TalkPHP - View Single Post

Scottymeuk · 01-10-2009, 01:38 PM

I wouldnt do that.

You need to do things like

PHP Code:


			
$user->login($_POST)

That above bit goes in the bit that says, if post etc.

Then on the login bit you need to make sessions etc. I will post my one (Please note this wont work properly as it integrates methods etc that my framework has so you will need to change it a lot but you will be able to see what i mean):

Please note that its not perfect as i did code it at like 3am.

PHP Code:


			
<?php

function login($userData, $redirect = '')

{        

    if(!$this->isRegistered()) 

    {

        $this->core->session->destroy();

        if(!empty($userData['username']) and !empty($userData['password']))

        {

            $password = $this->core->app->generateHash($userData['password'], $userData['username']);

               

            $data = array('userId','username','password');

            

            $sql = "SELECT userId

                    FROM users

                    WHERE username = '" . $userData['username'] . "'

                        AND password = '$password'

                    LIMIT 1";

            

            $checkUser = $this->core->database->query($sql);

           

            if($this->core->database->getNumRows($checkUser) == 1)

            {

                while($userDetails = $this->core->database->getArray($checkUser))

                {

                    $sessionId = $this->core->app->generateHash(session_id(), $userData['username']);

                        

                    if($this->core->session->register('isregistered') == false)

                    {

                        $this->core->session->delete_all_var();

                        return false;

                    }

                    else

                    {

                        if($this->core->session->set_var('userid',$userDetails['userId']) == false)

                        {

                            $this->core->session->delete_all_var();

                            return false;

                        }

                        else

                        {

                            if($this->core->session->set_var('password',$password) == false)

                            {

                                $this->core->session->delete_all_var();

                                return false;

                            }

                            else

                            {

                                if($this->core->session->set_var('session_hash',$sessionId) == false)

                                {

                                    $this->core->session->delete_all_var();

                                    return false;    

                                }

                            }

                        }

                    }

                       

                    $expiresTime = time() + 3600;

                       

                    $sql = "INSERT INTO sessions

                            (userid,sessionhash,expires)

                            VALUES ('" . $userDetails['userId'] . "','$sessionId','$expiresTime')";

                    

                    $query = $this->core->database->query($sql);

                    

                    if($query)

                    {

                           if(!empty($redirect))

                           {

                               $this->core->app->redirect($redirect);

                           }

                        return true;

                    }

                    else

                    {

                        return false;

                    }

                }

            }

            return false;

        }

        return false;

    }

}

?>

01-10-2009, 01:38 PM	#4 (permalink)
Scottymeuk The Contributor Join Date: Jan 2009 Posts: 40 Thanks: 10	I wouldnt do that. You need to do things like PHP Code: `$user->login($_POST)` That above bit goes in the bit that says, if post etc. Then on the login bit you need to make sessions etc. I will post my one (Please note this wont work properly as it integrates methods etc that my framework has so you will need to change it a lot but you will be able to see what i mean): Please note that its not perfect as i did code it at like 3am. PHP Code: <?php function login($userData, $redirect = '') { if(!$this->isRegistered()) { $this->core->session->destroy(); if(!empty($userData['username']) and !empty($userData['password'])) { $password = $this->core->app->generateHash($userData['password'], $userData['username']); $data = array('userId','username','password'); $sql = "SELECT userId FROM users WHERE username = '" . $userData['username'] . "' AND password = '$password' LIMIT 1"; $checkUser = $this->core->database->query($sql); if($this->core->database->getNumRows($checkUser) == 1) { while($userDetails = $this->core->database->getArray($checkUser)) { $sessionId = $this->core->app->generateHash(session_id(), $userData['username']); if($this->core->session->register('isregistered') == false) { $this->core->session->delete_all_var(); return false; } else { if($this->core->session->set_var('userid',$userDetails['userId']) == false) { $this->core->session->delete_all_var(); return false; } else { if($this->core->session->set_var('password',$password) == false) { $this->core->session->delete_all_var(); return false; } else { if($this->core->session->set_var('session_hash',$sessionId) == false) { $this->core->session->delete_all_var(); return false; } } } } $expiresTime = time() + 3600; $sql = "INSERT INTO sessions (userid,sessionhash,expires) VALUES ('" . $userDetails['userId'] . "','$sessionId','$expiresTime')"; $query = $this->core->database->query($sql); if($query) { if(!empty($redirect)) { $this->core->app->redirect($redirect); } return true; } else { return false; } } } return false; } return false; } } ?>