code/user.inc.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

<?PHP
  require_once('code/db.inc.php');
  
  class User {
    var $uid = 0, $gid = 0;
    var $key = '', $type = '';
    
    function User() {
      if($_COOKIE['login']) {
        $res = $GLOBALS['db']->Execute('SELECT id, gid, sid FROM users WHERE id = ? AND sid = ?',
                                       array(substr($_COOKIE['login'], 32),
                                             substr($_COOKIE['login'], 0, 32)));
        
        if($res->RecordCount() && $res->fields[2]) {
          $this->uid = $res->fields[0];
          $this->gid = $res->fields[1];
          
          $this->type = 'cookie';
          $this->key = $_COOKIE['login'];
        }
      }
      
      if($this->uid == 0 && $_GET['login']) {
        $res = $GLOBALS['db']->Execute('SELECT id, gid, sid FROM users WHERE id = ? AND sid = ?',
                                       array(substr($_GET['login'], 32),
                                             substr($_GET['login'], 0, 32)));
          
        if($res->RecordCount() && $res->fields[2]) {
          $this->uid = $res->fields[0];
          $this->gid = $res->fields[1];
          
          $this->type = 'url';
          $this->key = $_GET['login'];
        }
      }
    }
    
    function Login($name, $pass) {
      $res = $GLOBALS['db']->Execute('SELECT id, gid FROM users WHERE user = ? AND password = ?', array($name, $pass));
      
      if($res->RecordCount()) {
        $id = $res->fields[0];
        $sid = md5(uniqid($name . " * " . $pass . " * " . rand()));
        
        $GLOBALS['db']->Execute('UPDATE users SET sid = ? WHERE id = ?', array($sid, $id));
        
        $this->uid = $id;
        $this->gid = $res->fields[1];
        
        $this->type = 'url';
        $this->key = $sid . $id;
        
        setcookie('login', $this->key);
        
        return $id;
      }
      
      return 0;
    }
    
    function Logout() {
      $GLOBALS['db']->Execute('UPDATE users SET sid = \'\' WHERE id = ?', $this->uid);
      
      $this->uid = 0;
      $this->gid = 0;
      
      $this->type = '';
      $this->key = '';
      
      setcookie('login');
    }
    
    function IsAdmin() {
      return ($this->uid != 0 && $this->gid == 0);
    }
      
    function GetUid() {
      return $this->uid;
    }
    
    function GetGid() {
      return $this->gid;
    }
    
    function GetLoginType() {
      return $this->type;
    }
    
    function GetLoginKey() {
      return $this->key;
    }
  }
  
  $GLOBALS['user'] = new User;
?>