PageRenderTime 49ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/Control/LoginLogic.php

https://bitbucket.org/onlinechessportal/onlinechessgameportal
PHP | 95 lines | 81 code | 10 blank | 4 comment | 25 complexity | 18d449284799e044406c8e452941d3ec MD5 | raw file
Possible License(s): LGPL-2.1 
    

  1. <?php

    2. 

  2. function IsTempBanned($Username) {

    3. 

  3. 	$Query = "SELECT *, TIMEDIFF(bl_date + INTERVAL 2 MONTH, NOW()) AS bl_timediff FROM `blacklisttemp` WHERE `bl_user` ='".$Username."'";

    4. 

  4. 		

    5. 

  5. 	if ($QueryRun = mysql_query ($Query)) {			

    6. 

  6. 		$QueryNumRows = mysql_num_rows ($QueryRun); 

    7. 

  7. 		if ($QueryNumRows == 0 ) {

    8. 

  8. 		    return false;

    9. 

  9. 		} else if ($QueryNumRows == 1){

    10. 

  10. 			//return true;

    11. 

  11. 			$TimeDifference = mysql_result ($QueryRun, 0, 'bl_timediff');

    12. 

  12. 			if ($TimeDifference <= '0:0:0') {

    13. 

  13. 				$QueryDelete = "DELETE FROM `blacklisttemp` WHERE bl_user = '".$Username."'";

    14. 

  14. 				$QueryUpdateRun = mysql_query ($QueryUpdate);

    15. 

  15. 				return false;

    16. 

  16. 			} else {

    17. 

  17. 				//have to mention time

    18. 

  18. 				return true;

    19. 

  19. 			}

    20. 

  20. 		}

    21. 

  21. 	}

    22. 

  22. }

    23. 

  23. 

    24. 

  24. function Check($Username, $Password) {

    25. 

  25.     $PasswordHash = md5 ($Password);

    26. 

  26. 	$QueryCheck = "SELECT * FROM `user` WHERE `us_username` ='".$Username."' AND `us_password` = '".$PasswordHash."'";

    27. 

  27. 		

    28. 

  28. 	if ($QueryCheckRun = mysql_query ($QueryCheck)) {			

    29. 

  29. 		$QueryNumRows = mysql_num_rows ($QueryCheckRun); 

    30. 

  30. 		if ($QueryNumRows == 0 ) {

    31. 

  31. 		    return $PasswordHash;

    32. 

  32. 		} else if ($QueryNumRows == 1){

    33. 

  33. 		    SetSession($QueryCheckRun);

    34. 

  34. 		    return true;

    35. 

  35. 		}

    36. 

  36. 	}

    37. 

  37. }

    38. 

  38. 

    39. 

  39. function SetSession($QueryCheckRun) {

    40. 

  40.     $SessionUsername = mysql_result ($QueryCheckRun, 0, 'us_username');

    41. 

  41. 	$SessionRole = mysql_result ($QueryCheckRun, 0, 'us_role');

    42. 

  42. 	$SessionPlayerID = mysql_result ($QueryCheckRun, 0, 'us_id');

    43. 

  43. 	$_SESSION['username'] = $SessionUsername;

    44. 

  44. 	$_SESSION['role'] = $SessionRole;

    45. 

  45. 	$_SESSION['playerID'] = $SessionPlayerID;

    46. 

  46. 	$_SESSION['timeout'] = time();

    47. 

  47. 	return true;

    48. 

  48. }

    49. 

  49. 

    50. 

  50. function IsAuthenticated($Username) {

    51. 

  51.     $QueryAuthenticated = "SELECT * FROM `user` WHERE `us_username` ='".$Username."'";

    52. 

  52. 	$QueryAuthenticatedRun = mysql_query ($QueryAuthenticated);

    53. 

  53. 	$UserStatus = mysql_result ($QueryAuthenticatedRun, 0, 'us_status');

    54. 

  54. 	

    55. 

  55. 	if ($UserStatus == "Inactive") {

    56. 

  56. 	    return false;

    57. 

  57. 	} else {

    58. 

  58. 		UpdateStatusLogIn($Username);

    59. 

  59. 	    return true;

    60. 

  60. 	}

    61. 

  61. }

    62. 

  62. 

    63. 

  63. function UpdateStatusLogIn ($Username) {

    64. 

  64.     $QueryUpdate = "UPDATE `user` SET us_status = 'LoggedIn' WHERE us_username = '".$Username."'";

    65. 

  65. 	$QueryUpdateRun = mysql_query ($QueryUpdate);

    66. 

  66. }

    67. 

  67. 

    68. 

  68. function CheckAnswer($Username, $Answer) {

    69. 

  69. 	

    70. 

  70. 	$Query = "SELECT * FROM `user` WHERE us_username = '".$Username."'";

    71. 

  71. 	if($QueryRun = mysql_query($Query)) {

    72. 

  72. 	    if (mysql_num_rows($QueryRun) == 1) {

    73. 

  73. 			$SecA = mysql_result ($QueryRun, 0, 'us_securityqanswer');

    74. 

  74. 			if($SecA == $Answer) {

    75. 

  75. 				return true;

    76. 

  76. 			} else {

    77. 

  77. 				return false;

    78. 

  78. 			}

    79. 

  79. 		} else {

    80. 

  80. 			return 'You have not signed up yet. Please Sign Up to proceed';

    81. 

  81. 		}

    82. 

  82. 		//return 'Done';

    83. 

  83. 	} else {

    84. 

  84. 		return 'Error';

    85. 

  85. 	}

    86. 

  86. }

    87. 

  87. 	

    88. 

  88. function UpdatePassword($Email,$Password) {

    89. 

  89. 	//echo '<script language="javascript">alert("inside update.")</script>';

    90. 

  90. 	$PasswordHash = md5($Password);

    91. 

  91. 	$Query1 = "UPDATE `user` SET us_password = '".$PasswordHash."' WHERE us_username = '".$Email."'";

    92. 

  92. 	$Query1Run = mysql_query($Query1);

    93. 

  93. 	return true;

    94. 

  94. }

    95. 

  95. ?>
    96.