Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function session_defaults() {
- $_SESSION['logged'] = false;
- $_SESSION['uid'] = 0;
- $_SESSION['username'] = '';
- $_SESSION['cookie'] = 0;
- $_SESSION['remember'] = false;
- }
- function &db_connect() {
- require_once 'includes/DB.php';
- PEAR::setErrorHandling(PEAR_ERROR_DIE);
- $db_host = 'localhost';
- $db_user = '';
- $db_pass = '';
- $db_name = '';
- $dsn = "mysql://$db_user:$db_pass@unix+$db_host/$db_name";
- $db = DB::connect($dsn);
- $db->setFetchMode(DB_FETCHMODE_OBJECT);
- return $db;
- }
- $date = gmdate("'Y-m-d'");
- $db = db_connect();
- $user = new User($db);
- class User {
- var $db = null;
- var $failed = false;
- var $date;
- var $id = 0;
- function User(&$db) {
- $this->db = $db;
- $this->date = $GLOBALS['date'];
- if ($_SESSION['logged']) {
- $this->_checkSession();
- } elseif ( isset($_COOKIE['emrLogin']) ) {
- $this->_checkRemembered($_COOKIE['emrLogin']);
- }
- }
- function _checkLogin($username, $password, $remember) {
- $username = $this->db->quote($username);
- $password = $this->db->quote(md5($password));
- $sql = "SELECT * FROM users WHERE " .
- "username = $username AND " .
- "password = $password";
- $result = $this->db->getRow($sql);
- if ( is_object($result) ) {
- $this->_setSession($result, $remember);
- header ("Location: home.php");
- return true;
- } else {
- echo '<strong>Incorrect Log In and/or Password. Please try again.</strong><br>
- <form><input type="button" value="Back" onClick="history.back()"></form>';
- $this->_logout();
- return false;
- }
- } //check login
- function _setSession(&$values, $remember, $init = true) {
- $this->id = $values->id;
- $_SESSION['uid'] = $this->id;
- $_SESSION['username'] = htmlspecialchars($values->username);
- $_SESSION['cookie'] = $values->cookie;
- $_SESSION['logged'] = true;
- if ($remember) {
- $this->updateCookie($values->cookie, true);
- }
- if ($init) {
- $session = $this->db->quote(session_id());
- $ip = $this->db->quote($_SERVER['REMOTE_ADDR']);
- $sql = "UPDATE users SET session = $session, ip = $ip WHERE " .
- "id = $this->id";
- $this->db->query($sql);
- }
- } //set session
- function updateCookie($cookie, $save) {
- $_SESSION['cookie'] = $cookie;
- if ($save) {
- $cookie = serialize(array($_SESSION['username'], $cookie) );
- setcookie('emrLogin', $cookie, time() + 31104000, '/');
- }
- } // update cookie
- function _checkRemembered($cookie) {
- list($username, $cookie) = @unserialize($cookie);
- if (!$username or !$cookie) return;
- $username = $this->db->quote($username);
- $cookie = $this->db->quote($cookie);
- $sql = "SELECT * FROM users WHERE " .
- "(username = $username) AND (cookie = $cookie)";
- $result = $this->db->getRow($sql);
- if (is_object($result) ) {
- $this->_setSession($result, true);
- }
- } // check remembered
- function _checkSession() {
- $username = $this->db->quote($_SESSION['username']);
- $cookie = $this->db->quote($_SESSION['cookie']);
- $session = $this->db->quote(session_id());
- $ip = $this->db->quote($_SERVER['REMOTE_ADDR']);
- $sql = "SELECT * FROM users WHERE " .
- "(username = $username) AND (cookie = $cookie) AND " .
- "(session = $session) AND (ip = $ip)";
- $result = $this->db->getRow($sql);
- if (is_object($result) ) {
- $this->_setSession($result, false, false);
- } else {
- $this->_logout();
- }
- } // check session
- function _logout() {
- $logout = session_defaults();
- setcookie('emrLogin', $_SESSION['cookie'], time() - 31104000, '/');
- } // logout
- } //user class
Add Comment
Please, Sign In to add comment