<?php
/**
*By Red3v0lution
*Object-Oriented Content Management System
*PHP 5.2.9-1 && MySQL Database 5.1.32
*April 21, 2009
**/
/**
Usage:
___________________________________________________________________
|new login($username, $password); |
|_________________________________________________________________|
|It will automatically log the user in if credentials are correct |
|_________________________________________________________________|
**/
class login
{
//User variables
private $username;
private $password;
//Storage Variable
private $return;
//Class Methods
private function checkLogin()
{
if ($_SESSION['logged_in'] == 1)
{
if ($_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])
{
$this->return = "You trying to hijack someone's session? This session is destroyed.";
$_SESSION = array();
session_destroy();
return 0;
}
else
{
$this->return = "You are already logged in.";
return 0;
}
}
else
{
return 1;
}
}
private function clean()
{
$this->username = trim($this->username);
$this->password = md5($this->password);
return 1;
}
private function validate()
{
$result = mysql_query("SELECT * from users WHERE username = '$this->username' AND password = '$this->password' LIMIT 1;") OR die('Incorrectly formatted query.');
if ($row = mysql_fetch_assoc($result))
{
if ($row['banned'] != 1 || $row['access'] == 0)
{
session_regenerate_id();
$_SESSION['logged_in'] = 1;
$_SESSION['username'] = $row['username'];
$_SESSION['access'] = $row['access'];
$_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
return 1;
}
else
{
$this->return = 'This account has been banned by an administrator.';
return 0;
}
}
else
{
$this->return = "Username or password incorrect. Please try again.";
return 0;
}
}
public function __construct($username, $password)
{
$this->username = $username;
$this->password = $password;
$this->checkLogin() OR die($this->return);
require_once 'connect.php';
$this->clean() OR die('Supplied input could not be cleaned.');
$this->validate() OR die($this->return);
}
}
?>