<?phpclass Login{ private $_id; private $_username; private $_pas

1. <?php
2.  
3. class Login
4. {
5.   private $_id;
6.   private $_username;
7.   private $_password;
8.   private $_passmd5;
9.  
10.   private $_errors;
11.   private $_access;
12.   private $_login;
13.   private $_token;
14.  
15.   public function __construct()
16.   {
17.     $this->_errors = array();
18.     $this->_login  = isset($_POST['login'])? 1 : 0;
19.     $this->_access = 0;
20.     $this->_token  = $_POST['token'];
21.  
22.     $this->_id       = 0;
23.     $this->_username = ($this->_login)? $this->filter($_POST['username']) : $_SESSION['username'];
24.     $this->_password = ($this->_login)? $this->filter($_POST['password']) : '';
25.     $this->_passmd5  = ($this->_login)? md5($this->_password) : $_SESSION['password'];
26.   }
27.  
28.   public function isLoggedIn()
29.   {
30.     ($this->_login)? $this->verifyPost() : $this->verifySession();
31.  
32.     return $this->_access;
33.   }
34.  
35.   public function filter($var)
36.   {
37.     return preg_replace('/[^a-zA-Z0-9]/','',$var);
38.   }
39.  
40.   public function verifyPost()
41.   {
42.       if(!$this->isTokenValid()) {
43.          //throw new Exception('Invalid Form Submission');
44.          $this->_errors[] = 'Invalid Form Submission';
45.          return;
46.       }
47.       if(!$this->isDataValid()) {
48.          //throw new Exception('Invalid Form Data');
49.          $this->_errors[] = 'Invalid Form Data';
50.          return;
51.       }
52.       if(!$this->verifyDatabase()) {
53.          //throw new Exception('Invalid Username/Password');
54.          $this->_errors[] = 'Invalid Username/Password';
55.          return;
56.       }
57.     $this->_access = 1;
58.     $this->registerSession();
59.  
60.     /* catch(Exception $e)
61.     {
62.       $this->_errors[] = $e->getMessage();
63.     } */
64.   }
65.  
66.   public function verifySession()
67.   {
68.     if($this->sessionExist() && $this->verifyDatabase())
69.        $this->_access = 1;
70.   }
71.  
72.   public function verifyDatabase()
73.   {
74.     //Database Connection Data
75.     mysql_connect("localhost", "kennych_kennych", "Stu6_4^T(%5i") or die(mysql_error());
76.     mysql_select_db("kennych_register") or die(mysql_error());
77.  
78.     $data = mysql_query("SELECT ID FROM users WHERE username = '{$this->_username}' AND password = '{$this->_passmd5}'");
79.  
80.     if(mysql_num_rows($data))
81.       {
82.         list($this->_id) = @array_values(mysql_fetch_assoc($data));
83.         return true;
84.       }
85.     else
86.       { return false; }
87.   }
88.  
89.   public function isDataValid()
90.   {
91.     return (preg_match('/^[a-zA-Z0-9]{5,12}$/',$this->_username) && preg_match('/^[a-zA-Z0-9]{5,12}$/',$this->_password))? 1 : 0;
92.   }
93.  
94.   public function isTokenValid()
95.   {
96.     return (!isset($_SESSION['token']) || $this->_token != $_SESSION['token'])? 0 : 1;
97.   }
98.  
99.   public function registerSession()
100.   {
101.     $_SESSION['ID'] = $this->_id;
102.     $_SESSION['username'] = $this->_username;
103.     $_SESSION['password'] = $this->_passmd5;
104.   }
105.  
106.   public function sessionExist()
107.   {
108.     return (isset($_SESSION['username']) && isset($_SESSION['password']))? 1 : 0;
109.   }
110.  
111.   public function showErrors()
112.   {
113.  
114.     return implode("<br>",$this->_errors)."<br>";
115.  
116.   }
117. }
118.  
119. ?>