User Management Code

  Home arrow User Management Code arrow User authorization class with database...
USER MANAGEMENT CODE

User authorization class with database class
By: Codewalkers
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 4
    2002-02-03

    Table of Contents:

     
     

    SEARCH CODEWALKERS

    This is a little class I wrote that will allow you to do user authorization on your site. It includes the ability to mail the user first and have them follow a link back to verify their signup. This includes a small db class to support the authorize class.

    By : Matt

    <?
    class db {

    var $db_type;
    var $db_server;
    var $db_name;
    var $db_user;
    var $db_pass;
    var $db_persistent;
    var $dbh;

    function db() {


    $this->db_type = 1;
    $this->db_server = 'localhost';
    $this->db_name = 'db';
    $this->db_user = 'user';
    $this->db_pass = 'pass';
    $this->db_persistent = 0;
    $this->db_connect();

    } //end constructor

    function db_connect () {

    // mySQL
    if($this->db_type == 1) {
    if ($this->db_persistent)
    $this->dbh = @mysql_pconnect($this->db_server, $this->db_user, $this->db_pass);
    else
    $this->dbh = @mysql_connect($this->db_server, $this->db_user, $this->db_pass);

    if (!$this->dbh) {
    printf("Error: Connection to MySQL server '%s' failed.<BR>\n", $this->db_server);
    return;
    }

    if (!@mysql_select_db($this->db_name, $this->dbh)) {
    printf("Error: Connection to MySQL database '%s' failed.<BR>\n>%s: %s<BR>\n", $this->db_name, @mysql_errno($this->dbh), @mysql_error($this->dbh));
    return;
    }
    }
    //end mySQL
    } //end db_connect()

    function db_query ($query) {

    // mySQL
    if($this->db_type == 1) {
    $result = mysql_query($query, $this->dbh)
    or die ("Error: A problem was encountered while executing this query.");

    return $result;
    }
    //end mySQL
    } //end db_query()

    function db_numrows ($result) {

    switch($this->db_type) {
    case 1: //mySQL
    return mysql_num_rows($result);

    } //end switch
    } // end db_numrows()

    function db_fetch_array (&$result) {

    switch($this->db_type) {
    case 1: //mySQL
    return mysql_fetch_array($result);
    } //end switch
    } //end db_fetch_array()


    } //end class db

    class authenticate {

    var $db;
    var $salt;

    function authenticate() {


    $this->db = new db;
    $this->salt = 'a552avf1ss';


    } //end constructor


    function login($uname, $pword) {

    $query = "SELECT username FROM users WHERE username = '" . $uname . "' AND password = '" . crypt($pword, $this->salt) . "'";
    $result = $this->db->db_query($query);
    if($this->db->db_numrows($result) > 0) {
    $secret = crypt($uname,$this->salt);
    setcookie("mysite", "$uname:$secret");
    return 1;
    } else {
    return 0;
    }
    } //end login()

    function createUser($uname,$pword,$email) {
    srand(make_seed());
    $randval = rand();
    $query = "INSERT authorize(username,password,accesslevel,email,id) VALUES ('" . $uname . "','" . crypt($pword,$this->salt) . "',0,'" . $email ."','" . $randval . "')";
    $result = $this->db->db_query($query);
    $message = "This message has been sent to you because you requested a login for mysite.com.\n\n";
    $message .= "Please use the following URL to verify your email address and be added to the userlist.\n\n";
    $message .= "http://mysite.com/newuser.php?email=" . $email . "&id=" . $randval . "\n\n";
    $message .= "Please note that if you have recieved this message in error, or you do not want to sign up, you do not need to do anything.\nYou will not be added to the listing unless you use the proceeding URL.\n\n";
    $message .= "Thanks for visiting our site!\n";
    mail($email, "mysite.com - account confirmation", $message, "From: register@mysite.com");

    }

    function checkUsername($uname) {
    $query = "SELECT * FROM users where username='" . $uname ."'";
    $result = $this->db->db_query($query);
    if($this->db->db_numrows($result) > 0) {
    return 0;
    } else {
    return 1;
    }
    }

    function validateUser($email,$id) {
    $query = "SELECT * FROM authorize WHERE email='" . $email . "' AND id='" . $id ."'";
    $result = $this->db->db_query($query);
    if($this->db->db_numrows($result) > 0) {
    $row = $this->db->db_fetch_array($result);
    $query = "INSERT users(user_id,username,password,accesslevel,email) VALUES ('','" . $row['username'] . "','" . $row['password'] . "',1,'" . $row['email'] ."')";
    $result = $this->db->db_query($query);
    $query = "SELECT user_id FROM users WHERE username='" . $row['username'] ."'";
    $result = $this->db->db_query($query);
    $row = $this->db->db_fetch_array($result);
    $query = "DELETE FROM authorize WHERE id='" . $id ."'";
    $result = $this->db->db_query($query);
    return 1;
    } else {
    return 0;
    }
    }

    function logout() {

    setcookie("mysite");
    } //end logout()

    function checkLogin() {
    global $HTTP_COOKIE_VARS;

    $array = explode(":", $HTTP_COOKIE_VARS['mysite']);
    if(crypt($array[0], $this->salt) == $array[1]) {
    return 1;
    } else {
    return 0;
    }
    } //end checkLogin()

    function getName() {
    global $HTTP_COOKIE_VARS;
    $array = explode(":", $HTTP_COOKIE_VARS['mysite']);
    return $array[0];
    }

    function getLevel() {
    $logged = $this->checkLogin();
    if($logged) {
    $username = $this->getName();
    $query = "SELECT accesslevel FROM users WHERE username='" . $username . "'";
    $result = $this->db->db_query($query);
    $row = $this->db->db_fetch_array($result);
    return $row['accesslevel'];
    } else {
    return 0;
    }
    }

    function getID() {
    $logged = $this->checkLogin();
    if($logged) {
    $username = $this->getName();
    $query = "SELECT user_id FROM users WHERE username='" . $username . "'";
    $result = $this->db->db_query($query);
    $row = $this->db->db_fetch_array($result);
    return $row['user_id'];
    } else {
    return 0;
    }
    }


    } //end class authenticate
    ?>
    ####table structures
    CREATE TABLE authorize (
    username varchar(15) NOT NULL default '',
    password varchar(20) NOT NULL default '',
    accesslevel tinyint(4) NOT NULL default '0',
    email varchar(30) NOT NULL default '',
    id varchar(30) NOT NULL default '',
    PRIMARY KEY (username)
    ) TYPE=MyISAM;
    CREATE TABLE users (
    user_id int(10) unsigned NOT NULL auto_increment,
    username varchar(15) NOT NULL default '',
    password varchar(20) NOT NULL default '',
    accesslevel tinyint(4) NOT NULL default '0',
    email varchar(30) NOT NULL default '',
    PRIMARY KEY (username),
    KEY user_id (user_id)
    ) TYPE=MyISAM;

    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More User Management Code Articles
    More By Codewalkers

    blog comments powered by Disqus

    USER MANAGEMENT CODE ARTICLES

    - XCRYPT v1.0b
    - DB_eSession class stores sessions in a MySQL...
    - Ever Changing Dynamic Passcode Code
    - phpAutoMembersArea - create own members area
    - Azura Signup 2.5
    - Azura Signup 2.0
    - Azura Signup
    - Flexcustomer
    - PHP Quicksite 2.0
    - PHP Quicksite 1.0
    - random string generator (key generator)
    - Example Login system
    - Simple and Easy Security
    - Basic Security
    - UMA - User Management and Authentication

    Developer Shed Affiliates

     



    © 2003-2018 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap