user.php | searchcode

/includes/user.php

https://bitbucket.org/afriyandi/reporting
PHP | 187 lines | 151 code | 34 blank | 2 comment | 32 complexity | 7d16040d05260417014309505de18ca3 MD5 | raw file

<?php

// copy justified APhe 2012
?>

<?php

class User extends Get {

    public $password;
    public $user;

    public function __construct() {
        parent::__construct();
    }

    function set_comp() {
        $set_comp = "select @mf:=" . $this->user;
        mysql_query($set_comp);
    }

    function get_comp() {
        
    }

    function login($user, $pwd, $comp) {
        $pwd = md5($pwd);
        parent::getLogin($user, $pwd, $comp);
        if ($this->user == TRUE) {
            parent::getCompFrom($comp, $user);
        } else {
            return $this->login_session = false;
        }

        $date = date("Y-m-d H:i:s");

        $sql = "insert into loginlog values ('" . $user . "', '" . $date . "' , 0, 0, 0)";
        mysql_query($sql) or die(mysql_error());

        if ($this->user == true) {
            parent::getLevel($user);

            $value = rand(strtotime($date), getrandmax());

            $session = serialize(array("user" => $user, "comp" => $comp));

            $_SESSION[Param::getDabase()["SESSION"]] = $session;

            if (isset($_POST["remember"])) {
                setcookie(Param::getDabase()["COOKIES"], $value, time() + 3600, $_SERVER["HTTP_HOST"]);
            } else {
                setcookie(Param::getDabase()["COOKIES"], $value, 0, $_SERVER["HTTP_HOST"]);
            }
            $sql = "update loginlog set authorize = '1', cookies = '" . $value . "', session = '" . $session . "' where timedate = '" . $date . "'";
            mysql_query($sql) or die(mysql_error());

            return $this->login_session = true;
        } else {
            return $this->login_session = false;
        }
    }

    function loged() {
        if (!isset($this->login_session)) {
            if (isset($_COOKIE[Param::getDabase()["COOKIES"]])) {
                $cookies = $_COOKIE[Param::getDabase()["COOKIES"]];
                parent::getSession($cookies);
                if ($this->login_session == true) {
                    parent::getLevel($cookies);
                    parent::getComp($cookies);
                }
            }
        } else {
            return $this->login_session;
        }
    }

    function check_uname() {
        if (isset($_COOKIE[Param::getDabase()["COOKIES"]])) {
            $cookies = $_COOKIE[Param::getDabase()["COOKIES"]];
            parent::getUname($cookies);
        }
    }

    function check_user($user) {
        foreach ($this->user as $index) {
            if ($index["user"] == $user)
                return TRUE;
        }
        return FALSE;
    }

    function check_available($uname) {
        $que = mysql_query("select * from login where login.user = '" . $uname . "' and login.profile = '" . $this->comp . "'");
        if (mysql_num_rows($que) != 0) {
            return FALSE;
        }
        return TRUE;
    }

    function check_password($user, $pwd, $comp) {
        parent::getLogin($user, $pwd, $comp);
        if ($this->user == 1) {
            return TRUE;
        } else {
            return FALSE;
        }
    }

    function check_newpass($new1, $new2) {
        $compare = strcmp(md5($new1), md5($new2));
        if ($compare == 0) {
            $this->combine($new1, $new2);
            if ($this->compare($this->password, $_POST["lpass"]))
                return FALSE;
            if (!$this->check_strength($this->password)) {
                return FALSE;
            }
            return TRUE;
        } else {
            return FALSE;
        }
    }

    function compare($new, $old) {
        $compare = strcmp($new, $old);
        if ($compare == 0) {
            return TRUE;
        }
        return FALSE;
    }

    function combine($new1, $new2) {
        $split = str_split($new1);
        $split_again = str_split($new2);
        $string = array_replace($split, $split_again);
        foreach ($string as $index) {
            $this->password = $this->password . $index;
        }

        return $this->password;
    }

    function create_user($uname, $pass) {
        $que = "INSERT INTO `login` (`user`, `pswd`, `level`, `profile`) VALUES ('" . $uname . "', '" . md5(pass) . "', 'user', " . $this->comp . ")";
        mysql_query($que) or die(mysql_error());
    }

    function changePass($new) {
        $que = "UPDATE login SET login.pswd = '" . md5($new) . "'WHERE login.profile = '" . $this->comp . "'";
        mysql_query($que) or die(mysql_error());
    }

    function check_strength($new) {
        if (strlen($new) < Param::getDabase()["PASS_LONG"]) {
            return FALSE;
        }
        if (preg_match("/[[:space:]]/", $new)) {
            return FALSE;
        }

        return TRUE;
    }

    function get_user() {
        $que = mysql_query("select login.user from login where login.profile = '" . $this->comp . "' and level <> 'administrator'") or die(mysql_error());
        $this->user = $this->fetch($que);
    }

    function delete_user($user) {
        $que = mysql_query("DELETE FROM `login` WHERE  `user`='" . $user . "' AND `profile`=" . $this->comp . " LIMIT 1;") or die(mysql_error());
    }

    //too lazy to modified parent function :p
    private function fetch($query) {
        $random[] = rand(1, 9999999);
        while ($fetch = mysql_fetch_assoc($query)) {
            $array[] = $fetch;
        }
        if (!empty($array))
            return $array;
        else
            return $random;
    }

}
?>