Untitled

class login
{

	function __construct($user, $pass){
		$this->login($user, $pass);
	}


	function login($user, $pass){

	//connect to mysql
	$mysqli = connect();

		//password protection i.e. salting
		$pass = $this->hash_n_salt($pass, $user);

		//protect me and the database
		$user = $mysqli->real_escape_string($user);
		$pass = $mysqli->real_escape_string($pass);


		$sql = "SELECT `username`, `rank`, `language` FROM ".USERS_TABLE." WHERE `username` = '".$user."' AND `password` = '".$pass."' LIMIT 1";
		$r = $mysqli->query($sql);

		if($r->num_rows > 0){
			//login successful
			header("Location: welcome.php");
			exit;
		}else{
			//login failed
			echo "you is n00bz! i 133t! moahaha";
			exit;
		}
	}

	function hash_n_salt($pass, $user, $method = 'sha1'){

		$pass = utf8_encode($pass);
		$user = utf8_encode($user);

		//static salt
		$salt_stat = range('a', 'z');
		$salt_stat .= strtoupper($salt_stat);
		$salt_stat .= range(0, 284); //helt random nummer :P

		//dynamic salt
		$salt_dyn = strtolower($pass).strtolower($user);
		$salt_dyn .= strtoupper($user.$salt_dyn).strtoupper($pass);
		$salt_dyn .= substr($pass.$salt_dyn, round(ord($pass)/2));
		$salt_dyn .= sha1($salt_dyn);

		$new_pass = '';

		if($method == 'sha1')
		$new_pass = sha1($salt_stat.$pass.$salt_dyn.$user);
		else
		$new_pass = md5($salt_stat.$pass.$salt_dyn.$user);

		return $new_pass;
	}
// job done, close class
}