Skip to content

Instantly share code, notes, and snippets.

@Zork67
Created August 12, 2015 13:40
Show Gist options
  • Save Zork67/71951e1f2087be8ecf25 to your computer and use it in GitHub Desktop.
Save Zork67/71951e1f2087be8ecf25 to your computer and use it in GitHub Desktop.
public function auth($login, $passwors) {
$query = pg_query("SELECT password,role FROM subsbl.user WHERE login='$login' ") or die('Ошибка запроса: ' . pg_last_error());
$result = pg_fetch_assoc($query);
//var_dump($result);
if($result['password'] == md5(md5($passwors))) {
$_SESSION["is_auth"] = true; //Делаем пользователя авторизованным
$_SESSION["login"] = $login; //Записываем в сессию логин пользователя
$query2 = pg_query("SELECT permissions FROM subsbl.roles WHERE id='$result[role]' ") or die('Ошибка запроса: ' . pg_last_error());
$result2 = pg_fetch_assoc($query2);
$permissions = $result2['permissions'];
if(strpos($permissions, ',') !== false)
$permissions2 = explode(',', $permissions);
else
{
$permissions2 = array();
$permissions2[] = $permissions;
}
$sql = 'SELECT operations FROM subsbl.permissions WHERE ';
$sql2 = '';
foreach($permissions2 as $permission)
$sql2 .= ($sql2 == '' ? '' : ' OR ') . 'id = ' . $permission;
$query3 = pg_query($sql.$sql2) or die('Ошибка запроса: ' . pg_last_error());
$result3 = pg_fetch_all($query3);
$permitted_operations = array();
foreach($result3 as $perm_operations)
{
if(strpos($perm_operations['operations'], ',') !== false)
$po = explode(',', $perm_operations['operations']);
else
{
$po = array();
$po[] = $perm_operations['operations'];
}
foreach($po as $operation)
$permitted_operations[] = $operation;
}
$_SESSION['permissions'] = $permitted_operations;
return true;
}
else { //Логин и пароль не подошел
$_SESSION["is_auth"] = false;
return false;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment