Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ## Class cLogin()
- ##
- ## Written by Henric Johansson, henric-johansson@hotmail.com 2011-10-19
- ## Takes care of your login system
- require_once('cSession.php');
- require_once('cDatabase.php');
- class cLogin extends cSession {
- private $errorMessage = "";
- function __construct($username = "", $password = "", $database = "", $host = "") {
- ## Check if we have all neccessary variables
- if($username == "" || $database == "" || $host == "") {
- ## Return false
- $this->errorMessage = 'Username, Database or Host not correct<br />';
- return false;
- }
- ## Make sure the database connection is initialized
- if(!cDatabase::isInitialized()) {
- ## If we want to debug:
- ## cDatabase::debug();
- ## Or cDatabase::debug(false) to stop
- ## We are not initialized, initialie connection
- if(cDatabase::initialize($username, $password, $database, $host)) {
- ## Everything worked as planned
- }
- }
- parent::__construct();
- }
- function LoggedIn() {
- if($this->get('user_id') > 0) {
- return true;
- } else {
- return false;
- }
- }
- function getError() {
- $msg = $this->errorMessage;
- $this->errorMessage = "";
- return $msg;
- }
- function Register($username, $password) {
- ## Check if our db connection is active
- if(!cDatabase::isInitialized()) {
- $this->errorMessage = 'Database connection not initialized. <br />';
- return false;
- }
- ## Escape username
- $username = mysql_real_escape_string($username);
- ## Make sure user does not exist.
- $query = "select * from users where username='$username'";
- $result = mysql_query($query);
- if(mysql_num_rows($result) > 0) {
- ## Username already exists
- $this->errorMessage = 'Username already exists<br />';
- return false;
- }
- ## Secure password with a salt and md5 hash
- $password = md5("€@£¤(%¤23!" . $password);
- $query = "insert into users (username, password, registered) values ('$username', '$password', NOW())";
- if(!mysql_query($query)) {
- $this->errorMessage = 'Could not insert query, query: ' . $query . '<br />';
- return false;
- }
- return true;
- }
- function Update($username) {
- $query = "update users set last_ip='{$_SERVER['REMOTE_ADDR']}', last_login=NOW() where username='$username'";
- if(mysql_query($query)) {
- return true;
- } else {
- $this->errorMessage = 'Could not update users last login and IP<br />';
- return false;
- }
- }
- function Login($username, $password) {
- ## Check if our db connection is active
- if(!cDatabase::isInitialized()) {
- $this->errorMessage = 'Database connection not initialized. <br />';
- return false;
- }
- ## Escape username
- $username = mysql_real_escape_string($username);
- ## Secure password with a salt and md5 hash
- $password = md5("€@£¤(%¤23!" . $password);
- ## Make sure user does not exist.
- $query = "select id from users where username='$username' and password='$password'";
- $result = mysql_query($query);
- if(mysql_num_rows($result) <= 0) {
- ## Username already exists
- $this->errorMessage = 'Wrong username or password ' . $query . '<br />';
- return false;
- } else {
- ## Update users login date and ip
- if($this->Update($username)) {
- ## If user updated, get the id and set the session vars
- $row = mysql_fetch_array($result);
- $this->set($username, 'username');
- $this->set($row['id'], 'user_id');
- return true;
- } else {
- return false;
- }
- }
- }
- function Logout() {
- parent::kill();
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
