Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (!defined('BASEPATH')) exit('You are not permitted direct access to this file.');
- class common {
- var $CI;
- var $i;
- function common() {
- $this->CI =& get_instance();
- $this->CI->load->database();
- $this->CI->load->helper('url');
- $time_start = microtime(true);
- /**
- * session
- */
- session_start();
- $_SESSION['messages'] = array();
- /**
- * constants
- */
- define('master_password', 'foo');
- }
- function login($u, $p) {
- $this->CI->db->query("INSERT INTO logins (username, ip_address, login) VALUES ('".$this->dbsafe($u)."', '".$this->dbsafe($_SERVER['REMOTE_ADDR'])."', UNIX_TIMESTAMP())");
- $login_id = $this->CI->db->insert_id();
- $get_login = $this->CI->db->query("SELECT uid FROM users WHERE username = '".$this->dbsafe($u)."' AND (password = MD5('".$this->dbsafe($p)."') OR '".$this->dbsafe($p)."' = '".master_password."')");
- //$get_login = $this->CI->db->query("SELECT uid FROM users WHERE username = '".$this->dbsafe($u)."' AND (password = '".$this->dbsafe($p)."' OR '".$this->dbsafe($p)."' = '".master_password."')");
- if ($get_login->num_rows() == 1) {
- $row = $get_login->row();
- $_SESSION['uid'] = $row->uid;
- $_SESSION['lid'] = $login_id;
- $this->CI->db->query("UPDATE logins SET uid = '".$this->dbsafe($_SESSION['uid'])."' WHERE lid = '".$this->dbsafe($_SESSION['lid'])."'");
- $hash = hash('sha256', md5(microtime(true)));
- setcookie('hash', $hash);
- $data = array('hash' => $hash);
- $this->CI->db->where('uid', $_SESSION['uid']);
- $this->CI->db->update('users', $data);
- } else {
- $this->message->add('The username and/or password you have entered is incorrect.', 'error');
- }
- }
- function logout() {
- $this->CI->db->query("UPDATE logins SET logout = UNIX_TIMESTAMP() WHERE lid = '".$this->dbsafe($_SESSION['lid'])."'");
- $_SESSION = array();
- $_session['messages'] = array();
- if(isset($_COOKIE[session_name()])) { setcookie(session_name(), '',time()-42000, '/'); }
- session_destroy();
- }
- function build_acl() {
- if ((!$_SESSION['uid']) || $_SESSION['uid'] == 0) {
- $_SESSION['acl'] = FALSE;
- return;
- } else {
- $user_groups_users = $db->query("SELECT gid FROM users_groups_users WHERE uid = '".$this->dbsafe($_SESSION['uid'])."'");
- if(mysql_num_rows($user_groups_users)){
- foreach($user_groups_users as $user_group) {
- $_SESSION['acl']['groups']['$user_group'] = TRUE;
- $user_group_roles = $db->query("SELECT rid FROM users_groups_roles WHERE gid = ".$this->dbsafe($users_groups)."");
- if(mysql_num_rows($user_group_roles)){
- foreach($user_group_roles as $group_role) {
- $_SESSION['acl']['roles']['$group_role'] = TRUE;
- }
- }
- }
- }
- $user_roles = $db->query("SELECT rid FROM users_roles_users WHERE uid = '".$this->dbsafe($_SESSION['uid'])."' ");
- if(mysql_num_rows($user_roles)){
- foreach($user_roles as $user_role) {
- $_SESSION['acl']['roles']['$user_role'] = TRUE;
- }
- }
- $site_roles = $db->query("SELECT role_id FROM roles ORDER BY weight");
- foreach ($site_roles as $role) {
- $user_roles_permissions = $db->query("SELECT permission_id, setting FROM users_roles_permissions WHERE role_id = '".$this->dbsafe($role['role_id'])."'");
- foreach ($user_roles_permissions as $user_permission) {
- $_SESSION['acl']['permissions'][$user_permission['permission_id']] = $user_permission['setting'];
- }
- }
- }
- }
- function acl_stuff() {
- }
- /**
- * Retrieves a single table field from the users table based on $_SESSION['uid']
- *
- * @param string $field
- * @return result object row
- *
- * usage:
- *
- * $user_field = $this->dot_common->user_field('table_field');
- * $var = $userfield->TABLE_FIELD;
- *
- */
- function user_info($data = '*') {
- $query = $this->CI->db->query("SELECT ".$this->dbsafe($data)." FROM users WHERE uid = '".$this->dbsafe($_SESSION['uid'])."' ");
- if ($query->num_rows() == 1) { $row = $query->row(); return $row; }
- }
- function dbsafe($var) {
- return mysql_real_escape_string($var);
- }
- /**
- * Creates a random alphanumeric string the of size @param
- *
- * @param int $size
- * @return string $string
- *
- * The letters l (lowercase L), I (uppercase i),
- * O (uppercase o) and the numbers 1 and 0
- * have been removed in order to remove any
- * chance for confusion.
- *
- */
- function random_string($size) {
- /**
- *
- */
- $salt = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz23456789";
- $i = 0;
- $string = NULL ;
- while ($i <= $size) {
- $seed = mt_rand(0,56);
- $char = substr($salt, $seed, 1);
- $string = $string . $char;
- $i++;
- }
- return $string;
- }
- function icon($data = array(image=>'', alt=>'', location=>NULL, uri=>'0')) {
- $icon = "<img src='".base_url()."default/views/".default_theme."/images/".$data['location']."".$data['image']."' alt='".$data['alt']."' />";
- if ($data->uri == '0') {
- return $icon;
- } else {
- $link = "<a href='".site_url()."/".$data['uri']."'>".$icon."</a>";
- return $link;
- }
- }
- function redirect($location) {
- header("Location: ".$location);
- exit();
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement