summaryrefslogtreecommitdiffstats
path: root/code/user.inc.php
diff options
context:
space:
mode:
authorneoraider <devnull@localhost>2006-01-14 03:14:01 +0100
committerneoraider <devnull@localhost>2006-01-14 03:14:01 +0100
commitc630a2d50349c57660cfc98eb13ec71444b27610 (patch)
tree4fa7ad9b755a4d8ae9045062cb4fefab248187e4 /code/user.inc.php
parent8b89c8c8a9001c5f5b38465ceb58306fc6f0659e (diff)
downloadneon-c630a2d50349c57660cfc98eb13ec71444b27610.tar
neon-c630a2d50349c57660cfc98eb13ec71444b27610.zip
Login implementiert. Puh... Und dabei auch den Handler phpexec und die Nav-Pages eingebaut.
Diffstat (limited to 'code/user.inc.php')
-rw-r--r--code/user.inc.php68
1 files changed, 63 insertions, 5 deletions
diff --git a/code/user.inc.php b/code/user.inc.php
index 00c7355..34b12f2 100644
--- a/code/user.inc.php
+++ b/code/user.inc.php
@@ -6,19 +6,69 @@
class User {
var $uid = 0, $gid = 0;
+ var $key = '', $type = '';
function User() {
- if($_GET['id'] && $_GET['sid']) {
- $res = DBQuery('SELECT id, gid FROM users WHERE id = ? AND sid = ?',
- array($_GET['id'],$_GET['sid']));
-
- if($res->RecordCount()) {
+ if($_COOKIE['login']) {
+ $res = DBQuery('SELECT id, gid, sid FROM users WHERE id = ? AND sid = ?',
+ array(substr($_COOKIE['login'], 32),
+ substr($_COOKIE['login'], 0, 32)));
+
+ if($res->RecordCount() && $res->fields[2]) {
$this->uid = $res->fields[0];
$this->gid = $res->fields[1];
+
+ $this->type = 'cookie';
+ $this->key = $_COOKIE['login'];
+ }
+ }
+
+ if($this->uid == 0 && $_GET['login']) {
+ $res = DBQuery('SELECT id, gid, sid FROM users WHERE id = ? AND sid = ?',
+ array(substr($_GET['login'], 32),
+ substr($_GET['login'], 0, 32)));
+
+ if($res->RecordCount() && $res->fields[2]) {
+ $this->uid = $res->fields[0];
+ $this->gid = $res->fields[1];
+
+ $this->type = 'url';
+ $this->key = $_GET['login'];
}
}
}
+ function Login($name, $pass) {
+ $res = DBQuery('SELECT id, gid FROM users WHERE user = ? AND password = ?', array($name, $pass));
+
+ if($res->RecordCount()) {
+ $id = $res->fields[0];
+ $sid = md5(uniqid($name . " * " . $pass . " * " . rand()));
+
+ DBQuery('UPDATE users SET sid = ? WHERE id = ?', array($sid, $id));
+
+ $this->uid = $id;
+ $this->gid = $res->fields[1];
+
+ $this->type = 'url';
+ $this->key = $sid . $id;
+
+ return $id;
+ }
+
+ return 0;
+ }
+
+ function Logout() {
+ DBQuery('UPDATE users SET sid = \'\' WHERE id = ?', $this->uid);
+
+ $this->uid = 0;
+ $this->gid = 0;
+
+ $this->type = '';
+ $this->key = '';
+ }
+
function GetUid() {
return $this->uid;
}
@@ -26,6 +76,14 @@
function GetGid() {
return $this->gid;
}
+
+ function GetLoginType() {
+ return $this->type;
+ }
+
+ function GetLoginKey() {
+ return $this->key;
+ }
}
$user = new User;