Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class LoginError extends Exception { }
- class UserLogin {
- public $LoggedIn = false;
- public $username = false;
- public $email = false;
- public $rank = false;
- public $id = false;
- function __construct() {
- global $mysqli, $cookie;
- if($cookie->Exists("LoggedIn_Token") && !$cookie->IsEmpty("LoggedIn_Token")) {
- $token = escape_html($cookie->Get("LoggedIn_Token"));
- $sql = $mysqli->query("SELECT * FROM admin_sessions WHERE hash='{$token}' AND ip='{$_SERVER['REMOTE_ADDR']}'");
- $row = $sql->fetch_assoc();
- if($sql->num_rows == 1) {
- $usercheck = $mysqli->query("SELECT * FROM admin_accounts WHERE id='{$row['member_id']}'");
- $usercheck_row = $usercheck->fetch_assoc();
- if($usercheck->num_rows == 1) {
- $this->LoggedIn = true;
- $this->id = $usercheck_row['id'];
- $this->username = $usercheck_row['username'];
- $this->email = $usercheck_row['email'];
- $this->rank = $usercheck_row['rank'];
- } else {
- $cookie->Delete("LoggedIn_Token");
- }
- } else {
- $cookie->Delete("LoggedIn_Token");
- }
- }
- }
- function SignIn($username, $password) {
- global $mysqli;
- $username = escape_html($username);
- $password = escape_html(md5($password));
- if(empty($username) && empty($password)) {
- throw new LoginError("Je bent iets vergeten.");
- } else {
- $sql = $mysqli->query("SELECT * FROM admin_accounts WHERE username='{$username}' AND password='{$password}'");
- $row = $sql->fetch_assoc();
- if($sql->num_rows == 0) {
- throw new LoginError("Gebruikersnaam of wachtwoord is onjuist.");
- } else {
- $this->CreateSession($row['id']);
- }
- }
- }
- function CreateSession($member_id) {
- global $mysqli, $cookie;
- $id = escape_html($member_id);
- $sql = $mysqli->query("SELECT * FROM admin_accounts WHERE id='{$id}'");
- $row = $sql->fetch_assoc();
- if($sql->num_rows == 0) {
- throw new LoginError("Monitor Error: #100");
- } else {
- $uniqid = uniqid("Monitor-");
- $hash = hash("whirlpool", "{$uniqid}{$row['username']}{$row['email']}");
- $cookie->Set("LoggedIn_Token", $hash);
- $mysqli->query("INSERT INTO admin_sessions (member_id, date, hash, ip) VALUES ('{$id}', NOW(), '{$hash}', '{$_SERVER['REMOTE_ADDR']}')");
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement