Scripts
Login Class
Een login class voor een uitgebreid login systeem.
login-class
Deze class heb ik gemaakt met beperkte kennis van classes, en deze plaats ik hier voor jullie, en om deze te laten controleren.
Zit deze class goed in elkaar?
En wat kan eraan verbeterd worden?
Mijn verstand van classes is nog licht beperkt, dus hier heb ik alleen basis elementen in gebruik.
<?php
/*************************************************************************
:: LOGIN CLASS ::
NOTE: This login class is used for user authorization.
Author : Jelle Posthuma
Date : 21 November 2008
*************************************************************************/
class login{
var $hash = '';
var $memberID = 0;
var $user = '';
var $pass = '';
var $error = '';
var $rememberLogin = false;
var $enableDebug = true;
var $debug = array();
function doLogin( $byForm = '' ){
if( ! $this->loggedIn() ){
if( $this->readCookies() ){
$this->setSessions();
}else if( ! empty( $byForm ) ){
if( $this->validateFields( $byForm ) ){
$this->hash = $this->setHash();
if( $this->rememberLogin ){
if( !$this->setCookies() ){
$this->error = 'Cookies niet gemaakt!';
return false;
}
}
$this->setSessions();
$this->updateLoginDate();
if( empty( $this->error ) ) header( "Location: index.php" );
return true;
}else{
return false;
}
}
}
}
function validateFields( $byForm ){
if( !empty( $byForm[ md5( date( 'dmY' ) ) . 'user' ] ) && !empty( $byForm[ md5( date( 'dmY' ) ) . 'pass' ] ) ){
$this->user = $byForm[ md5( date( 'dmY' ) ) . 'user' ];
$this->pass = $byForm[ md5( date( 'dmY' ) ) . 'pass' ];
$this->rememberLogin = ( $_POST[ 'autoLogin' ] == 'yes' ) ? true : false ;
if( $this->validateDB() ){
return true;
}else{
$this->error = 'De door u ingevoerde gebruikersnaam of wachtwoord is incorrect.';
}
}else{
$this->error = 'Één of meer velden zijn niet ingevuld.';
}
}
function validateDB(){
$sql = "SELECT
memberID
FROM
members
WHERE
passWordMD5 = '" . md5( $this->user ) . "'
AND
userName = '" . $this->pass . "'
";
$res = mysql_query( $sql );
if( mysql_num_rows( $res ) > 0 ){
$row = mysql_fetch_assoc( $res );
$this->memberID = $row[ 'memberID' ];
return true;
}else{
$this->error = 'Uw gegevens kunnen niet gevalideerd worden.';
return false;
}
}
function setHash(){
return md5( $this->memberID . $this->user . $this->pass . date( 'dmYHis' ) );
}
function setCookies(){
if(
setcookie( PREFIX . '_userID' , $this->memberID , time() + ( 60 * 60 * 24 * 365 ) ) &&
setcookie( PREFIX . '_user' , $this->user , time() + ( 60 * 60 * 24 * 365 ) ) &&
setcookie( PREFIX . '_pass' , $this->pass , time() + ( 60 * 60 * 24 * 365 ) ) &&
setcookie( PREFIX . '_lKey' , $this->hash , time() + ( 60 * 60 * 24 * 365 ) )
){
return true;
}else{
return false;
}
}
function setSessions(){
return true;
}
function readHash(){
return true;
}
function readCookies(){
return false;
}
function cookiesExists(){
if(
!empty( $_COOKIE[ PREFIX . '_userID' ] ) &&
!empty( $_COOKIE[ PREFIX . '_user' ] ) &&
!empty( $_COOKIE[ PREFIX . '_pass' ] ) &&
!empty( $_COOKIE[ PREFIX . '_lKey' ] )
){
return true;
}else{
return false;
}
}
function sessionExists(){
return false;
}
function validateCookieHash(){
$sql = "SELECT
memberID
FROM
members
WHERE
memberID = '" . $_COOKIE[ PREFIX . '_userID' ] . "'
AND
loginKey = '" . $_COOKIE[ PREFIX . '_lKey' ] . "'
AND
userName = '" . $_COOKIE[ PREFIX . '_user' ] . "'
AND
passWord = '" . $_COOKIE[ PREFIX . '_pass' ] . "'
";
$res = mysql_query( $sql )or die( $sql . '<br />' . mysql_error() );
if( mysql_num_rows( $res ) == 1 ){
return true;
}else{
return false;
}
}
function validateSessionHash(){
$sql = "SELECT
memberID
FROM
members
WHERE
memberID = '" . $_SESSION[ PREFIX . '_userID' ] . "'
AND
loginKey = '" . $_SESSION[ PREFIX . '_lKey' ] . "'
AND
userName = '" . $_SESSION[ PREFIX . '_user' ] . "'
AND
passWord = '" . $_SESSION[ PREFIX . '_pass' ] . "'
";
$res = mysql_query( $sql );
if( mysql_num_rows( $res ) == 1 )
return true;
else
return false;
}
function loggedIn(){
if( ( $this->sessionExists() && $this->validateSessionHash() ) || ( $this->cookiesExists() && $this->validateCookieHash() ) ){
if( !defined( "USER_RAW" ) ) define( "USER_RAW" , "" );
if( !defined( "USERNAME" ) ) define( "USERNAME" , $_COOKIE[ PREFIX . '_user' ] );
if( !defined( "USERID" ) ) define( "USERID" , $_COOKIE[ PREFIX . '_userID' ] );
if( !defined( "LOGIN" ) ) define( "LOGIN" , true );
return true;
}else{
if( !defined( "LOGIN" ) ) define("LOGIN",false);
return false;
}
}
function updateLoginDate(){
$sql = "UPDATE
members
SET
loginKey = '" . $this->hash . "',
loginDate = NOW()
WHERE
memberID = " . $this->memberID . "
";
mysql_query( $sql );
}
function logout(){
setcookie( PREFIX . '_userID' , '' , time() - 3600 );
setcookie( PREFIX . '_user' , '' , time() - 3600 );
setcookie( PREFIX . '_pass' , '' , time() - 3600 );
setcookie( PREFIX . '_lKey' , '' , time() - 3600 );
}
}
?>
[b]Database dump van de login table:[/b]
[code]CREATE TABLE `members` (
`memberID` int(10) NOT NULL AUTO_INCREMENT,
`groupID` int(10) NOT NULL,
`loginKey` varchar(255) NOT NULL,
`loginDate` datetime NOT NULL,
`userName` varchar(255) NOT NULL,
`passWord` varchar(255) NOT NULL,
`passWordMD5` varchar(255) NOT NULL
PRIMARY KEY (`memberID`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;[/code]
Reacties
0