Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include("constants.php");
- class Session {
- var $username;
- var $userid;
- var $userlevel;
- var $logged_in;
- var $connection;
- function Session(){
- session_start();
- $this->logged_in = $this->checkLogin();
- $this->connect();
- }
- function connect(){
- $this->connection = mysql_connect(DB_SERVER, DB_USER, DB_PASS) or die(mysql_error());
- mysql_select_db(DB_NAME, $this->connection) or die(mysql_error());
- }
- function query($query){
- return mysql_query($query, $this->connection);
- }
- function checkLogin(){
- if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){
- $this->username = $_SESSION['username'] = $_COOKIE['cookname'];
- $this->userid = $_SESSION['userid'] = $_COOKIE['cookid'];
- }
- if(isset($_SESSION['username']) && isset($_SESSION['userid'])){
- if($this->confirmUserID($_SESSION['username'], $_SESSION['userid']) != 0){
- unset($_SESSION['username']);
- unset($_SESSION['userid']);
- return false;
- }
- $this->userinfo = $this->getUserInfo($_SESSION['username']);
- $this->username = $this->userinfo['username'];
- $this->userid = $this->userinfo['userid'];
- $this->userlevel = $this->userinfo['userlevel'];
- return true;
- }else{
- return false;
- }
- }
- function confirmUserID($username, $userid){
- if(!get_magic_quotes_gpc()) {
- $username = addslashes($username);
- }
- $result = $this->query("SELECT userid FROM users WHERE username = '$username'");
- if(!$result || (mysql_numrows($result) < 1)){
- return 1; //Indicates username failure
- }
- $dbarray = mysql_fetch_array($result);
- $dbarray['userid'] = stripslashes($dbarray['userid']);
- $userid = stripslashes($userid);
- if($userid == $dbarray['userid']){
- return 0; //Success! Username and userid confirmed
- }else{
- return 2; //Indicates userid invalid
- }
- }
- function getUserInfo($username){
- $result = $this->query("SELECT * FROM users WHERE username = '$username'");
- if(!$result || (mysql_numrows($result) < 1)){
- return NULL;
- }
- $dbarray = mysql_fetch_array($result);
- return $dbarray;
- }
- function login($subuser, $subpass){
- $subuser = stripslashes($subuser);
- $subpass = md5($subpass);
- if(!get_magic_quotes_gpc()) {
- $subuser = addslashes($username);
- }
- $result = $this->query("SELECT password FROM users WHERE username = '$username'");
- if(!$result || (mysql_numrows($result) < 1)){
- return false;
- }
- $dbarray = mysql_fetch_array($result);
- $dbarray['password'] = stripslashes($dbarray['password']);
- $password = stripslashes($password);
- $this->userinfo = $this->getUserInfo($subuser);
- $this->username = $_SESSION['username'] = $this->userinfo['username'];
- $this->userid = $_SESSION['userid'] = $this->generateRandID();
- $this->userlevel = $this->userinfo['userlevel'];
- setcookie("cookname", $this->username, time()+3600, "/");
- setcookie("cookid", $this->userid, time()+3600, "/");
- return true;
- }
- function logout(){
- if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){
- setcookie("cookname", "", time()-3600, "/");
- setcookie("cookid", "", time()-3600, "/");
- }
- unset($_SESSION['username']);
- unset($_SESSION['userid']);
- $this->logged_in = false;
- }
- function isAdmin(){
- if($this->userlevel == 1){
- return true;
- }else{
- return false;
- }
- }
- function generateRandID(){
- $randstr = "";
- for($i=0; $i<16; $i++){
- $randnum = mt_rand(0,61);
- if($randnum < 10){
- $randstr .= chr($randnum+48);
- }else if($randnum < 36){
- $randstr .= chr($randnum+55);
- }else{
- $randstr .= chr($randnum+61);
- }
- }
- return md5($randstr);
- }
- };
- $session = new Session;
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement