Created
July 2, 2011 13:58
-
-
Save Nut/1060342 to your computer and use it in GitHub Desktop.
Neues Login für SilexBoard
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * @author Nut | |
| * @copyright © 2011 Silex Bulletin Board - Team | |
| * @license GNU GENERAL PUBLIC LICENSE v3 | |
| * @package SilexBoard.DEV | |
| * @version Revision: 8 | |
| */ | |
| class Login { | |
| private $Username; | |
| private $Password; | |
| private $StayLoggedIn; | |
| private $UserID; | |
| public function __construct() { | |
| $this->Username = mysql_real_escape_string($_POST['Username']); | |
| $this->Password = mysql_real_escape_string($_POST['Password']); | |
| isset($_POST['StayLoggedIn']) ? $this->StayLoggedIn = true : $this->StayLoggedIn = false; | |
| $this->Check(); | |
| } | |
| public function Check() { | |
| mysql::Select('users', 'Salt', 'UserName = \''.$this->Username.'\'', '', 1); | |
| $Salt = mysql::FetchObject()->Salt; | |
| if($Row = mysql::NumRows() == 1) { | |
| mysql::Select('users', 'ID', 'UserName = \''.$this->Username.'\' AND Password = \''.user::EncryptPassword($this->Password, $Salt).'\''); | |
| $this->UserID = mysql::FetchObject()->ID; | |
| $this->DoLogin(); | |
| } | |
| else | |
| return '{lang=com.sbb.login.wrongdata}'; | |
| } | |
| public function DoLogin() { | |
| $Hash = self::GenLoginHash(); | |
| switch($this->StayLoggedIn) { | |
| case true: | |
| session::Set('UserID', $this->UserID); | |
| setcookie('sbb_LoginHash', $Hash, time()+60*60*24*365); | |
| $Inserts = array( | |
| 'Time' => time(), | |
| 'UserID' => $this->UserID, | |
| 'LoginHash' => $Hash, | |
| 'IP' => $_SERVER['REMOTE_ADDR']); | |
| break; | |
| case false: | |
| session::Set('UserID', $this->UserID); | |
| session::Set('LoginHash', $Hash); | |
| $Inserts = array( | |
| 'Time' => time(), | |
| 'UserID' => $this->UserID, | |
| 'LoginHash' => $Hash, | |
| 'IP' => $_SERVER['REMOTE_ADDR']); | |
| break; | |
| } | |
| mysql::Insert('sessions', $Inserts); | |
| header('Location: ?page=Forwarding'); | |
| } | |
| public static function LoggedIn() { | |
| if(isset($_COOKIE['sbb_LoginHash'])) { | |
| mysql::Select('sessions', 'UserID', 'LoginHash = \''.$_COOKIE['sbb_LoginHash'].'\''); | |
| isset($_SESSION['UserID']) ? '' : session::Set('UserID', self::GetUserID()); | |
| return (mysql::NumRows() == 1); | |
| } else { | |
| mysql::Select('sessions', 'UserID', 'LoginHash = \''.session::Read('LoginHash').'\''); | |
| return (mysql::NumRows() == 1); | |
| } | |
| } | |
| public static function DoLogout() { | |
| mysql::Delete('sessions', 'LoginHash = \''.$_COOKIE['sbb_LoginHash'].'\''); | |
| mysql::Delete('sessions', 'LoginHash = \''.session::Read('LoginHash').'\''); | |
| session::Remove('UserID'); | |
| session::Remove('LoginHash'); | |
| setcookie('sbb_LoginHash', '', time()-60*60*24*365); | |
| } | |
| public static function AutoLogout() { | |
| if(self::LoggedIn() && !isset($_COOKIE['sbb_LoginHash'])) { | |
| mysql::Select('sessions', 'Time', 'LoginHash = \''.session::Read('LoginHash').'\''); | |
| if((time() + 10 * 6) - mysql::FetchObject()->Time > 600) | |
| header('Location: ?page=Logout'); | |
| else { | |
| $Update = array('Time' => time()); | |
| mysql::Update('sessions', $Update, 'LoginHash = \''.session::Read('LoginHash').'\''); | |
| } | |
| } | |
| } | |
| // Hash Stuff | |
| private static function GenLoginHash() { | |
| $Hash = array_merge(range('a', 'z'), range(1, 9)); | |
| shuffle($Hash); | |
| foreach($Hash as $Gen){ | |
| $Output .= $Gen; | |
| } | |
| return substr($Output, 0, 20).$this->UserID; | |
| } | |
| private static function GetUserID() { | |
| return substr($_COOKIE['sbb_LoginHash'], 20, 21); | |
| } | |
| } | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment