PageRenderTime 26ms CodeModel.GetById 16ms RepoModel.GetById 1ms app.codeStats 0ms

/ecerp/System/Libraries/SP_Auth.php

http://phpfor.googlecode.com/
PHP | 160 lines | 103 code | 27 blank | 30 comment | 21 complexity | 8a8d8e9087b37a6845c6cae54aebb091 MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. class SP_Auth {
    4. 

  4. 

  5.     var $LOGIN_FLAG = false;
    6. 

  6. 

  7.     var $M_info = NULL;
    8. 

  8. 

  9.     var $db;
    10. 

  10. 

  11.     function SP_Auth() {
    12. 

  12. 

  13.         $tmpconfig =& Loader::config();
    14. 

  14.         $this->config = $tmpconfig['auth'];
    15. 

  15. 

  16.         $this->db =& Loader::database('db');
    17. 

  17. 

  18.         if(isset($_COOKIE[$this->config['cookie_name']])){
    19. 

  19. 

  20.             $auth = $this->authcode(
    21. 

  21.                 $_COOKIE[$this->config['cookie_name']],
    22. 

  22.                 'DECODE',
    23. 

  23.                 md5($this->config['auth_key']/*.$_SERVER['HTTP_USER_AGENT']*/)
    24. 

  24.             );
    25. 

  25. 

  26.             $auth = explode("\t",$auth);
    27. 

  27.             $uid = isset($auth[1])?$auth[1]:0;
    28. 

  28.             $upass = isset($auth[0])?$auth[0]:'';
    29. 

  29. 

  30.             $this->db->select($this->config['db_table'],'*',$this->config['db_uid']."='$uid'");
    31. 

  31.             $member_info = $this->db->getRow();
    32. 

  32. 

  33.             if(!$member_info){
    34. 

  34.                 $this->LOGIN_FLAG = false;
    35. 

  35.             }else{
    36. 

  36.                 if($member_info[$this->config['db_upass']] == $upass){
    37. 

  37.                     $this->LOGIN_FLAG = true;
    38. 

  38.                     $this->M_info = $member_info;
    39. 

  39.                 }else{
    40. 

  40.                     $this->LOGIN_FLAG = false;
    41. 

  41.                 }
    42. 

  42.             }
    43. 

  43.         }else{
    44. 

  44.             $this->LOGIN_FLAG = false;
    45. 

  45.         }
    46. 

  46.     }
    47. 

  47. 

  48.     /**
    49. 

  49.      * ????????
    50. 

  50.      *
    51. 

  51.      * @return Bool
    52. 

  52.      */
    53. 

  53.     function isLogedin() {
    54. 

  54.         return $this->LOGIN_FLAG;
    55. 

  55.     }
    56. 

  56. 

  57.     /**
    58. 

  58.      * ??????
    59. 

  59.      *
    60. 

  60.      * @param String $key
    61. 

  61.      * @param String $default
    62. 

  62.      * @return String
    63. 

  63.      */
    64. 

  64.     function getInfo($key,$default = '') {
    65. 

  65.         return isset ($this->M_info["$key"]) ? $this->M_info["$key"] : $default;
    66. 

  66.     }
    67. 

  67. 

  68.     /**
    69. 

  69.      * ??????
    70. 

  70.      *
    71. 

  71.      * @param String $loginname
    72. 

  72.      * @param String $password
    73. 

  73.      * @param String $expire_time
    74. 

  74.      * @return Bool
    75. 

  75.      */
    76. 

  76.     function setLogin($loginname,$password,$expire_time = 0){
    77. 

  77.         $this->db->select($this->config['db_table'], '*', $this->config['db_loginname'] . "='$loginname'");
    78. 

  78.         $member_info = $this->db->getRow();
    79. 

  79.         if($member_info && $member_info[$this->config['db_upass']] == $password){
    80. 

  80.             $this->LOGIN_FLAG = true;
    81. 

  81.             $this->M_info = $member_info;
    82. 

  82.             $my_auth = $this->authcode(
    83. 

  83.                 $password."\t".$member_info[$this->config['db_uid']],
    84. 

  84.                 'ENCODE',
    85. 

  85.                 md5($this->config['auth_key']/*.$_SERVER['HTTP_USER_AGENT']*/)
    86. 

  86.             );
    87. 

  87. 

  88.             setcookie($this->config['cookie_name'],$my_auth,$expire_time,$this->config['cookie_path'],$this->config['cookie_domain']);
    89. 

  89. 

  90.             //update operators update_time
    91. 

  91.             $this->db->update($this->config['db_table'], $this->config['db_loginname'] . "='$loginname'", array('update_time'=>date('Y-m-d H:i:s')));
    92. 

  92.             $this->db->query();
    93. 

  93.             return true;
    94. 

  94.         }else{
    95. 

  95.             return false;
    96. 

  96.         }
    97. 

  97.     }
    98. 

  98. 

  99.     function clearLogin(){
    100. 

  100.         setcookie($this->config['cookie_name'],'',- 86400 * 365,$this->config['cookie_path'],$this->config['cookie_domain']);
    101. 

  101.     }
    102. 

  102. 

  103.     /**
    104. 

  104.      * ????
    105. 

  105.      *
    106. 

  106.      * @param String $string
    107. 

  107.      * @param String $operation
    108. 

  108.      * @param String $key
    109. 

  109.      * @param Int $expiry
    110. 

  110.      * @return String
    111. 

  111.      */
    112. 

  112.      function authcode($string, $operation = 'DECODE', $key, $expiry = 0) {
    113. 

  113.          $ckey_length = 4;
    114. 

  114.          $key = md5($key);
    115. 

  115.          $keya = md5(substr($key, 0, 16));
    116. 

  116.          $keyb = md5(substr($key, 16, 16));
    117. 

  117.          $keyc = $ckey_length ? ($operation == 'DECODE' ? substr($string, 0, $ckey_length): substr(md5(microtime()), -$ckey_length)) : '';
    118. 

  118. 

  119.          $cryptkey = $keya.md5($keya.$keyc);
    120. 

  120.          $key_length = strlen($cryptkey);
    121. 

  121. 

  122.          $string = $operation == 'DECODE' ? base64_decode(substr($string, $ckey_length)) : sprintf('%010d', $expiry ? $expiry + time() : 0).substr(md5($string.$keyb), 0, 16).$string;
    123. 

  123.          $string_length = strlen($string);
    124. 

  124. 

  125.          $result = '';
    126. 

  126.          $box = range(0, 255);
    127. 

  127. 

  128.          $rndkey = array();
    129. 

  129.          for($i = 0; $i <= 255; $i++) {
    130. 

  130.              $rndkey[$i] = ord($cryptkey[$i % $key_length]);
    131. 

  131.          }
    132. 

  132. 

  133.          for($j = $i = 0; $i < 256; $i++) {
    134. 

  134.              $j = ($j + $box[$i] + $rndkey[$i]) % 256;
    135. 

  135.              $tmp = $box[$i];
    136. 

  136.              $box[$i] = $box[$j];
    137. 

  137.              $box[$j] = $tmp;
    138. 

  138.          }
    139. 

  139. 

  140.          for($a = $j = $i = 0; $i < $string_length; $i++) {
    141. 

  141.              $a = ($a + 1) % 256;
    142. 

  142.              $j = ($j + $box[$a]) % 256;
    143. 

  143.              $tmp = $box[$a];
    144. 

  144.              $box[$a] = $box[$j];
    145. 

  145.              $box[$j] = $tmp;
    146. 

  146.              $result .= chr(ord($string[$i]) ^ ($box[($box[$a] + $box[$j]) % 256]));
    147. 

  147.          }
    148. 

  148. 

  149.          if($operation == 'DECODE') {
    150. 

  150.              if((substr($result, 0, 10) == 0 || substr($result, 0, 10) - time() > 0) && substr($result, 10, 16) == substr(md5(substr($result, 26).$keyb), 0, 16)) {
    151. 

  151.                  return substr($result, 26);
    152. 

  152.              } else {
    153. 

  153.                  return '';
    154. 

  154.              }
    155. 

  155.          } else {
    156. 

  156.              return $keyc.str_replace('=', '', base64_encode($result));
    157. 

  157.          }
    158. 

  158. 

  159.      }
    160. 

  160. }
    161.