Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- namespace knalstation\login;
- require_once("config.php");
- require_once(__SITE_PATH . '/libs/' . 'db.class.php');
- use knalstation\database as knaldb;
- class Auth
- {
- public $skysa;
- protected $hash;
- public $flags;
- public function userLogin($username, $password)
- {
- $db = new knaldb\db();
- $sql = sprintf("SELECT * FROM users WHERE username = '%s'", mysql_real_escape_string($username));
- $db->num_rows($sql);
- if($db->num_rows == 1)
- {
- $db->query_result($sql, "password");
- $db_pass = $db->result;
- $encrypt_pass = $db->encrypt($password);
- if($db_pass == $encrypt_pass)
- {
- $db->query_result($sql, "id");
- $uid = $db->result;
- $sql = sprintf("UPDATE users SET last_ip = '%s' WHERE id = '%s'", mysql_real_escape_string($this->get_ip()), mysql_real_escape_string($uid));
- $db->query($sql);
- $db->disconnect();
- $this->setSessions($uid, $username);
- return true;
- }
- }
- else
- {
- return false;
- }
- }
- public function verifyLogin()
- {
- if(isset($_SESSION["knalstation_login"])) // just logged in or recently logged in.
- {
- $db = new knaldb\db();
- $sql = sprintf("SELECT * FROM users WHERE session = '%s' AND last_ip = '%s'",
- mysql_real_escape_string($_SESSION["knalstation_login"]), mysql_real_escape_string($this->get_ip()));
- $db->num_rows($sql);
- if($db->num_rows == 1)
- {
- $db->query_result($sql, 'id');
- $uid = $db->result;
- $db->query_result($sql, 'username');
- $username = $db->result;
- $db->query_result($sql, 'profile');
- $profile = $db->result;
- $db->query_result($sql, 'photo');
- $photo = $db->result;
- $db->disconnect();
- $this->setCookies($uid, $username);
- $this->makeSkysaJS($uid, $username, $profile, $photo);
- return true;
- }
- }
- elseif(isset($_COOKIE["knalcookie_login"])) // been away and used remember me function.
- {
- $db = new knaldb\db();
- $sql = sprintf("SELECT * FROM users WHERE cookie = '%s' AND last_ip = '%s'",
- mysql_real_escape_string($_COOKIE["knalcookie_login"]), mysql_real_escape_string($this->get_ip()));
- $db->num_rows($sql);
- if($db->num_rows == 1)
- {
- $db->query_result($sql, 'id');
- $uid = $db->result;
- $db->query_result($sql, 'username');
- $username = $db->result;
- $db->query_result($sql, 'profile');
- $profile = $db->result;
- $db->query_result($sql, 'photo');
- $photo = $db->result;
- $db->disconnect();
- $this->setCookies($uid, $username); // update cookie
- $this->setSessions($uid, $username); // set session
- $this->makeSkysaJS($uid, $username, $profile, $photo);
- return true;
- }
- }
- else
- {
- return false;
- }
- }
- public function checkFlags($id, $flag_to_check)
- {
- $db = new knaldb\db();
- $sql = sprintf("SELECT flags FROM users where id = '%s'", mysql_real_escape_string($id));
- $db->query_result($sql, 'flags');
- $flags = $db->result;
- $flag = explode(",", $flags);
- $counter = count($flag);
- $i = 0;
- for($i = 0; $i <= $counter;$i++)
- {
- if($flag[$i] == $flag_to_check)
- {
- return true;
- }
- elseif($i >= $counter)
- {
- return false;
- }
- }
- }
- function checkBan()
- {
- }
- function setSessions($uid, $username)
- {
- $hash = $this->hash;
- $hash = md5($hash . time());
- $_SESSION["knalstation_login"] = $hash;
- $_SESSION["knalstation_uid"] = $uid;
- $_SESSION["knalstation_username"] = $username;
- $db = new knaldb\db();
- $sql = sprintf("UPDATE users SET session = '%s' WHERE id = '%s'", mysql_real_escape_string($hash), mysql_real_escape_string($uid));
- $db->query($sql);
- $db->disconnect();
- return true;
- }
- function setCookies($uid, $username)
- {
- $db = new knaldb\db();
- $hash = $db->encrypt("Knalstation" . $uid . $username . date("d.m.y_H:i:s"));
- setcookie("knalcookie_login", $hash, time()+3600*24*356, '/');
- setcookie("knalcookie_username", $username, time()+3600*24*356, '/');
- setcookie("knalcookie_uid", $uid, time()+3600*24*356, '/');
- $sql = sprintf("UPDATE users SET cookie = '%s' WHERE id = '%s'", mysql_real_escape_string($hash), mysql_real_escape_string($uid));
- $db->query($sql);
- $db->disconnect();
- $this->hash = $hash;
- }
- function makeSkysaJS($uid, $username, $profile, $photo)
- {
- if($photo == NULL)
- {
- $photo = "/images/avatar.jpg";
- }
- $var = "<script type='text/javascript'>
- var _SKYAUTH = {
- loginUrl:'/page/login/',
- memberNick:'".$username."',
- memberId:'".$uid."',
- profileUrl:'".$profile."',
- photoUrl:'".$photo."'
- };
- </script>";
- $this->skysa = $var;
- }
- public function get_ip()
- {
- /*
- | Als PHP gebruikt maakt van $_SERVER,
- | meerdere pogingen doen om het IP te achterhalen
- | en in $realip weg te schrijven.
- */
- if(isset($_SERVER))
- {
- if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
- {
- $realip = $_SERVER['HTTP_X_FORWARDED_FOR'];
- }
- elseif(isset($_SERVER['HTTP_CLIENT_IP']))
- {
- $realip = $_SERVER['HTTP_CLIENT_IP'];
- }
- else
- {
- $realip = $_SERVER['REMOTE_ADDR'];
- }
- }
- /*
- | Als PHP geen gebruik maakt van $_SERVER
- | moeten we wat anders proberen.
- */
- else
- {
- if(getenv('HTTP_X_FORWARDED_FOR'))
- {
- $realip = getenv('HTTP_X_FORWARDED_FOR');
- }
- elseif(getenv('HTTP_CLIENT_IP'))
- {
- $realip = getenv('HTTP_CLIENT_IP');
- }
- else
- {
- $realip = getenv('REMOTE_ADDR');
- }
- }
- /*
- | De variabele realip returnen, zodat we die kunnen gebruiken
- */
- return $realip;
- }
- }
- ?>
Add Comment
Please, Sign In to add comment