ACC SHELL
<?php
/**
* PHP Class to user access (login, register, logout, etc)
*
* <code><?php
* include('access.class.php');
* $user = new flexibleAccess( $db );
* ? ></code>
*
* ==============================================================================
*/
/**
* Flexible Access - The main class
*
* @param string $dbTable
*/
class flexibleAccess
{
/*Settings*/
/**
* The database table that holds all the information
* var string
*/
var $dbTable = '';
/**
* The session variable ($_SESSION[$sessionVariable]) which will hold the data while the user is logged on
* var string
*/
var $sessionVariable = 'userSessionValue';
/**
* Those are the fields that our table uses in order to fetch the needed data. The structure is 'fieldType' => 'fieldName'
* var array
*/
var $tbFields = array(
'userID'=> 'ID',
'login' => 'login',
'pass' => 'passHash',
'email' => 'email',
'active' => 'active'
);
/**
* When user wants the system to remember him/her, how much time to keep the cookie? (seconds)
* var int
*/
var $remTime = 2592000;//One month
/**
* The name of the cookie which we will use if user wants to be remembered by the system
* var string
*/
var $remCookieName = 'ckSavePass';
/**
* The cookie domain
* var string
*/
var $remCookieDomain = '';
/**
* The method used to encrypt the password. It can be sha1, md5 or nothing (no encryption)
* var string
*/
var $passMethod = 'sha1'; // 'md5', 'sha1', 'nothing'
/**
* Display errors? Set this to true if you are going to seek for help, or have troubles with the script
* var bool
*/
var $displayErrors = true;
/*Do not edit after this line*/
var $userID;
var $dbConn;
var $userData = array();
/**
* Class Constructure
*
* @param string $dbConn
* @param array $settings
* @return void
*/
function flexibleAccess( $dbConn = '', $settings = '' )
{
if ( is_array($settings) )
{
foreach ( $settings as $k => $v )
{
if ( property_exists( $this, $k ) )
$this->{$k} = $v;
else
die('Property '.$k.' does not exists');
}
}
if ( $this->remCookieDomain == '' )
$this->remCookieDomain = $_SERVER['HTTP_HOST'];
else
$this->remCookieDomain = $remCookieDomain;
$this->dbConn = $dbConn;
if ( !isset( $_SESSION ) )
session_start();
if ( !empty($_SESSION[$this->sessionVariable]) )
{
$this->loadUser( $_SESSION[$this->sessionVariable] );
}
//Maybe there is a cookie?
if ( isset( $_COOKIE[$this->remCookieName] ) && !$this->is_loaded() )
{
//echo 'I know you<br />';
$u = unserialize( base64_decode( $_COOKIE[$this->remCookieName] ) );
$this->login( $u['uname'], $u['password'] );
}
}
/**
* Login function
* @param string $uname
* @param string $password
* @param bool $loadUser
* @return bool
*/
function login($uname, $password, $remember = false, $loadUser = true)
{
$uname = $this->escape($uname);
$password = $originalPassword = $this->escape($password);
switch(strtolower($this->passMethod))
{
case 'sha1':
$password = "'$password'"/*"SHA1('$password')"*/; break;
case 'md5' :
$password = "MD5('$password')";break;
case 'nothing':
$password = "'$password'";
}
$res = $this->dbConn->query("SELECT * FROM `{$this->dbTable}` WHERE `{$this->tbFields['login']}` = '$uname' AND `{$this->tbFields['pass']}` = $password LIMIT 1");
if ( $res->num_rows == 0)
{
$res->free();
return false;
}
if ( $loadUser )
{
$this->userData = $res->fetch_array( MYSQLI_ASSOC );
$this->userID = $this->userData[$this->tbFields['userID']];
$_SESSION[$this->sessionVariable] = $this->userID;
if ( $remember )
{
$cookie = base64_encode(serialize(array('uname'=>$uname,'password'=>$originalPassword)));
$a = setcookie($this->remCookieName,
$cookie,time() + $this->remTime, '/', $this->remCookieDomain);
}
}
$res->free();
return true;
}
/**
* Logout function
* param string $redirectTo
* @return bool
*/
function logout($redirectTo = '')
{
$this->userData = '';
$this->userID = '';
setcookie($this->remCookieName, '', time() - $this->remTime - 3600, '/', $this->remCookieDomain);
$_SESSION[$this->sessionVariable] = '';
if ( $redirectTo != '' && !headers_sent())
{
header('Location: '.$redirectTo );
exit;//To ensure security
}
}
/**
* Function to determine if a property is true or false
* param string $prop
* @return bool
*/
function is($prop)
{
return $this->get_property($prop)==1?true:false;
}
/**
* Get a property of a user. You should give here the name of the field that you seek from the user table
* @param string $property
* @return string
*/
function get_property($property)
{
if (empty($this->userID))
$this->error('No user is loaded', __LINE__);
if (!isset($this->userData[$property]))
$this->error('Unknown property <b>'.$property.'</b>', __LINE__);
return $this->userData[$property];
}
/**
* Is the user an active user?
* @return bool
*/
function is_active()
{
return $this->userData[$this->tbFields['active']];
}
/**
* Is the user loaded?
* @ return bool
*/
function is_loaded()
{
return empty($this->userID) ? false : true;
}
function get_userID()
{
return $this->userID;
}
/**
* Activates the user account
* @return bool
*/
function activate()
{
if (empty($this->userID))
$this->error('No user is loaded', __LINE__);
if ( $this->is_active())
$this->error('Allready active account', __LINE__);
$res = $this->dbConn->query("UPDATE `{$this->dbTable}` SET {$this->tbFields['active']} = 1 WHERE `{$this->tbFields['userID']}` = '".$this->escape($this->userID)."' LIMIT 1");
if ( $this->dbConn->getDBlink()->affected_rows == 1)
{
$this->userData[$this->tbFields['active']] = true;
return true;
}
return false;
}
/*
* Creates a user account. The array should have the form 'database field' => 'value'
* @param array $data
* return int
*/
function insertUser($data)
{
if (!is_array($data))
$this->error('Data is not an array', __LINE__);
switch(strtolower($this->passMethod))
{
case 'sha1':
$password = "SHA1('".$data[$this->tbFields['pass']]."')"; break;
case 'md5' :
$password = "MD5('".$data[$this->tbFields['pass']]."')";break;
case 'nothing':
$password = $data[$this->tbFields['pass']];
}
foreach ($data as $k => $v )
$data[$k] = "'".$this->escape($v)."'";
$data[$this->tbFields['pass']] = $password;
$res = $this->dbConn->query("INSERT INTO `{$this->dbTable}` (`".implode('`, `', array_keys($data))."`) VALUES (".implode(", ", $data).")");
$r = $this->dbConn->getRealLastID() ;
//$res->free();
$this->dbConn->query("OPTIMIZE TABLE `{$this->dbTable}`");
return (int)$r;
}
// juroo
function setUser($data)
{
if (!is_array($data))
$this->error('Data is not an array', __LINE__);
foreach ($data as $k => $v )
$data[$k] = "'" . $this->escape($v) . "'";
$params = '';
foreach ($data as $k => $v )
$params = $params . '`' . $k . '` = ' . $v . ', ';
$params = substr($params, 0, strlen($params)-2);
$res = $this->dbConn->query("UPDATE `{$this->dbTable}` SET " . $params . " WHERE `ID` = ".$this->userID." LIMIT 1");
if ( $this->dbConn->getDBlink()->affected_rows == 0)
{
return false;
}
$res = $this->dbConn->query("SELECT * FROM `{$this->dbTable}` WHERE `ID` = ".$this->userID." LIMIT 1");
if ( $res->num_rows == 0)
{
$res->free();
return false;
}
$this->userData = $res->fetch_array( MYSQLI_ASSOC );
$res->free();
$this->dbConn->query("OPTIMIZE TABLE `{$this->dbTable}`");
return true;
}
// juroo - end
/*
* Creates a random password. You can use it to create a password or a hash for user activation
* param int $length
* param string $chrs
* return string
*/
function randomPass($length=10, $chrs = '1234567890qwertyuiopasdfghjklzxcvbnm')
{
$ch = str_split($chrs);
for($i = 0; $i < $length; $i++)
{
$pwd .= $chrs{mt_rand(0, strlen($chrs))};
}
return $pwd;
}
function randomPassEx($length=10, $chrs = '1234567890qwertyuiopasdfghjklzxcvbnm')
{
$pwd = '';
for ( $i = 0; $i < $length; $i++ )
{
$pwd .= $chrs[ mt_rand(0, strlen($chrs)-1) ];
}
return $pwd;
}
////////////////////////////////////////////
// PRIVATE FUNCTIONS
////////////////////////////////////////////
/**
* A function that is used to load one user's data
* @access private
* @param string $userID
* @return bool
*/
function loadUser($userID)
{
$res = $this->dbConn->query("SELECT * FROM `{$this->dbTable}` WHERE `{$this->tbFields['userID']}` = '".$this->escape($userID)."' LIMIT 1");
if ( $res->num_rows == 0 )
{
$res->free();
return false;
}
$this->userData = $res->fetch_array( MYSQLI_ASSOC );
$this->userID = $userID;
$_SESSION[$this->sessionVariable] = $this->userID;
$res->free();
return true;
}
/**
* Produces the result of addslashes() with more safety
* @access private
* @param string $str
* @return string
*/
function escape($str)
{
$str = get_magic_quotes_gpc()?stripslashes($str):$str;
$str = $this->dbConn->getDBlink()->real_escape_string( $str );
return $str;
}
/**
* Error holder for the class
* @access private
* @param string $error
* @param int $line
* @param bool $die
* @return bool
*/
function error($error, $line = '', $die = false)
{
if ( $this->displayErrors )
echo '<b>Error: </b>'.$error.'<br /><b>Line: </b>'.($line==''?'Unknown':$line).'<br />';
if ($die) exit;
return false;
}
}
?>
ACC SHELL 2018