<?php//include_once ("classifieds/misc.php");class Admin{ /** * @pack

1. <?php
2. //include_once ("classifieds/misc.php");
3. class Admin
4. {
5.     /**
6.      * @package Users
7.      * @subpackage Administrators
8.      */
9.     /**
10.      * authorizing administrator
11.      *
12.      * Function checks if there's active administrator.
13.      * If it is, then it return true. If it's not it outputs
14.      * form for logging into system untill administrator logins system
15.      *
16.      * @return bool 'true' administrator has authorized or 'false' otherwise
17.      */
18.     function admin_auth(&$template_processor)
19.     {
20.         if (Admin :: admin_authed())
21.             return true;
22.         $err_m = '<p>&nbsp;</p>';
23.         if (isset ($_REQUEST['action']) && $_REQUEST['action'] == 'login')
24.         {
25.             if (Admin :: admin_login($_REQUEST['username'], $_REQUEST['password']))
26.                 return true;
27.             else
28.                 $err_m = '<p style="color:red;font-family:tahoma;text-align:center">Wrong password. Please try again</p>';
29.         }
30.         echo Admin :: admin_auth_page($err_m, $template_processor);
31.         return false;
32.     }
33.     function admin_auth_page($err_m)
34.     {
35.         $template_processor = System::getTemplateProcessor ();
36.         $params = form(array ('action' => 'login') + get_request_data_params());
37.         $template_processor -> assign('form_hidden_params',  $params);
38.         $template_processor -> assign('ERROR', $err_m);
39.         return $template_processor->fetch('auth.tpl');
40.     }
41.     /**
42.      * checking for existing authorized administrator
43.      *
44.      * Function checks if administrator has authorized
45.      *
46.      * @return 'true' if administrator has authorized or 'false' otherwise
47.      */
48.     function admin_authed()
49.     {
50.         if (isset ($_SESSION['username'], $_SESSION['usertype']) && $_SESSION['usertype'] == "admin")
51.             return true;
52.         return false;
53.     }
54.     /**
55.      * logging into system as administrator
56.      *
57.      * Function logs administrator into system.
58.      * If operation succeded it registers session variables 'username' and 'usertype'
59.      *
60.      * @param string $username user's name
61.      * @param string $password user's password
62.      * @return bool 'true' if operation succeeded or 'false' otherwise
63.      */
64.     function admin_login($username, $password)
65.     {
66.         $username = mysql_real_escape_string($username);
67.        
68.         $password = mysql_real_escape_string($password);
69.        
70.         $sql = "SELECT * FROM `administrator` WHERE `username`='" . $username . "' AND `password`=PASSWORD('" . $password . "')";
71.         $res = mysql_query($sql);
72.         if ($res === FALSE)
73.         {
74.             //      echo mysql_errno() . ": " . mysql_error();
75.             return false;
76.         }
77.  
78.         if (mysql_num_rows($res) !== 1)
79.             return false;
80.         $row = mysql_fetch_assoc($res);
81.         $_SESSION['username'] = $row['username'];
82.         $_SESSION['usertype'] = "admin";
83.         return true;
84.     }
85.  
86.     /**
87.      * logging administrator out of system
88.      *
89.      * Function logs administrator out of system
90.      */
91.     function admin_log_out()
92.     {
93.         unset ($_SESSION['username']);
94.         unset ($_SESSION['usertype']);
95.     }
96. }
97. ?>