Absolut Engine PHP Cross Reference Web Portal Systems

Source: /admin/classauth.php - 94 lines - 3394 bytes - Summary - Text - Print

   1  <?
   2  /**

   3   * @package absolutengine

   4   */
   5  /** Authetication class for login and session purposes

   6   */
   7  class CAuth extends CDatabase
   8  {
   9  
  10     function CAuth()
  11     {
  12     $this->CDatabase();
  13     $this->user=""; $this->pass=""; $this->session="";
  14     }
  15  
  16     /** Log user in

  17      * @access public

  18      * @param string $user username

  19      * @param string $pass password

  20      */
  21     function UserLogin($user="",$pass="")
  22     {
  23     if (!$this->user OR !$this->pass)
  24        {
  25        header("location: http://".$this->server."/".$this->path."admin/index.php");
  26        exit;
  27        }
  28     $this->DBQuery("SELECT * FROM ".$this->table[5]." WHERE user='".$this->user."'");
  29     $this->DBGetRow();
  30     $currentuserID=$this->access["ID"];
  31     $username=$this->access["user"];
  32     if ($this->user==$this->access["user"] AND md5($this->pass)==$this->access["password"])
  33        {
  34        $this->DBQuery("SELECT * FROM ".$this->table[6]." WHERE userID='".$currentuserID."'");
  35        $this->DBGetRow();
  36        if ($this->rowsnumber) $this->DBQuery("DELETE FROM ".$this->table[6]." WHERE userID='".$currentuserID."'");
  37        $loginID=md5(uniqid($username));
  38        $currenttime=time();
  39        $this->DBQuery("INSERT INTO ".$this->table[6]." VALUES ('".$currentuserID."','".$loginID."','".$currenttime."')");
  40        header("location: http://".$this->server."/".$this->path."admin/admin.php?username=$username&session=$loginID");
  41        }
  42     else $this->DisplayError(1,1);
  43     }
  44  
  45     /**  Verify user session

  46      * @access public

  47      */
  48     function UserVerifySession()
  49     {
  50     $currenttime=time();
  51     // delete users that have timeouted

  52     $this->DBQuery("DELETE FROM ".$this->table[6]." WHERE logtime+'".$this->timeout."'<'".$currenttime."'");
  53     unset($loginID);
  54     $this->DBQuery("SELECT ID,position FROM ".$this->table[5]." WHERE user='".$this->username."'");
  55     $this->DBGetRow();
  56     $this->currentuserID=$this->access["ID"];
  57     $this->currentuserposition=$this->access["position"];
  58     if (!$this->session) $this->session="*@#$!(&^";
  59     $this->DBQuery("SELECT loginID FROM ".$this->table[6]." WHERE userID='".$this->currentuserID."' AND loginID='".$this->session."'");
  60     $this->DBGetRow();
  61     $loginID=$this->access["loginID"];
  62     if ($this->session<>$loginID OR !$this->username OR !$this->session) $this->DisplayError(15,1);
  63     else
  64        {
  65        // write current time to login table, so user won't be timed out

  66        $this->DBQuery("UPDATE ".$this->table[6]." SET logtime='".$currenttime."' WHERE userID='".$this->currentuserID."'");
  67        }
  68     }
  69  
  70     /** Verify user level / position

  71      * @access public

  72      * @param $int level user level/positon

  73      */
  74     function UserVerifyLevel($level=1)
  75     {
  76     if ($level==1 AND $this->currentuserposition<>1) $this->DisplayError(12,1);
  77     if ($level==2 AND $this->currentuserposition>2) $this->DisplayError(13,1);
  78     if ($level==3 AND $this->currentuserposition>3) $this->DisplayError(15,1);
  79     if ($level==4 AND $this->currentuserposition<>4) $this->DisplayError(1,1);
  80     if ($level==5 AND $this->currentuserposition<>5) $this->DisplayError(1,1);
  81     }
  82  
  83     /** Log user out

  84      * @access public

  85      */
  86     function UserLogout()
  87     {
  88     $this->DBQuery("DELETE FROM ".$this->table[6]." WHERE userID='".$this->currentuserID."'");
  89     header("location: http://".$this->server."/".$this->path."admin/index.php");
  90     }
  91  
  92  }
  93  
  94  ?>

title

Description

title

Description

title

Description

title

title

Body