Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- How to make login sessions more secured?
- class Auth extends Session
- {
- public $ip_address;
- public $timestamp;
- public $user_agent;
- public function __construct()
- {
- $this->ip_address = $_SERVER['REMOTE_ADDR'];
- $this->user_agent = $_SERVER['HTTP_USER_AGENT'];
- $this->timestamp = date('Y-m-d H:i:s');
- }
- public function login($table = 'users',$username,$password,$username_column = 'username',$password_column = 'password')
- {
- if(!isset($username,$password))
- {
- return FALSE;
- } else {
- $username = mysql_real_escape_string($username);
- $password = md5(strip_tags($password));
- $query = "SELECT * FROM $table WHERE $username_column='$username' AND $password_column='$password'";
- if(mysql_num_rows($query) != 0)
- {
- $session_vars = array(
- 'session_id' => session_id(),
- 'username' => stripcslashes($username),
- 'ip_address' => $this->ip_address,
- 'user_agent' => $this->user_agent,
- 'timestamp' => $this->timestamp
- );
- $this->set_array($session_vars);
- $session_query = "INSERT INTO sessions(session_id,username,ip_address,user_agent,timestamp)";
- $session_query .= "VALUES('".implode(",'",$session_vars)."')";
- mysql_query($session_query) or die(mysql_error());
- return TRUE;
- }else{
- return FALSE;
- }
- }
- }
Add Comment
Please, Sign In to add comment