Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php // begin execution
- class auth { // class auth
- public function login($username,$password) { // function login, username and password paramaters
- $username = trim($username); // username (trim for linebreaks)
- $password = trim($passowrd); // password (trim for linebreaks)
- if (empty($username) || empty($password)) { // empty user,pass
- echo "ERROR: Login Failed. Empty USERNAME or PASSWORD. Try Again!"; // failed login empty user/pass
- return false; // return false to execute a redirect or whatever you want
- }
- $username = preg_replace("/[^0-9a-zA-z]/", "", $username); // username can only contain 0-9 a-z and A-Z
- $password = md5($password); // password (md5 hash)
- mySQLConnect::open(); // open connection
- $check_login = mysql_query("SELECT * FROM users WHERE username='$username' and password='$password'"); // query select user.pass
- $check_login = mysql_num_rows($check_login); // count rows
- if ($check_login == 1) { // if one row exists
- // create a session or cookie
- // session_register();
- // $_SESSION['username'] = $username;
- // $_SESSION['password'] = $password;
- // setcookie('username', $_SESSION['username'], time()+60*60*24*100);
- // setcookie('password', $_SESSION['password'], time()+60*60*24*100);
- // return
- return true;
- } else {
- // destroy any sessions / cookies
- return false;
- }
- mySQLConnect::close(); // close connection
- }
- public function logout($username,$password) { // function logout
- unset($_SESSION['username']); // remove / purge sessions
- unset($_SESSION['password']); // ^
- session_unset(); // ^
- session_destroy(); // ^
- return; // common sense ?
- }
- public function change_pw($username,$password) { // change password
- $username = trim($username); // username remove line breaks
- $password = trim($password); // password remove linebreaks
- if (empty($username) || empty($password)) {
- echo "ERROR: Change Password Failed. Username / Password Required. Try Again!";
- return false;
- }
- $username = preg_replace("/[^0-9a-zA-z]/", "", $username);
- $password = md5($password);
- $session_username = $_SESSION['username'];
- $session_password = $_SESSION['password'];
- mySQLConnect::open();
- $session_check = mysql_query("SELECT * FROM users WHERE username='$session_username' and password='$session_password'");
- $session_check = mysql_num_rows($session_check);
- if ($session_check = 1) {
- $change_password = mysql_query("UPDATE users SET username='$username' and password='$password' WHERE username='$session_username'");
- return true;
- } else {
- echo "ERROR: Invalid Session (Login). Please Login Again.";
- return false;
- }
- mySQLConnect::close();
- }
- }
- class mySQLConnect {
- public function open() {
- $mySQL = mysql_connect(DB_HOST, DB_USER, DB_PASS)or die("COULD NOT CONNECT");
- mysql_select_db(DB_NAME, $mySQL);
- return $mySQL;
- }
- public function close() {
- mysql_close($mySQL);
- return $mySQL;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement