Location: PHPKode > projects > Exero CMS > upload/class/user.php
<?
/*========================================*\
| Exero CMS                                |
|==========================================|
|          http://ecms.getox.net           |
|https://sourceforge.net/projects/exerocms/|
|==========================================|
|     Exero CMS is released under the      |
|     GNU General Public License (GPL)     |
| opensource.org/licenses/gpl-license.php  |
\*========================================*/
define("TABLE_PREFIX","");
class ecmsUser {
	var $cookiepath = "";
	var $cookiedomath = "";
	var $loggedin = "";
	// Do Login //
	function login($username,$password,$remember='0') {
		global $db,$_SESSION, $ecms;
		$login = $db->query("SELECT * FROM ".TABLE_PREFIX."users WHERE username='".$db->real_escape_string($username)."' AND password='".md5($password)."' LIMIT 1");
		if($db->num_rows($login) == 1) {
			$user = $db->fetch_array($login);
			if($remember) {
				$_SESSION['userid'] = $user['uid'];
				$_SESSION['username'] = $user['username'];
				$_SESSION['password'] = $password;
				setcookie('hash',session_id(),time()+600000000000000000,$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
				setcookie('password',md5($password),time()+600000000000000000,$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
				$db->query("UPDATE ".TABLE_PREFIX."users SET sessionid='".session_id()."', remember='".$db->real_escape_string($remember)."' WHERE uid='".$user['uid']."' LIMIT 1");
			} else {
				$_SESSION['userid'] = $user['uid'];
				$_SESSION['username'] = $user['username'];
				$_SESSION['password'] = $password;
				setcookie('hash',session_id(),0,$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
				setcookie('password',md5($password),0,$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
				$db->query("UPDATE ".TABLE_PREFIX."users SET sessionid='".session_id()."', remember='".$db->real_escape_string($remember)."' WHERE uid='".$user['uid']."' LIMIT 1");
			}
			return 1;
		} else {
			return 0;
		}
	}
	// Do Register //
	function register($username,$password,$email) {
		global $db, $ecms;
		if($this->loggedin) {
			return "loggedin";
		} else {
			$checkname = $db->query("SELECT * FROM ".TABLE_PREFIX."users WHERE username='".$db->real_escape_string($username)."' LIMIT 1");
			if($db->num_rows($checkname) == 1) {
				return "nametaken";
			} else {
				$db->query("INSERT INTO ".TABLE_PREFIX."users VALUES('','".$db->real_escape_string($username)."','".md5($password)."','".$db->real_escape_string($email)."','2','','Member','".time()."','".time()."','','0','')");
				return 1;
			}
		}
	}
	// Do Logout //
	function logout() {
	global $db, $ecms, $_COOKIE;
		$db->query("UPDATE ".TABLE_PREFIX."users SET sessionid='' WHERE uid='".$user['uid']."'");
		$_SESSION['userid'] = "";
		$_SESSION['username'] = "";
		$_SESSION['password'] = "";
		setcookie('hash',"",time(),$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
		setcookie('password',"",time(),$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
		
		session_regenerate_id();
		return 1;
	}
	// Do Load //
	function check() {
	global $db,$_SESSION, $ecms, $show, $ecms, $_COOKIE;
		$check = $db->query("SELECT * FROM ".TABLE_PREFIX."users WHERE sessionid='".$db->real_escape_string($_COOKIE['hash'])."' AND password='".$db->real_escape_string($_COOKIE['password'])."'");
		if($db->num_rows($check) == 1) {
			$user = $db->fetch_array($check);
			$this->groupinfo = $db->query_first("SELECT * FROM groups WHERE gid='".$user['groupid']."' LIMIT 1");
			$loggedin = 1;
			$this->userinfo = $user;
			$_SESSION['userid'] = $user['uid'];
			$_SESSION['username'] = $user['username'];
			$_SESSION['password'] = $user['password'];
			$this->groupid = $user['groupid'];
			$this->username = $_SESSION['username'];
			$this->userid = $_SESSION['userid'];
			$this->langid = 1;
			$this->loggedin = 1;
			if($user['remember']) {
				setcookie('hash',$_COOKIE['hash'],time()+600000000000000000,$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
				setcookie('password',$_COOKIE['password'],time()+600000000000000000,$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
			} else {
				setcookie('hash',session_id(),0,$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
				setcookie('password',$_COOKIE['password'],0,$ecms->settings['cookiepath'],$ecms->settings['cookiedomain']);
			}
				
			define("LOGGEDIN",1);
			$show['login'] = 0;
			$show['register'] = 0;
		} else {
			define("LOGGEDIN",0);
			$loggedin = 0;
			$this->langid = 1;
			$_SESSION['userid'] = '0';
			$_SESSION['username'] = 'Guest';
			$this->groupinfo = $db->query_first("SELECT * FROM groups WHERE gid='3' LIMIT 1");
			$this->username = $_SESSION['username'];
			$this->userid = $_SESSION['userid'];
			$this->userinfo['username'] = $_SESSION['username'];
			$this->userinfo['groupid'] = '3';
			$show['login'] = 1;
			$show['register'] = 1;
		}
	}
	// Do Getuserinfo //
	function getuserinfo($field) {
	global $db;
		if($this->loggedin) {
			$user = $db->query_first("SELECT $field FROM ".TABLE_PREFIX."users");
			return $user[$field];
		} else {
			$user['groupid'] = 0;
			return $user[field];
		}
	}
}
?>
100% Free PHP Newsletter Script! Download now!
Return current item: Exero CMS