/includes/user.php
PHP | 187 lines | 151 code | 34 blank | 2 comment | 32 complexity | 7d16040d05260417014309505de18ca3 MD5 | raw file
- <?php
- // copy justified APhe 2012
- ?>
- <?php
- class User extends Get {
- public $password;
- public $user;
- public function __construct() {
- parent::__construct();
- }
- function set_comp() {
- $set_comp = "select @mf:=" . $this->user;
- mysql_query($set_comp);
- }
- function get_comp() {
-
- }
- function login($user, $pwd, $comp) {
- $pwd = md5($pwd);
- parent::getLogin($user, $pwd, $comp);
- if ($this->user == TRUE) {
- parent::getCompFrom($comp, $user);
- } else {
- return $this->login_session = false;
- }
- $date = date("Y-m-d H:i:s");
- $sql = "insert into loginlog values ('" . $user . "', '" . $date . "' , 0, 0, 0)";
- mysql_query($sql) or die(mysql_error());
- if ($this->user == true) {
- parent::getLevel($user);
- $value = rand(strtotime($date), getrandmax());
- $session = serialize(array("user" => $user, "comp" => $comp));
- $_SESSION[Param::getDabase()["SESSION"]] = $session;
- if (isset($_POST["remember"])) {
- setcookie(Param::getDabase()["COOKIES"], $value, time() + 3600, $_SERVER["HTTP_HOST"]);
- } else {
- setcookie(Param::getDabase()["COOKIES"], $value, 0, $_SERVER["HTTP_HOST"]);
- }
- $sql = "update loginlog set authorize = '1', cookies = '" . $value . "', session = '" . $session . "' where timedate = '" . $date . "'";
- mysql_query($sql) or die(mysql_error());
- return $this->login_session = true;
- } else {
- return $this->login_session = false;
- }
- }
- function loged() {
- if (!isset($this->login_session)) {
- if (isset($_COOKIE[Param::getDabase()["COOKIES"]])) {
- $cookies = $_COOKIE[Param::getDabase()["COOKIES"]];
- parent::getSession($cookies);
- if ($this->login_session == true) {
- parent::getLevel($cookies);
- parent::getComp($cookies);
- }
- }
- } else {
- return $this->login_session;
- }
- }
- function check_uname() {
- if (isset($_COOKIE[Param::getDabase()["COOKIES"]])) {
- $cookies = $_COOKIE[Param::getDabase()["COOKIES"]];
- parent::getUname($cookies);
- }
- }
- function check_user($user) {
- foreach ($this->user as $index) {
- if ($index["user"] == $user)
- return TRUE;
- }
- return FALSE;
- }
- function check_available($uname) {
- $que = mysql_query("select * from login where login.user = '" . $uname . "' and login.profile = '" . $this->comp . "'");
- if (mysql_num_rows($que) != 0) {
- return FALSE;
- }
- return TRUE;
- }
- function check_password($user, $pwd, $comp) {
- parent::getLogin($user, $pwd, $comp);
- if ($this->user == 1) {
- return TRUE;
- } else {
- return FALSE;
- }
- }
- function check_newpass($new1, $new2) {
- $compare = strcmp(md5($new1), md5($new2));
- if ($compare == 0) {
- $this->combine($new1, $new2);
- if ($this->compare($this->password, $_POST["lpass"]))
- return FALSE;
- if (!$this->check_strength($this->password)) {
- return FALSE;
- }
- return TRUE;
- } else {
- return FALSE;
- }
- }
- function compare($new, $old) {
- $compare = strcmp($new, $old);
- if ($compare == 0) {
- return TRUE;
- }
- return FALSE;
- }
- function combine($new1, $new2) {
- $split = str_split($new1);
- $split_again = str_split($new2);
- $string = array_replace($split, $split_again);
- foreach ($string as $index) {
- $this->password = $this->password . $index;
- }
- return $this->password;
- }
- function create_user($uname, $pass) {
- $que = "INSERT INTO `login` (`user`, `pswd`, `level`, `profile`) VALUES ('" . $uname . "', '" . md5(pass) . "', 'user', " . $this->comp . ")";
- mysql_query($que) or die(mysql_error());
- }
- function changePass($new) {
- $que = "UPDATE login SET login.pswd = '" . md5($new) . "'WHERE login.profile = '" . $this->comp . "'";
- mysql_query($que) or die(mysql_error());
- }
- function check_strength($new) {
- if (strlen($new) < Param::getDabase()["PASS_LONG"]) {
- return FALSE;
- }
- if (preg_match("/[[:space:]]/", $new)) {
- return FALSE;
- }
- return TRUE;
- }
- function get_user() {
- $que = mysql_query("select login.user from login where login.profile = '" . $this->comp . "' and level <> 'administrator'") or die(mysql_error());
- $this->user = $this->fetch($que);
- }
- function delete_user($user) {
- $que = mysql_query("DELETE FROM `login` WHERE `user`='" . $user . "' AND `profile`=" . $this->comp . " LIMIT 1;") or die(mysql_error());
- }
- //too lazy to modified parent function :p
- private function fetch($query) {
- $random[] = rand(1, 9999999);
- while ($fetch = mysql_fetch_assoc($query)) {
- $array[] = $fetch;
- }
- if (!empty($array))
- return $array;
- else
- return $random;
- }
- }
- ?>