<?phpclass Login{ private $_id; private $_username; private $_pas

1. <?php
2.  
3. class Login
4. {
5.   private $_id;
6.   private $_username;
7.   private $_password;
8.   private $_passmd5;
9.  
10.   private $_errors;
11.   private $_access;
12.   private $_login;
13.   private $_token;
14.  
15.   public function __construct()
16.   {
17.     $this->_errors = array();
18.     $this->_login  = isset($_POST['login'])? 1 : 0;
19.     $this->_access = 0;
20.     $this->_token  = $_POST['token'];
21.  
22.     $this->_id       = 0;
23.     $this->_username = ($this->_login)? $this->filter($_POST['username']) : $_SESSION['username'];
24.     $this->_password = ($this->_login)? $this->filter($_POST['password']) : '';
25.     $this->_passmd5  = ($this->_login)? md5($this->_password) : $_SESSION['password'];
26.   }
27.  
28.   public function isLoggedIn()
29.   {
30.     ($this->_login)? $this->verifyPost() : $this->verifySession();
31.  
32.     return $this->_access;
33.   }
34.  
35.   public function filter($var)
36.   {
37.     return preg_replace('/[^a-zA-Z0-9]/','',$var);
38.   }
39.  
40.   public function verifyPost()
41.   {
42.     try
43.     {
44.       if(!$this->isTokenValid())
45.          throw new Exception("Error: Invalid Form Submission");
46.  
47.       if(!$this->isDataValid())
48.          throw new Exception('Error: Invalid Form Data');
49.  
50.       if(!$this->verifyDatabase())
51.          throw new Exception('Error: Invalid Username/Password');
52.  
53.     $this->_access = 1;
54.     $this->registerSession();
55.     }
56.     catch(Exception $e)
57.     {
58.       $this->_errors[] = $e->getMessage();
59.     }
60.   }
61.  
62.   public function verifySession()
63.   {
64.     if($this->sessionExist() && $this->verifyDatabase())
65.        $this->_access = 1;
66.   }
67.  
68.   public function verifyDatabase()
69.   {
70.     //Database Connection Data
71.     mysql_connect("localhost", "kennych_kennych", "Stu6_4^T(%5i") or die(mysql_error());
72.     mysql_select_db("kennych_register") or die(mysql_error());
73.  
74.     $data = mysql_query("SELECT ID FROM users WHERE username = '{$this->_username}' AND password = '{$this->_passmd5}'");
75.  
76.     if(mysql_num_rows($data))
77.       {
78.         list($this->_id) = @array_values(mysql_fetch_assoc($data));
79.         return true;
80.       }
81.     else
82.       { return false; }
83.   }
84.  
85.   public function isDataValid()
86.   {
87.     return (preg_match('/^[a-zA-Z0-9]{5,12}$/',$this->_username) && preg_match('/^[a-zA-Z0-9]{5,12}$/',$this->_password))? 1 : 0;
88.   }
89.  
90.   public function isTokenValid()
91.   {
92.     return (!isset($_SESSION['token']) || $this->_token != $_SESSION['token'])? 0 : 1;
93.   }
94.  
95.   public function registerSession()
96.   {
97.     $_SESSION['ID'] = $this->_id;
98.     $_SESSION['username'] = $this->_username;
99.     $_SESSION['password'] = $this->_passmd5;
100.   }
101.  
102.   public function sessionExist()
103.   {
104.     return (isset($_SESSION['username']) && isset($_SESSION['password']))? 1 : 0;
105.   }
106.  
107.   public function showErrors()
108.   {
109.  
110.     return implode("<br>",$this->_errors)."<br>";
111.  
112.   }
113. }
114.  
115. ?>