Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php # User Authentication Library : Initilization
- # Environment Setup
- $auth = array();
- $auth['session_limit'] = day * 2; # Default expire time (move to mysql)
- $UADecryptionKey = 'key'; # Move to sql, have change every week
- setcookie('sess_id', 'to', day);
- setcookie('sess_user', md5('testcatfacts'), day);
- if(!is_null($_COOKIE['sess_id'])) { # Awake from valid session
- $sess_id = EXMySQLSafe($_COOKIE['sess_id']);
- $session = mysql_fetch_assoc(EXMySQLQuery("SELECT * FROM `[prefix]sessions` WHERE `id` = CONVERT(_utf8 '{$sess_id}' USING latin1) COLLATE latin1_swedish_ci"));
- $user_result = EXMySQLQuery("SELECT * FROM `[prefix]users` WHERE `username` = CONVERT(_utf8 '{$session['user']}' USING latin1) COLLATE latin1_swedish_ci");
- $user_check = mysql_num_rows($user_result);
- $user = mysql_fetch_assoc($user_result);
- $username_md5 = md5($UAKey.$session['key'].$user['username']);
- # Validate the data
- if($_COOKIE['sess_user'] == $username_md5) { # Reload current session
- $t1 = explode(MLDF1, $session['conf']); # Session Configuration [transient]
- $auth['conf'] = explode(MLDF2, $t1);
- $t2 = explode(MLDF1, $user['conf']); # User Configuration [persistant]
- $auth['uconf'] = explode(MLDF2, $t2);
- $auth['user'] = array( # Common Info
- 'id' => $user['id'], 'name' => $user['username'], 'display-name' => $user['dname'], 'first-name' => $user['fname'],
- 'middle-name' => $user['mname'], 'last-name' => $user['lname'], 'email' => $user['email'] );
- $auth['role'] = $user['role'];
- $auth['type'] = $user['type'];
- $auth['permissions'] = str_split($user['permissions']);
- $auth['guest'] = false; # Don't touch the cookies
- } else { # Destroy current session and make new
- EXMySQLQuery("DELETE FROM `[prefix]sessions` WHERE CONVERT(`[prefix]sessions`.`id` USING utf8) = '{$sess_id}' LIMIT 1");
- setcookie('sess_id', null, destroy);
- setcookie('sess_user', null, destroy);
- $gsession = true;
- } # From here we play god
- } if(isset($_POST['UAU']) and isset($_POST['UAP'])) { # Render from form input
- $username = EXMySQLSafe($_POST['UAU']); $password = md5($_POST['UAP']);
- $user = mysql_fetch_assoc(EXMySQLQuery("SELECT * FROM `[prefix]users` WHERE `username` = CONVERT(_utf8 '{$username}' USING latin1) COLLATE latin1_swedish_ci"));
- if($password == $user['password']) { # Verified
- $auth['conf'] = array(); # Session Configuration [transient]
- $t = explode(MLDF1, $user['conf']); # User Configuration [persistant]
- $auth['uconf'] = explode(MLDF2, $t2);
- $auth['user'] = array( # Common Info
- 'id' => $user['id'], 'name' => $user['username'], 'display-name' => $user['dname'], 'first-name' => $user['fname'],
- 'middle-name' => $user['mname'], 'last-name' => $user['lname'], 'email' => $user['email'] );
- $auth['role'] = $user['role']; $auth['type'] = $user['type'];
- $auth['permissions'] = str_split($user['permissions']);
- $auth['guest'] = false;
- $sess = md5(date(EXDateSDF_YMDHMSM));
- $sess_user = md5($UAKey.$sess.$username);
- setcookie('sess_id', $sess, day);
- setcookie('sess_user', $sess_user, day);
- EXMySQLQuery();
- } else $gsession = true;
- } if($gsession) { # Render from guest template
- # Um... is there any point to loading any user config at all? or is this a good solution?
- $auth['conf'] = $auth['uconf'] = EXConfRead('guest-config');
- $auth['user'] = array( # Common Info
- 'id' => 0, 'name' => 'guest', 'display-name' => 'Guest', 'first-name' => 'Johnny',
- 'middle-name' => 'T', 'last-name' => 'Guest', 'email' => null );
- $username = 'guest';
- $role = 'UAGuestAccount';
- $type = UAGuest;
- $auth['guest'] = true;
- $sess = md5(date(EXDateSDF_YMDHMSM));
- $sess_user = md5($UAKey.$sess.$username);
- setcookie('sess_id', $sess, day);
- setcookie('sess_user', $sess_user, day);
- EXMySQLQuery();
- }
- /* things to set up
- user conf
- sess conf
- username
- display name
- fname, mname, lname
- role
- type
- permissions?
- is guest */
Add Comment
Please, Sign In to add comment