API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 15th, 2017
103
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.93 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. class users {
  3. var $db;
  4.  
  5. function __construct(&$db) {
  6. $this->db = &$db;
  7. }
  8.  
  9. // This method retrieves the lost password and returns it
  10. function checkMail($email,$type,$db) {
  11. $resultSet = $db->query("SELECT email FROM $type WHERE email = '$email'");
  12. $result = $db->getNext($resultSet);
  13. if(mysql_num_rows($resultSet) < 1) {
  14. $errors[] = "No record listed under the email <strong>$email</strong>. Please retype and try again, alternatively, <a href='register.php'>click here</a> to register a new account";
  15. return $errors;
  16. } else {
  17. return $result["id"];
  18. }
  19. }
  20.  
  21. // autCheck checks the posted usernames with that of the ones in the database.
  22. function authCheck($username,$password,$type,$db) {
  23. // $type will determine which table to access (administrators or client) and is set to client if logged in from index.php or administrator if logged in from adminlogin.php
  24. $resultSet = $db->query("SELECT passwordhash FROM $type WHERE email = '$username'");
  25. $result = $db->getNext($resultSet);
  26. // passwordhash builds a hashed password with the users password and a random salt so that we can compare if the password matches that of the database
  27. $password = md5($password);
  28. // Check if passwords match, if so, set the sessions
  29. if($password == $result["passwordhash"]) {
  30. $_SESSION["usertype"] = $type;
  31. $_SESSION["active"] = 1;
  32. $_SESSION["id"] = session_id();
  33. // Get the page we're on now, and after login, log in on current page, except if page is /, adminlogin or index.php, which should goto home.php
  34. if(isset($_SERVER["REQUEST_URI"])) {
  35. if($_SERVER["REQUEST_URI"] == "/" || $_SERVER["REQUEST_URI"] == "/adminlogin.php" || $_SERVER["REQUEST_URI"] == "/index.php") {
  36. header("Location:home.php");
  37. }
  38. } else {
  39. $file = $_SERVER["REQUEST_URI"];
  40. header("Location:$file");
  41. exit;
  42. }
  43. // if authentication fails, put error in $errors database for outputting.
  44. } else {
  45. $errors = "Your username and password does not match, please try again";
  46. return $errors;
  47. }
  48. }
  49.  
  50. function randPass() {
  51. $characters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
  52. $i = 0;
  53. $password = "";
  54. while($i <= 8) {
  55. $password .= $characters{mt_rand(0,strlen($characters))};
  56. $i++;
  57. }
  58. return $password;
  59. }
  60.  
  61. function createNewUser($array, $validate, $db) {
  62. $resultsArray = $db->query("INSERT INTO client (`firstname`,`lastname`,`title`,`email`,`passwordhash`,`telephone`,`fax`,`physical`,`postal`) VALUES ('$array[fullname]','$array[lastname]','$array[title]','$array[email]','$array[passwordhash]','$array[telephone]','$array[fax]','$array[physical]','$array[postal]')");
  63. if($resultsArray) {
  64. return true;
  65. } else {
  66. $errors = "There was a problem inserted the new user into the database";
  67. return $errors;
  68. }
  69. }
  70.  
  71. function sendmail($array) {
  72. $array["headers"] = "From:" .$array["sentfrom"]. "\r\n";
  73. $array["headers"] .= "Reply-To:".$array["replyto"]. "\r\n";
  74. $array["headers"] .= "Return-Path:".$array["sentfrom"]. "\r\n";
  75. $array["headers"] .= "MIME-Version: 1.0" . "\r\n";
  76. $array["headers"] .= "Content-type:text/html;charset=iso-8859-1" . "\r\n";
  77. $errors[] = mail($array["to"],$array["subject"],$array["message"],$array["headers"]);
  78. if(empty($errors)) {
  79. return "success";
  80. } else {
  81. $errors = "Could not send registration email!";
  82. return $errors;
  83. }
  84. }
  85.  
  86. // This method checks if the user is logged in, and also checks if the user is logged in as administrator or client, if neither, it will return errors which will send the user back to index.php or adminindex.php
  87. function checkSession() {
  88. if($_SESSION["id"] == session_id() && $_SESSION["active"] == 1) {
  89. if($_SESSION["usertype"] == 'client' || $_SESSION["usertype"] == 'administator') {
  90. return true;
  91. } else {
  92. $errors = "Session invalid. Please log in again ...";
  93. return $errors;
  94. }
  95. }
  96. }
  97.  
  98. function updateUserPass($password,$id,$type,$db) {
  99. $resultsArray = $db->query("UPDATE $type SET password='$password' WHERE id='$id' LIMIT 1");
  100. if($resultsArray) {
  101. return true;
  102. } else {
  103. $errors = "There was an error setting the new password in the database.";
  104. return $errors;
  105. }
  106. }
  107.  
  108.  
  109. // this checks if the user is logged in, if not, it will attempt to log the user in, if that fails, output errors which will send the user to the login page.
  110. function isloggedin($username='', $password='', $type='') {
  111. if($this->checkSession() === true) {
  112. // This user is already logged in
  113. return true;
  114. } elseif(strlen($username) && strlen($password) && strlen($type)) {
  115. // This user is not logged in already, but they provided login information, so let's attempt to log them in:
  116. $output = $this->authCheck($username, $password, $type);
  117. if(is_array($output)) {
  118. // We got errors, return them
  119. return $output;
  120. }
  121. if($output === true) {
  122. return true;
  123. }
  124. }
  125. }
  126. }
  127. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!