Report abuse 

<?php

	/**
	 *By Red3v0lution
	 *Object-Oriented Content Management System
	 *PHP 5.2.9-1 && MySQL Database 5.1.32
	 *April 21, 2009
	 **/
	 
	/**
	Usage:
	___________________________________________________________________
	|new login($username, $password);                  	              |
	|_________________________________________________________________|
	|It will automatically log the user in if credentials are correct |
	|_________________________________________________________________|
     **/
	 
class login
{
	//User variables
	private $username;
	private $password;
	
	//Storage Variable
	private $return;
	
	//Class Methods
	private function checkLogin()
	{
		if ($_SESSION['logged_in'] == 1)
		{
			if ($_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])
			{
				$this->return = "You trying to hijack someone's session? This session is destroyed.";
				$_SESSION = array();
				session_destroy();
				return 0;
			}
			else
			{
			$this->return = "You are already logged in.";
			return 0;
			}
		}
		else
		{
			return 1;
		}
	}
	
	private function clean()
	{
		$this->username = trim($this->username);
		$this->password = md5($this->password);
		return 1;
	}
	
	private function validate()
	{
		$result = mysql_query("SELECT * from users WHERE username = '$this->username' AND password = '$this->password' LIMIT 1;") OR die('Incorrectly formatted query.');
		if ($row = mysql_fetch_assoc($result))
		{
			if ($row['banned'] != 1 || $row['access'] == 0)
			{
			session_regenerate_id();
			$_SESSION['logged_in'] = 1;
			$_SESSION['username'] = $row['username'];
			$_SESSION['access'] = $row['access'];
			$_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
			return 1;
			}
			else
			{
				$this->return = 'This account has been banned by an administrator.';
				return 0;
			}
		}
		else
		{
			$this->return = "Username or password incorrect. Please try again.";
			return 0;
		}
	}
	
	public function __construct($username, $password)
	{
	$this->username = $username;
	$this->password = $password;
	
	$this->checkLogin() OR die($this->return);
	
	require_once 'connect.php';
		
	$this->clean() OR die('Supplied input could not be cleaned.');
	$this->validate() OR die($this->return);

	}
}

?>