diff options
| author | neoraider <devnull@localhost> | 2006-01-14 03:14:01 +0100 |
|---|---|---|
| committer | neoraider <devnull@localhost> | 2006-01-14 03:14:01 +0100 |
| commit | c630a2d50349c57660cfc98eb13ec71444b27610 (patch) | |
| tree | 4fa7ad9b755a4d8ae9045062cb4fefab248187e4 /code/user.inc.php | |
| parent | 8b89c8c8a9001c5f5b38465ceb58306fc6f0659e (diff) | |
| download | neon-c630a2d50349c57660cfc98eb13ec71444b27610.tar neon-c630a2d50349c57660cfc98eb13ec71444b27610.zip | |
Login implementiert. Puh... Und dabei auch den Handler phpexec und die Nav-Pages eingebaut.
Diffstat (limited to 'code/user.inc.php')
| -rw-r--r-- | code/user.inc.php | 68 |
1 files changed, 63 insertions, 5 deletions
diff --git a/code/user.inc.php b/code/user.inc.php index 00c7355..34b12f2 100644 --- a/code/user.inc.php +++ b/code/user.inc.php @@ -6,19 +6,69 @@ class User { var $uid = 0, $gid = 0; + var $key = '', $type = ''; function User() { - if($_GET['id'] && $_GET['sid']) { - $res = DBQuery('SELECT id, gid FROM users WHERE id = ? AND sid = ?', - array($_GET['id'],$_GET['sid'])); - - if($res->RecordCount()) { + if($_COOKIE['login']) { + $res = DBQuery('SELECT id, gid, sid FROM users WHERE id = ? AND sid = ?', + array(substr($_COOKIE['login'], 32), + substr($_COOKIE['login'], 0, 32))); + + if($res->RecordCount() && $res->fields[2]) { $this->uid = $res->fields[0]; $this->gid = $res->fields[1]; + + $this->type = 'cookie'; + $this->key = $_COOKIE['login']; + } + } + + if($this->uid == 0 && $_GET['login']) { + $res = DBQuery('SELECT id, gid, sid FROM users WHERE id = ? AND sid = ?', + array(substr($_GET['login'], 32), + substr($_GET['login'], 0, 32))); + + if($res->RecordCount() && $res->fields[2]) { + $this->uid = $res->fields[0]; + $this->gid = $res->fields[1]; + + $this->type = 'url'; + $this->key = $_GET['login']; } } } + function Login($name, $pass) { + $res = DBQuery('SELECT id, gid FROM users WHERE user = ? AND password = ?', array($name, $pass)); + + if($res->RecordCount()) { + $id = $res->fields[0]; + $sid = md5(uniqid($name . " * " . $pass . " * " . rand())); + + DBQuery('UPDATE users SET sid = ? WHERE id = ?', array($sid, $id)); + + $this->uid = $id; + $this->gid = $res->fields[1]; + + $this->type = 'url'; + $this->key = $sid . $id; + + return $id; + } + + return 0; + } + + function Logout() { + DBQuery('UPDATE users SET sid = \'\' WHERE id = ?', $this->uid); + + $this->uid = 0; + $this->gid = 0; + + $this->type = ''; + $this->key = ''; + } + function GetUid() { return $this->uid; } @@ -26,6 +76,14 @@ function GetGid() { return $this->gid; } + + function GetLoginType() { + return $this->type; + } + + function GetLoginKey() { + return $this->key; + } } $user = new User; |