Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class Login
- {
- private $_id;
- private $_username;
- private $_password;
- private $_passmd5;
- private $_errors;
- private $_access;
- private $_login;
- private $_token;
- public function __construct()
- {
- $this->_errors = [];
- $this->_login = isset($_POST['login']) ? 1 : 0;
- $this->_access = 0;
- $this->_token = (!isset($_POST['token']) ? '' : $_POST['token']);
- $this->_id = 0;
- $this->_username = ($this->_login) ? $this->filter($_POST['username']) : $_SESSION['username'];
- $this->_password = ($this->_login) ? $this->filter($_POST['password']) : '';
- $this->_passmd5 = ($this->_login) ? md5($this->_password) : $_SESSION['password'];
- }
- public function isLoggedIn()
- {
- ($this->_login) ? $this->verifyPost() : $this->verifySession();
- return $this->_access;
- }
- public function filter($var)
- {
- //Strips everything what isnt character or number
- return preg_replace('/[^a-zA-Z0-9]/', '', $var);
- }
- public function verifyPost()
- {
- try {
- if (!$this->isTokenValid()) {
- throw new Exception('Invalid form submission');
- }
- if (!$this->isDataValid()) {
- throw new Exception('Nepareizi dati');
- }
- if (!$this->verifyDatabase()) {
- throw new Exception('Nepareizs Lietotajvards/Parole');
- }
- $this->_access = 1;
- $this->registerSession();
- } catch (Exception $e) {
- $this->_errors[] = $e->getMessage();
- }
- }
- public function verifySession()
- {
- if ($this->sessionExist() && $this->verifyDatabase()) {
- $this->_access = 1;
- }
- }
- public function verifyDatabase()
- {
- $dsn = 'mysql:dbname=login;host=127.0.0.1';
- $user = 'root';
- $password = 'pass';
- $dbh = new PDO($dsn, $user, $password);
- $sth = $dbh->prepare('SELECT `userid` FROM user WHERE username = :username
- AND password = :password');
- $sth->execute([':username' => $this->_username,
- 'password' => $this->_passmd5]);
- $id = $sth->fetch(PDO::FETCH_ASSOC);
- if ($sth->rowCount()) {
- $this->_id = $id;
- return true;
- } else {
- return false;
- }
- }
- public function isDataValid()
- {
- return (preg_match('/^[a-zA-Z0-9]{5,12}$/', $this->_username) && preg_match('/^[a-zA-Z0-9]{5,12}$/', $this->_password)) ? 1 : 0;
- }
- public function isTokenValid()
- {
- return (!isset($_SESSION['token']) || $this->_token != $_SESSION['token']) ? 0 : 1;
- }
- public function registerSession()
- {
- $_SESSION['userid'] = $this->_id;
- $_SESSION['username'] = $this->_username;
- $_SESSION['password'] = $this->_passmd5;
- }
- public function sessionExist()
- {
- return (isset($_SESSION['username']) && isset($_SESSION['password']) ? 1 : 0);
- }
- public function showErrors()
- {
- echo '<h3>Errors</h3>';
- foreach ( $this->_errors as $key => $value) {
- echo $value;
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement