<?phpclass Login{ private $_id; private $_username; private $_pas

1. <?php
2.  
3. class Login
4. {
5.   private $_id;
6.   private $_username;
7.   private $_password;
8.   private $_passmd5;
9.  
10.   private $_errors;
11.   private $_access;
12.   private $_login;
13.   private $_token;
14.  
15.   public function __construct()
16.   {
17.     $this->_errors = array();
18.     $this->_login  = isset($_POST['login'])? 1 : 0;
19.     $this->_access = 0;
20.     $this->_token  = $_POST['token'];
21.  
22.     $this->_id       = 0;
23.     $this->_username = ($this->_login)? $this->filter($_POST['username']) : $_SESSION['username'];
24.     $this->_password = ($this->_login)? $this->filter($_POST['password']) : '';
25.     $this->_passmd5  = ($this->_login)? md5($this->_password) : $_SESSION['password'];
26.   }
27.  
28.   public function isLoggedIn()
29.   {
30.     ($this->_login)? $this->verifyPost() : $this->verifySession();
31.  
32.     return $this->_access;
33.   }
34.  
35.   public function filter($var)
36.   {
37.     return preg_replace('/[^a-zA-Z0-9]/','',$var);
38.   }
39.  
40.   public function verifyPost()
41.   {
42.     try
43.     {
44.       if(!$this->isTokenValid()) {
45.          //throw new Exception('Invalid Form Submission');
46.          $this->_errors[] = 'Invalid Form Submission';
47.          return;
48.       }
49.       if(!$this->isDataValid()) {
50.          //throw new Exception('Invalid Form Data');
51.          $this->_errors[] = 'Invalid Form Data';
52.          return;
53.       }
54.       if(!$this->verifyDatabase()) {
55.          //throw new Exception('Invalid Username/Password');
56.          $this->_errors[] = 'Invalid Username/Password';
57.          return;
58.       }
59.     $this->_access = 1;
60.     $this->registerSession();
61.     }
62.     /* catch(Exception $e)
63.     {
64.       $this->_errors[] = $e->getMessage();
65.     } */
66.   }
67.  
68.   public function verifySession()
69.   {
70.     if($this->sessionExist() && $this->verifyDatabase())
71.        $this->_access = 1;
72.   }
73.  
74.   public function verifyDatabase()
75.   {
76.     //Database Connection Data
77.     mysql_connect("localhost", "kennych_kennych", "Stu6_4^T(%5i") or die(mysql_error());
78.     mysql_select_db("kennych_register") or die(mysql_error());
79.  
80.     $data = mysql_query("SELECT ID FROM users WHERE username = '{$this->_username}' AND password = '{$this->_passmd5}'");
81.  
82.     if(mysql_num_rows($data))
83.       {
84.         list($this->_id) = @array_values(mysql_fetch_assoc($data));
85.         return true;
86.       }
87.     else
88.       { return false; }
89.   }
90.  
91.   public function isDataValid()
92.   {
93.     return (preg_match('/^[a-zA-Z0-9]{5,12}$/',$this->_username) && preg_match('/^[a-zA-Z0-9]{5,12}$/',$this->_password))? 1 : 0;
94.   }
95.  
96.   public function isTokenValid()
97.   {
98.     return (!isset($_SESSION['token']) || $this->_token != $_SESSION['token'])? 0 : 1;
99.   }
100.  
101.   public function registerSession()
102.   {
103.     $_SESSION['ID'] = $this->_id;
104.     $_SESSION['username'] = $this->_username;
105.     $_SESSION['password'] = $this->_passmd5;
106.   }
107.  
108.   public function sessionExist()
109.   {
110.     return (isset($_SESSION['username']) && isset($_SESSION['password']))? 1 : 0;
111.   }
112.  
113.   public function showErrors()
114.   {
115.  
116.     return implode("<br>",$this->_errors)."<br>";
117.  
118.   }
119. }
120.  
121. ?>