ("rhyslaval2");
- $mysql_password = ("");
- @mysql_connect($mysql_hostname, $mysql_username, $mysql_password)
- or exit("MySQL Connection Error");
- @mysql_selectdb($mysql_database)
- or exit("MySQL Database Selection Error, please check your details!");
- function generate_salt()
- {
- // Declare $salt
- $salt = '';
- // And create it with random chars
- for ($i = 0; $i < 3; $i++)
- {
- $salt .= chr(rand(40, 126));
- }
- return $salt;
- }
- function user_register($username, $password)
- {
- // Get a salt using our function
- $salt = generate_salt();
- // Now encrypt the password using that salt
- $encrypted = md5(md5($password).$salt);
- // And lastly, store the information in the database
- $query = "INSERT INTO `bombay_customers` (`user-name`, `password`, `salt`) VALUES ('$username', '$encrypted', '$salt')";
- mysql_query ($query) or die ("Could not create user.{$query}");
- }
- function user_logout()
- {
- // End the session and unset all vars
- session_unset ();
- session_destroy ();
- }
- function is_authed()
- {
- // Check if the encrypted username is the same
- // as the unencrypted one, if it is, it hasn't been changed
- if (isset($_SESSION['username']) && isset($_SESSION['encrypted_name']) && (md5($_SESSION['username']) == $_SESSION['encrypted_name']))
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- function user_login($username, $password)
- {
- // Try and get the salt from the database using the username
- $query = "SELECT `salt` FROM `bombay_customers` WHERE `user-name`='$username' LIMIT 1";
- $result = mysql_query($query);
- if (mysql_num_rows($result) > 0)
- {
- // Get the user
- $user = mysql_fetch_array($result);
- // Using the salt, encrypt the given password to see if it
- // matches the one in the database
- $encrypted_pass = md5(md5($password).$user['salt']);
- // Try and get the user using the username & encrypted pass
- $query = "SELECT `id`, `user-name` FROM `bombay_customers` WHERE `user-name`='$username' AND `password`='$encrypted_pass'";
- $result = mysql_query($query);
- if (mysql_num_rows($result) > 0)
- {
- $user = mysql_fetch_array($result);
- // Now encrypt the data to be stored in the session
- $encrypted_id = md5($user['id']);
- $encrypted_name = md5($user['user-name']);
- // Store the data in the session
- $_SESSION['userid'] = $user['id'];
- $_SESSION['username'] = $user['user-name'];
- $_SESSION['encrypted_id'] = $encrypted_id;
- $_SESSION['encrypted_name'] = $encrypted_name;
- // Return ok code
- return true;
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
- ?>
Add Comment
Please, Sign In to add comment