Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- *
- * @author James Freeman
- * @cofounder Chris Ball
- * @projectName somethingyouwanttosaybutcant
- *
- */
- class User
- {
- public $loggedIn = false;
- public function __construct()
- {
- $this->_checkForSessions();
- if( $this->loggedIn )
- {
- $this->_cacheData();
- }
- }
- public function encrypt( $str )
- {
- global $config;
- $i = 0;
- foreach( $config['settings']['encrypt']['algorithm'] as $algo )
- {
- $str = $algo( $str . $config['settings']['encrypt']['salt' . ( $i % 2 ? 2 : 1 )] );
- ++$i;
- }
- return $str;
- }
- public function login( $userName = '', $passWord = '' )
- {
- if( !$userName || !$passWord ) return 'All fields are required';
- $query = MySQL::newQuery()->query('SELECT id FROM {prefix}users WHERE username = ? AND password = ? LIMIT 1;')
- ->bind('ss', $userName, $this->encrypt( $passWord ) );
- if( $query->count() > 0 )
- {
- $this->id = $query->fetch();
- $query = MySQL::newQuery()
- ->Query('SELECT ban_reason, ban_expiry FROM {prefix}bans WHERE user_id = ? AND (UNIX_TIMESTAMP - ban_expiry) > 0 LIMIT 1;')
- ->bind('i', $this->id );
- $data = $query->fetch();
- if( $query->count() > 0 )
- {
- return 'You are banned until ' . date( 'd/m/Y H:i', $data[1] . 'because ' . $data[0] );
- }
- $this->_createSession();
- header('Location: /');
- }
- else
- {
- return 'Please enter a valid username and password.';
- }
- }
- protected function _createSession()
- {
- MySQL::newQuery()->query('DELETE FROM {prefix}sessions WHERE id_user = ?;')->bind('i', $this->id)->execute();
- MySQL::newQuery()
- ->query('INSERT INTO {prefix}sessions(id_user, id_session, secKey, `timeout`)values(?, ?, ?, UNIX_TIMESTAMP + 600);')
- ->bind('iss', $this->id, $this->encrypt( session_id( ) ), $this->encrypt( $_SERVER['HTTP_USER_AGENT'] ) )
- ->execute();
- }
- protected function _checkForSessions()
- {
- $query = mySQL::newQuery()
- ->Query('
- SELECT
- id_user
- FROM
- {prefix}sessions
- WHERE
- id_session = ?
- AND
- (`timeout` - UNIX_TIMESTAMP() ) > 0
- AND
- secKey = ?
- LIMIT 1;
- ' )
- ->bind( 'ss', $this->encrypt( session_id() ), $this->encrypt( $_SERVER['HTTP_USER_AGENT'] ) );
- if( $query->count() < 1 )
- {
- return;
- }
- $this->id = $query->fetch();
- $this->loggedIn = true;
- return;
- }
- protected function _cacheData()
- {
- $query = mySQL::newQuery()->Query('SELECT * FROM {prefix}users WHERE id = ? LIMIT 1;' )
- ->bind( 'i', $this->id );
- foreach( $query->fetch() as $key => $value )
- {
- $this->data[ $key ] = $value;
- }
- $this->data['permissions'] != null ? unserialize( $this->data['permissions'] ) : '';
- }
- }
Add Comment
Please, Sign In to add comment