Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- /*
- PHP/Mysql Account System
- Written by Benjamin Knox
- Email: knoxius@knoxius.com
- ©Knoxius.com 2010
- */
- //Connect to MySql - Select database to use
- require($_SERVER['DOCUMENT_ROOT'].'/assets/class/connect.php');
- mysql_select_db('knoxius8_account');
- class account {
- //Random character string generator
- //Credit to Mich (michhimself.com) and james@coretelecom.co.uk
- private function str_rand($length) {
- $chars = array_merge(range('A', 'Z'), range('a', 'z'),range(0, 9));
- $out = "";
- for($i=0; $i < $length; $i++) {
- $string .= $chars[mt_rand(0,count($chars)-1)];
- }
- return $string;
- }
- //Check fields lengths and validity
- public function check_field($string) {
- if(empty($string)) {
- return false;
- } else {
- return true;
- }
- }
- //Clear the string of exploitive characters
- public function clear_string($string) {
- $string = mysql_real_escape_string($string);
- $string = strip_tags($string);
- $string = trim($string);
- $string = addslashes($string);
- return $string;
- }
- //Locate the user in the database
- public function find_user($username) {
- $query = 'SELECT * FROM users WHERE username=\''.$username.'\'';
- $check = mysql_query($query);
- $returned = mysql_num_rows($check);
- if($returned == 0) {
- return false;
- } else {
- return true;
- }
- }
- //Retrieve specified item from user's information
- //Current columns within the table include:
- /* 'id', 'username', 'password', 'email', 'usergroup' */
- public function get_info($username,$col) {
- $query = 'SELECT * FROM users WHERE username=\''.$username.'\'';
- $check = mysql_query($query);
- $info = mysql_fetch_array($check);
- $selected = $info[$col];
- return $selected;
- }
- }
- class login extends account {
- private $username;
- private $password;
- private $remember;
- //Account Construction Function
- public function __construct($username,$password,$remember) {
- $this->username = parent::clear_string($username);
- $this->password = parent::clear_string($password);
- $this->remember = $remember;
- $this->begin_login();
- }
- //Check if the password matches the stored password
- private function check_pswd() {
- $username = $this->username;
- $password = md5($this->password);
- $sql_pswd = parent::get_info($username,'password');
- if($password != $sql_pswd) {
- return false;
- } else {
- return true;
- }
- }
- //Check if the user has validated their account
- //The user is invalid if their usergroup is 0
- private function check_validity() {
- $username = $this->username;
- $usergroup = parent::get_info($username,'usergroup');
- if($usergroup == 0) {
- return false;
- } else {
- return true;
- }
- }
- //Set the login cookie
- private function set_cookie() {
- $username = $this->username;
- $remember = $this->remember;
- $code = parent::str_rand(10);
- $code = md5($username.$code);
- if($remember == true) {
- setcookie('knoxius_account',$code,time()+60+60+24+30,'/','.knoxius.com');
- } else {
- setcookie('knoxius_account',$code,0,'/','.knoxius.com');
- }
- return $code;
- }
- //Set the login session
- private function create_session() {
- session_start();
- $username = $this->username;
- $code = parent::str_rand(10);
- $sess_id = md5($username.$code);
- $_SESSION['knoxius_account'] = $sess_id;
- $cookie = $this->set_cookie();
- $query = 'INSERT INTO session VALUES(NULL,\''.$username.'\',\''.$cookie.'\',\''.$sess_id.'\'';
- $create_sess = mysql_query($query);
- if(!$create_sess) {
- return false;
- } else {
- return true;
- }
- }
- //Log the user in
- private function begin_login() {
- $username = $this->username;
- $password = $this->password;
- if(empty($username) || empty($password)) { return 'Error: One or more fields were left blank.'; exit; }
- if(!$this->check_pswd()) { return 'Error: Password incorrect for user \''.$username.'\'.'; exit; }
- if(!$this->check_validity()) { return 'Error: User \''.$username.'\' has not been validated.'; exit; }
- if(!parent::find_user($username)) { return 'Error: User \''.$username.'\' not found in database.'; exit; }
- $login = $this->create_session();
- if(!$login) {
- return 'An unknown error occurred and you were not logged in.';
- }
- }
- }
- class register extends account {
- }
- class validate extends account {
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement