Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Admin Class
- class Admin {
- private $id;
- private $forename;
- private $surname;
- private $avatar;
- private $email;
- private $password;
- private $password_salt;
- private $session_id;
- private $created;
- private $modified;
- private $last_login;
- private $active;
- private $core;
- function __construct($core, $id = false)
- {
- $this->core = $core;
- if( $id !== false)
- {
- $sql = $this->core->db->prepare (' SELECT * FROM tbl_admins WHERE user_id = :id LIMIT 1');
- if( $sql->execute(array(':id' => $id)) )
- {
- if( $sql->rowCount() < 1 )
- {
- throw new Exception( 'Specified Admin ID does not exist.' );
- }
- else
- {
- $admin = $sql->fetchObject();
- $this->id = $admin->admin_id;
- $this->forename = $admin->admin_forname;
- $this->surname = $admin->admin_surname;
- $this->avatar = $admin->admin_avatar;
- $this->email = $admin->admin_email;
- $this->password = $admin->admin_password;
- $this->password_salt = $admin->admin_password_salt;
- $this->session_id = $admin->admin_session_id;
- $this->created = strtotime($admin->admin_created);
- $this->modified = strtotime($admin->admin_modified);
- $this->last_login = strtotime($admin->admin_last_login);
- $this->active = $admin->admin_active;
- }
- }
- else
- {
- throw new Exception( 'There was a problem running the SQL query.' );
- }
- }
- }
- // Magic Getter
- function get_id() { return $this->id; }
- // Magic Setter
- function __set( $property, $value )
- {
- if (property_exists($this, $property) )
- {
- $this->$property = $value;
- $this->updateProp ($this, $value);
- return $this;
- }
- }
- // Function to fetch the currently logged in admin user:
- public function current()
- {
- // If the cookie is set and it's not empty, set the session_id() using it:
- if( !empty($_COOKIE[$this->core->settings->cookie_login_name]) )
- {
- session_id( $_COOKIE[$this->core->settings->cookie_login_name] );
- }
- // Now look them up in the login DB:
- $sql = $this->core->db->prepare( 'SELECT admin_id AS id FROM tbl_admins WHERE session_id = :sessid LIMIT 1' );
- $sql->execute(array(':sessid' => session_id()));
- // If the count is greater than one:
- if( $sql->rowCount() > 0 )
- {
- $admin = $sql->fetchObject();
- // Now return a new user object:
- return new self( $this->core, $admin->id );
- }
- // No logged in user found, return false:
- return false;
- }
- // Function to log a admin user in:
- public function login( $email, $password, $remember = false )
- {
- // First check if the admin exists:
- $sql = $this->core->db->prepare( 'SELECT admin_id AS id, admin_password AS password, admin_password_salt AS password_salt FROM tbl_admins WHERE admin_email = :email LIMIT 1' );
- if( $sql->execute(array(':email' => $email)) )
- {
- if( $sql->rowCount() < 1 )
- {
- throw new Exception( 'Specified email could not be found.' );
- }
- else
- {
- $adminObj = $sql->fetchObject();
- $adminUser = new self( $this->core, $adminObj->id );
- // Check the password:
- if( !$adminUser->checkPassword($password) )
- {
- throw new Exception( 'The specified password is incorrect.' );
- }
- // Their password is OK, so we need to log them in:
- else
- {
- $ins = $this->core->db->prepare( 'INSERT INTO tbl_admins_log (log_id, log_admin_id, log_date, log_description)
- VALUES (:lid, :adminid, :logdate, :desc)' );
- if( $ins->execute(array(':adminid' => $adminUser->id, ':lid' => session_id(), ':logdate' => date('Y-m-d H:i:s'))) )
- {
- // Now we need to set the cookie (if they wish to be remembered):
- if( $remember )
- {
- setcookie( $this->core->settings->cookie_login_name, session_id(), (time() + 7776000), '/');
- }
- // Everything's okay, so we need to now return the logged in user:
- return $adminUser;
- }
- else
- {
- throw new Exception( 'There was a problem logging you in. Please try again.' );
- }
- }
- }
- }
- else
- {
- throw new Exception( 'Database error.' );
- }
- return false;
- }
- // Log the user out:
- public function logout()
- {
- if( !$this->current() )
- {
- return false;
- }
- // Now destroy their session, delete the record from the DB and so on:
- setcookie( $this->core->settings->cookie_login_name, '', (time() - 30000) );
- // Delete anything from the DB:
- $del = $this->core->db->prepare( 'DELETE FROM tbl_admins WHERE admin_id = :id AND admin_session_id = :sessid' );
- if( $del->execute(array(':id' => $this->id, ':sessid' => session_id())) )
- {
- return session_destroy();
- }
- return false;
- }
- // Function to update a user's property value in the DB:
- public function updateProp( $field, $value )
- {
- $sql = $this->core->db->prepare( 'UPDATE tbl_admins SET admin_'.$field.' = :val WHERE admin_id = :id LIMIT 1' );
- return $sql->execute(array(':val' => $value, ':id' => $this->id));
- }
- // Check a user's password:
- public function checkPassword( $password )
- {
- return ( $this->password == $this->_encryptPassword($password) );
- }
- // Function to encrypt a user's password with their salt:
- private function _encryptPassword( $password, $salt = '' )
- {
- $theSalt = (empty($salt)) ? $this->password_salt : $salt;
- return hash( 'sha256', $password.$theSalt );
- }
- //public function current()
- //{
- //
- // // if the cookie is set and it's not empty, set the session id() using it:
- // if( !empty($_COOKIE[$this->core->settings->cookie_login_name]) )
- // {
- // session_id( $_COOKIE[$this->core->settings->cookie_login_name] );
- // }
- //
- // // Now we look them up win the login DB:
- // $sql = $this->core->db->prepare( 'SELECT log_admin_id AS id FROM tbl_admins_log WHERE log_id ' );
- //}
- } // End Class
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement