TalkPHP - View Single Post

Haris · 09-21-2007, 12:28 AM

Hmm, new and improved class.

PHP Code:


			

<?php

    /* 
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

    Title : Authentication class for users login
    Author : Muhammad Haris
    URL : http://www.mharis.net
    CONTACT: isharis@gmail.com

    Description : Class used for authentication of 
    the users login on secure pages.

    Created : 20th September 2007
    Modified: 21th September 2007

    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
    */
    
    class Auth {
        
        /*
         * Summary:     Starts session and sets default value
         */
        
        public function __construct(){
            session_start();
            if(!isset($_SESSION['logged'])){
                $_SESSION['logged'] = false;
                $_SESSION['username'] = '';
                $_SESSION['rank'] = '';
            }
        }
        
        /*
         * Summary:     Authenticates a user and registers its sessions
         * Parameters:  Username | Passwords
         * Return:      Returns true if session is user is succesfully
                       authenticated else returns false
        *              
         */
        
        public function authenticate($szUser, $szPassword){
            $szSQL = sprintf("SELECT rank
                               FROM users
                                WHERE 
                             pass = MD5(CONCAT(salt, '%s'))
                             AND user = '%s' 
                                LIMIT 0,1",
                             mysql_real_escape_string($szPassword), 
                             mysql_real_escape_string($szUser)); 
                             
            $aResult = mysql_query($szSQL) or die(mysql_error());
                             
            if (mysql_num_rows($aResult) == 1){
                $aRow = mysql_fetch_assoc($aResult); 
                session_regenerate_id();
                $_SESSION['logged'] = true;
                $_SESSION['username'] = $szUser;
                $_SESSION['rank'] = $aRow['rank'];
                return true;
            }
            else {
                session_destroy(); // Destroies session if failed to authenticate
                return false;
            }
        }

        /*
         * Summary:     Checks if the user is logged in or not.
         * Return:      Returns true if session is user is logged
                       in else returns false
        *              
         */
        
        public function check(){
            if($_SESSION['logged'] != true){
                return false;
            }
                return true;
        }
        
        /*
         * Summary:     Checks if the the logged in user is admin or
        *              a normal user
         * Return:      Returns true user is a admin else returns false
        *              
         */
        
        public function admin_auth(){
            if($_SESSION['rank'] != 1){
                return false;
            }
            return true;
        }
        
    }
    
?>

09-21-2007, 12:28 AM	#5 (permalink)
Haris The Frequenter Join Date: Sep 2007 Posts: 360 Thanks: 24	Hmm, new and improved class. PHP Code: <?php /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Title : Authentication class for users login Author : Muhammad Haris URL : http://www.mharis.net CONTACT: isharis@gmail.com Description : Class used for authentication of the users login on secure pages. Created : 20th September 2007 Modified: 21th September 2007 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - / class Auth { / * Summary: Starts session and sets default value / public function __construct(){ session_start(); if(!isset($_SESSION['logged'])){ $_SESSION['logged'] = false; $_SESSION['username'] = ''; $_SESSION['rank'] = ''; } } / * Summary: Authenticates a user and registers its sessions * Parameters: Username \| Passwords * Return: Returns true if session is user is succesfully authenticated else returns false * / public function authenticate($szUser, $szPassword){ $szSQL = sprintf("SELECT rank FROM users WHERE pass = MD5(CONCAT(salt, '%s')) AND user = '%s' LIMIT 0,1", mysql_real_escape_string($szPassword), mysql_real_escape_string($szUser)); $aResult = mysql_query($szSQL) or die(mysql_error()); if (mysql_num_rows($aResult) == 1){ $aRow = mysql_fetch_assoc($aResult); session_regenerate_id(); $_SESSION['logged'] = true; $_SESSION['username'] = $szUser; $_SESSION['rank'] = $aRow['rank']; return true; } else { session_destroy(); // Destroies session if failed to authenticate return false; } } / * Summary: Checks if the user is logged in or not. * Return: Returns true if session is user is logged in else returns false * / public function check(){ if($_SESSION['logged'] != true){ return false; } return true; } / * Summary: Checks if the the logged in user is admin or * a normal user * Return: Returns true user is a admin else returns false * */ public function admin_auth(){ if($_SESSION['rank'] != 1){ return false; } return true; } } ?>