Thread: [phpMP-CVS] CVS: phpMP/includes session.php,1.3,1.4 user.php,1.18,1.19
Status: Pre-Alpha
Brought to you by:
heimidal
Menu
▾
▴
phpmp-commits
|
From: Brian R. <hei...@us...> - 2003-04-29 08:41:05
|
Update of /cvsroot/phpmp/phpMP/includes
In directory sc8-pr-cvs1:/tmp/cvs-serv1332/includes
Modified Files:
session.php user.php
Log Message:
Rewrote a bit of the User/Session classes. Autologin now works like a charm. Hopefully someone can try and break it once we get a template together.
Index: session.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/session.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -r1.3 -r1.4
*** session.php 26 Apr 2003 02:47:24 -0000 1.3
--- session.php 29 Apr 2003 08:40:54 -0000 1.4
***************
*** 4,10 ****
{
! var $started = 0;
var $session_data;
var $session_key;
var $session_key_new = false;
var $session_user_id;
--- 4,12 ----
{
! var $started = false;
var $session_data;
var $session_key;
+ var $do_login = false;
+ var $is_logged_in = false;
var $session_key_new = false;
var $session_user_id;
***************
*** 38,41 ****
--- 40,82 ----
$DB->query($sql);
+
+ setcookie($Config['cookie_name'] . '_auto', '', time() - 3600, $Config['cookie_path'], $Config['cookie_domain'], $Config['cookie_secure']);
+ setcookie($Config['cookie_name'] . '_data', '', time() - 3600, $Config['cookie_path'], $Config['cookie_domain'], $Config['cookie_secure']);
+ }
+
+ function login()
+ {
+ global $User, $DB, $Config;
+
+ $this->do_login == true;
+
+ // We are logging in. Set up variables.
+ $username = $_POST['login_username'];
+ $passwd_enc = md5($_POST['login_passwd']);
+ $auto_login_set = $_POST['autologin'];
+
+ $sql = "SELECT * FROM " . DB_USERS_TABLE . "
+ WHERE user_name='" . $username . "'
+ AND user_passwd='" . $passwd_enc . "'";
+
+ $result = $DB->query($sql);
+ $num_rows = $DB->numRows($result);
+
+ if( $num_rows == 1 ) // We have a user!
+ {
+ $User->data = $DB->fetchAssoc($result);
+ $this->session_user_id = $User->data['user_id'];
+ $this->is_logged_in = true;
+
+ if( $auto_login_set == true )
+ {
+ $auto_cookie_data = urlencode( $this->session_user_id . ':' . $passwd_enc );
+ setcookie($Config['cookie_name'] . '_auto', $auto_cookie_data, time() + 31536000, $Config['cookie_path'], $Config['cookie_domain'], $Config['cookie_secure']);
+ }
+ }
+ else // Wrong login information.
+ {
+ die('Sorry. Your username and/or password are incorrect. ');
+ }
}
***************
*** 43,47 ****
function run()
{
! global $do_login, $User, $DB, $Config;
// Checks to see if a session has been started.
--- 84,93 ----
function run()
{
! global $User, $DB, $Config;
!
! if( $_POST['do_login'] == true )
! {
! $this->login();
! }
// Checks to see if a session has been started.
***************
*** 54,69 ****
// Capture the page we're at.
$page = basename($_SERVER['REQUEST_URI']);
!
! // Test to see if we're logging in.
! if($_POST['do_login'] == true)
! {
! $this->session_user_id = $User->user_id;
! }
!
! $session_exists = false; // We'll assume that no sessions exist yet.
!
$cur_time = time(); // Time as of right now.
$exp_time = $cur_time + $Config['session_length']; // Time at which this session will become invalid.
$this->ip = $User->getIPEncoded(); // Gets the user's IP address.
// If the ID is new, why bother querying to test for an old one?
--- 100,109 ----
// Capture the page we're at.
$page = basename($_SERVER['REQUEST_URI']);
!
$cur_time = time(); // Time as of right now.
$exp_time = $cur_time + $Config['session_length']; // Time at which this session will become invalid.
$this->ip = $User->getIPEncoded(); // Gets the user's IP address.
+
+ $session_exists = false; // We'll assume that no sessions exist yet.
// If the ID is new, why bother querying to test for an old one?
***************
*** 71,77 ****
{
// Gathers session data from the database.
! $sql = 'SELECT * FROM ' . DB_SESSIONS_TABLE . '
! WHERE session_key=\'' . $this->session_key . '\'
! ORDER BY session_exp_time DESC';
$result = $DB->query($sql);
--- 111,117 ----
{
// Gathers session data from the database.
! $sql = "SELECT * FROM " . DB_SESSIONS_TABLE . "
! WHERE session_key='" . $this->session_key . "'
! ORDER BY session_exp_time DESC";
$result = $DB->query($sql);
***************
*** 91,99 ****
if( $session_exists == true ) // A session exists. Yay.
! {
! $sql = 'UPDATE ' . DB_SESSIONS_TABLE . '
! SET session_exp_time=' . $exp_time . ', session_page=\'' . addslashes($page) . '\'';
!
! if( $_POST['do_login'] == true ) // Swap out the anonymous user for our new user_id.
{
$sql = "UPDATE " . DB_SESSIONS_TABLE . "
--- 131,136 ----
if( $session_exists == true ) // A session exists. Yay.
! {
! if( $this->is_logged_in == true ) // Swap out the anonymous user for our new user_id.
{
$sql = "UPDATE " . DB_SESSIONS_TABLE . "
***************
*** 102,108 ****
}
else
! {
! $User->user_id = $this->session_user_id;
!
$sql = "UPDATE " . DB_SESSIONS_TABLE . "
SET session_exp_time=" . $exp_time . ", session_page='" . addslashes($page) . "'
--- 139,143 ----
}
else
! {
$sql = "UPDATE " . DB_SESSIONS_TABLE . "
SET session_exp_time=" . $exp_time . ", session_page='" . addslashes($page) . "'
***************
*** 112,119 ****
else // A session does not exist. We'll create one.
{
! if( $_POST['do_login'] == false )
{
$this->session_user_id = 1;
- $User->user_id = 1;
}
--- 147,153 ----
else // A session does not exist. We'll create one.
{
! if( $this->is_logged_in == false )
{
$this->session_user_id = 1;
}
***************
*** 125,129 ****
$DB->query($sql);
! if( $_POST['do_login'] == false )
{
$sql = 'SELECT * FROM ' . DB_USERS_TABLE . '
--- 159,163 ----
$DB->query($sql);
! if( $this->is_logged_in == false )
{
$sql = 'SELECT * FROM ' . DB_USERS_TABLE . '
***************
*** 138,142 ****
setcookie($Config['cookie_name'] . '_data', $cookie_data, $cur_time + $Config['session_length'], $Config['cookie_path'], $Config['cookie_domain'], $Config['cookie_secure']);
}
!
function clean($clean_all = false)
{
--- 172,176 ----
setcookie($Config['cookie_name'] . '_data', $cookie_data, $cur_time + $Config['session_length'], $Config['cookie_path'], $Config['cookie_domain'], $Config['cookie_secure']);
}
!
function clean($clean_all = false)
{
***************
*** 153,157 ****
function getSessionData()
{
! global $Config;
// Let's see if we have a standard cookie available.
--- 187,191 ----
function getSessionData()
{
! global $Config, $DB, $User;
// Let's see if we have a standard cookie available.
***************
*** 169,182 ****
}
}
! else // There is no standard cookie. Let's check for auto-login.
{
! if( !empty($_COOKIE[$Config['cookie_name'] . '_ext']))
! {
! // We'll add auto-login functions here later on.
! }
! else // We don't have a valid cookie. We'll make one.
{
! $this->session_key = md5( uniqid (microtime(), 1) );
! $this->session_key_new = true;
}
}
--- 203,241 ----
}
}
!
! if( $this->session_key == '' ) // If we don't have a session key by now, there isn't one saved.
{
! $this->session_key = md5( uniqid (microtime(), 1) );
! $this->session_key_new = true;
! }
!
! // The user is currently anonymous, so let's check for auto-login.
! if( ($this->session_user_id == 1) || empty($this->session_user_id) )
! {
! if( !empty( $_COOKIE[$Config['cookie_name'] . '_auto'] ) ) // We have an autologin cookie set.
{
! $auto_cookie_data = $_COOKIE[$Config['cookie_name'] . '_auto'];
! $auto_cookie_array = explode(':', urldecode( $auto_cookie_data ) );
!
! $sql = "SELECT * FROM " . DB_USERS_TABLE . "
! WHERE user_id=" . $auto_cookie_array[0] . "
! AND user_passwd='" . $auto_cookie_array[1] . "'";
!
! $result = $DB->query($sql);
! $num_rows = $DB->numRows($result);
!
! if( $num_rows == 1 ) // This cookie is valid.
! {
! $User->data = $DB->fetchAssoc($result);
! $this->session_user_id = $auto_cookie_array[0];
! $this->is_logged_in = true;
! }
! else // The autologin cookie was invalid.
! {
! // We'll unset the cookie and continue on like nothing ever happened.
! setcookie($Config['cookie_name'] . '_auto', '', time() - 3600, $Config['cookie_path'], $Config['cookie_domain'], $Config['cookie_secure']);
! return false;
! $this->session_user_id = 1;
! }
}
}
Index: user.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/user.php,v
retrieving revision 1.18
retrieving revision 1.19
diff -C2 -r1.18 -r1.19
*** user.php 26 Apr 2003 02:47:24 -0000 1.18
--- user.php 29 Apr 2003 08:40:54 -0000 1.19
***************
*** 4,48 ****
{
- var $user_id;
var $data;
-
- // User initialization function. Does -EVERYTHING- except explicit session cleanup.
- // Author: Brian 'Heimidal' Rose
- // Accepts: none.
- // Returns: none.
- function User()
- {
- if( $_POST['do_login'] == true ) // We are logging in.
- {
- // We are logging in. Set up variables.
- $username = $_POST['login_user_name'];
- $passwd_enc = md5($_POST['login_passwd']);
- // $autologin = $_POST['autologin'][0];
-
- $sql = "SELECT * FROM " . DB_USERS_TABLE . "
- WHERE user_name='" . $username . "'
- AND user_passwd='" . $passwd_enc . "'";
-
- global $DB;
-
- $result = $DB->query($sql);
- $num_rows = $DB->numRows($result);
-
- if( $num_rows == 1 ) // We have a user!
- {
- $this->data = $DB->fetchAssoc($result);
- $this->user_id = $this->data['user_id'];
-
- // Setup the autologin cookie.
- // setcookie(C_COOKIE_NAME . '_auto', $cookie_data, time() + TIME_YEAR_SECONDS, C_COOKIE_PATH, C_COOKIE_DOMAIN, C_COOKIE_SECURE);
- }
- else // Wrong login information.
- {
- die('Sorry. Your username and/or password are incorrect. ' . $passwd_enc . ' ' . $_POST['login_passwd']);
- }
- }
- }
! // Taken from phpBB2.
function getIPEncoded()
{
--- 4,10 ----
{
var $data;
! // Taken from phpBB2. Fetches the IP in a hex form.
function getIPEncoded()
{
***************
*** 66,70 ****
}
! // Taken from phpBB2.
function decodeIP($encoded_ip)
{
--- 28,32 ----
}
! // Taken from phpBB2. Decodes a hexed IP.
function decodeIP($encoded_ip)
{
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X