SHARE
TWEET

Untitled

a guest Jun 5th, 2017 70 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. cladfasdfasdf
  3.   public $ip;
  4.  
  5.   /**
  6.   * Sets basic user variables on page load
  7.   * reason for this is easier access to vars, and less
  8.   * server stress because we aren't querying the server multiple times for these values
  9.   **/
  10.   function user()
  11.   {
  12.     if(array_key_exists('username', $_SESSION))
  13.     {
  14.       $this->username = $_SESSION['username'];
  15.       $this->loggedIn = true;
  16.      
  17.       $query = "SELECT * FROM `userInfo` WHERE username = '{$this->username}'";
  18.       $result = mysql_query($query) or die(mysql_error());
  19.       $userObj = mysql_fetch_object($result);
  20.      
  21.       $this->id = $userObj->id;
  22.       $this->firstName = $userObj->firstName;
  23.       $this->lastName = $userObj->lastName;
  24.       $this->ip = $userObj->ip;
  25.      
  26.       $this->updateLastActive();
  27.     }
  28.   }
  29.  
  30.   /**
  31.   * Accepts 8 strings, aptly named plus a reference to an error string
  32.   * returns true if the registering process was successful, else false
  33.   */
  34.   function register($username, $password, $verifyPassword, $ip,
  35.                     $email = '', $firstName = '', $lastName = '', $age = '', &$error)
  36.   {
  37.     // clean the variables so they are safe to enter in the database
  38.     $this->cleanVar($username);
  39.     // don't encrypt the passwords yet because we still need to check if they are empty
  40.     $this->cleanVar($password);
  41.     $this->cleanVar($verifyPassword);
  42.     $this->cleanVar($ip);
  43.     $this->cleanVar($email);
  44.     $this->cleanVar($firstName);
  45.     $this->cleanVar($lastName);
  46.     $this->cleanVar($age);
  47.    
  48.     if(empty($username))
  49.     {
  50.       $error .= "Please fill out a username.\n";
  51.       return false;
  52.     }
  53.    
  54.     if(empty($password) || empty($verifyPassword))
  55.     {
  56.       $error .= "Please fill out both passwords.\n";
  57.       return false;
  58.     }
  59.    
  60.     if($password != $verifyPassword)
  61.     {
  62.       $error .= "Please make sure both passwords you filled out are the same.\n";
  63.       return false;
  64.     }
  65.    
  66.     if(eregi("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,6}$", $email))
  67.     {
  68.       $error .= "Please fill out a valid email address.\n";
  69.     }
  70.    
  71.     // encrypt the password before we go any further
  72.     // do this because plaintext is after this point
  73.     $encryptedPass = $this->encryption($password);
  74.    
  75.     // check if the username is taken
  76.     $query  = "SELECT * FROM `userInfo` WHERE username='{$username}'";
  77.     $result = mysql_query($query) or die(mysql_error());
  78.     if(mysql_num_rows($result) > 1)
  79.     {
  80.       $error .= "Sorry, the username you filled out is already taken";
  81.       return false;
  82.     }
  83.    
  84.     // well, we've gotten this far, why not put the info in the database!
  85.     mysql_query("INSERT INTO `userInfo`
  86.                 (firstName, lastName, username, password, age, email, ip, dateRegistered) VALUES
  87.                 ('$firstName', '$lastName', '$username',
  88.                  '$encryptedPass', '$age', '$email', '$ip', '".time()."')")
  89.                 or die(mysql_error());
  90.     return true;
  91.   }
  92.  
  93.   /**
  94.   * Accepts three strings, username, password, and a reference to an error string
  95.   * returns true if login successful and the page needs to be
  96.   *  redirected, false if the login failed
  97.   **/
  98.   function login($username, $password, &$error)
  99.   {
  100.     // clean up the username and password
  101.     $this->cleanVar($username);
  102.     $this->cleanVar($password);
  103.    
  104.     if(empty($username))
  105.     {
  106.       $error .= "Please fill out a username.\n";
  107.       return false;
  108.     }
  109.    
  110.     if(empty($password))
  111.     {
  112.       $error .= "Please fill out a password.\n";
  113.       return false;
  114.     }
  115.     $encrpytedPass = $this->encryption($password);
  116.    
  117.     // query if the user is in the database, and check if the row count is 1
  118.     $query  = "SELECT * FROM `userInfo`
  119.               WHERE username='{$username}' and password='{$encrpytedPass}'";
  120.     $result = mysql_query($query) or die(mysql_error());
  121.     $count  = mysql_num_rows($result);
  122.    
  123.     if($count == 1)
  124.     {
  125.       // set the time as last active for the users profile
  126.       $this->updateLastActive();
  127.       $_SESSION['username'] = $username;
  128.       return true;
  129.     }
  130.    
  131.     // function fell through, login failed
  132.     return false;
  133.   }
  134.  
  135.   /**
  136.   * accepts a reference string and "cleans" it for the database
  137.   * returns nothing
  138.   */
  139.   function cleanVar(&$var)
  140.   {
  141.     $var = trim($var);
  142.     $var = mysql_real_escape_string($var);
  143.   }
  144.  
  145.   /**
  146.   * function for encrypting so encryption is extra secure!
  147.   * accepts two strings, the string to be encrypted and the salt
  148.   * returns the encrypted string
  149.   **/
  150.   function encryption($var,$salt = "i0cd83nd3js4n54j")
  151.   {
  152.     $super_salt = strrev(sha1($salt).md5($salt)).md5($salt);
  153.     $salted  = strrev($var.$super_salt.$super_salt.$var.$super_salt);
  154.     $salted .= $salted.$super_salt;
  155.     $salted  = md5($salted);
  156.     $salted  = sha1($salted);
  157.     return $salted;
  158.   }
  159.  
  160.   /**
  161.   * this function automatically updates the lastActive column for the user, when called.
  162.   **/
  163.   function updateLastActive()
  164.   {
  165.     // check if they are logged in, don't want to be sending malformed queries in1
  166.     if($this->loggedIn)
  167.     {
  168.       $query = "UPDATE `userInfo` SET lastActive = '".time()."'
  169.                WHERE username='{$this->username}'";
  170.       mysql_query($query) or die(mysql_error());
  171.     }
  172.   }
  173. }
  174. session_start();
  175. $user = new user();
  176. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top