Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- /*
- USERS_LOGIN :
- id INT(11) NOT NULL AUTO_INCREMENT,
- caps INT(5)
- email VARCHAR(150) NOT NULL,
- pwd VARCHAR(20) NOT NULL,
- */
- /*
- USERS_INFORMATIONS :
- hash VARCHAR(20) NOT NULL,
- civility INT(1),
- first_name VARCHAR(150),
- last_name VARCHAR(200),
- date_of_bird TIMESTAMP,
- company VARCHAR(255),
- mailing_address VARCHAR(255),
- zip_code VARCHAR(5),
- town VARCHAR(150),
- country VARCHAR(255),
- phone VARCHAR(20),
- mobile VARCHAR(20),
- fax VARCHAR(20),
- newsletter BOOL,
- */
- require_once($GLOBALS['e-commerce']['server-root'].'/inc/db.inc.php');
- require_once($GLOBALS['e-commerce']['server-root'].'/inc/errors.inc.php');
- // Création d'une session afin de stocker, si le loggin est réussi, les renseignements
- session_start();
- header('Cache-control: private');
- define('SECRET_KEY', "XUyJAJ");
- // Droits des utilisateurs
- define('CAP_USER_AUTH', 0x00000001);
- define('CAP_USER_ADMIN', 0x00000002);
- define('CAP_ITEM_ADD', 0x00000010);
- define('CAP_ITEM_EDIT', 0x00000020);
- define('CAP_ITEM_DELETE', 0x00000040);
- // Classe des utilisateurs
- class Users_Informations
- {
- var $civility;
- var $first_name;
- var $last_name;
- var $date_of_birth;
- var $company;
- var $mailing_address;
- var $zip_code;
- var $town;
- var $country;
- var $phone;
- var $mobile;
- var $fax;
- var $newsletter;
- function __construct($data)
- {
- $this->civility = $data['civility'];
- $this->first_name = $data['first_name'];
- $this->last_name = $data['last_name'];
- $this->date_of_birth = $data['date_of_birth'];
- $this->company = $data['company'];
- $this->mailing_address = $data['mailing_address'];
- $this->zip_code = $data['zip_code'];
- $this->town = $data['town'];
- $this->country = $data['country'];
- $this->phone = $data['phone'];
- $this->mobile = $data['mobile'];
- $this->fax = $data['fax'];
- $this->newsletter = $data['newsletter']; //bool
- }
- function &load_informations($hash)
- {
- $query = "SELECT * FROM USERS_INFORMATIONS WHERE hash = $hash";
- $res = mysql_query(db(), $query);
- if ($res == false)
- return null;
- $data = mysql_fetch_array($res);
- return &new Users_Informations($data);
- }
- }
- class User
- {
- var $id;
- var $caps;
- var $email;
- var $_pwd;
- var $personnal_informations;
- function __construct($data)
- {
- $this->id = $data['id'];
- $this->_pwd = $data['password'];
- $this->caps = $data['caps'];
- $this->email = $data['email'];
- $this->personnal_informations = null;
- }
- function authenticate($pwd)
- {
- if (!($this->caps & CAP_USER_AUTH))
- return false;
- return $this->_pwd == sha1($pwd);
- }
- function login()
- {
- $_SESSION['umail'] = $this->email;
- }
- function __destruct()
- {
- $_SESSION = Array();
- session_destroy();
- }
- function load_personnal_informations()
- {
- $hash = sha1( sha1($this->id) . SECRET_KEY . sha1($this->email) );
- $this->personnal_informations = Users_Informations::load_informations($hash);
- }
- function unload_personnal_informations()
- {
- $this->personnal_informations = null;
- }
- function &load($id)
- {
- $id = db_format_value($id);
- $query = "SELECT * FROM USERS_LOGIN WHERE id = $id";
- $res = mysql_query(db(), $query);
- if ($res === false)
- return null;
- $data = mysql_fetch_array($res);
- return new User($data);
- }
- function &search($email = null)
- {
- $query = 'SELECT * FROM USERS_LOGIN';
- if ($email !== null)
- {
- $email = db_format_value($email);
- $query .= " WHERE email = $email";
- }
- $res = mysql_query(db(), $query);
- if ($res === false)
- return null;
- $users = Array();
- while ($data = mysql_fetch_array($res))
- $users[] = &new User($data);
- return $users;
- }
- function ¤t()
- {
- static $user = null;
- if ($user !== null)
- return $user;
- if (isset($_SESSION['umail']))
- {
- $users = &User::search($_SESSION['umail']);
- if (count($users) > 0)
- $user = $users[0];
- }
- return $user;
- }
- }
- class Users_SQL extends Users
- {
- var $_errors;
- function create($data)
- {
- $_errors = new Errors();
- $exist = &parrent::search($data['email']);
- if ($exist)
- $_errors->add("email", $data['email'], "L'adresse mail &value est déjà utilisée.");
- else
- {
- if (empty($this->email))
- $_errors->add("email", null, "L'adresse mail doit être renseignée!");
- if (empty($this->pwd))
- $_errors->add("email", null, "Le mot de passe doit être renseigné!");
- $validMail = "/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/";
- $validPassword = "/^.*(?=.{8,})(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).*$/";
- if (!preg_match($validMail, $data['email']))
- $_errors->add("email", $data['email'], "L'adresse mail &value n'est pas valide");
- else
- {
- if (!preg_match($validPassword, $data['pwd']))
- $_errors->add("pwd", $data['pwd'], "Le mot de passe n'est pas valide");
- else
- {
- $email = db_format_value($data['email']);
- $pwd = db_format_value($data['pwd']);
- $pwd = sha1($pwd);
- $query = 'INSERT into USERS_LOGIN ';
- $query .= '(id, caps, email, pwd)';
- $query .= "VALUES(NULL, 0, $this->email, $pwd)";
- $res = mysql_query($query, db());
- if (mysql_error())
- $_errors->add("mysql", mysql_error(), "Erreur mySQL >> &value");
- }
- }
- }
- return $_errors; // NULL IF EMPTY
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement