users.class - Copy.php at JACR - Just Another Checkbook Register

<?php
require_once('DBConn/table.class.php');

class Users extends DBTable
{
var $userId;
public function __construct($userId=NULL)
{
	
	global $dbname, $dbTablPre, $installMode;
	$this->tablename       =  $dbTablPre.'users';
	$this->dbname          = $dbname;
	$this->rows_per_page   = 0;
	$this->userId = $userId;
	$this->fieldlist = array(
					 'id' => 			array('int(10) unsigned ', 'NOT NULL', NULL, 'auto_increment'),
					 'username' =>		array('varchar(255)', 'NOT NULL', NULL, NULL),
					 'password' =>		array('varchar(255)', 'NOT NULL', NULL, NULL)
					 );
	$this->pKEY='id';
	$this->uniqueKEY[] = 'username';
	if($installMode===true)
		$this->createUser();
	else
		$this->verify_or_logIn();
}


private function verify_or_logIn()
{
	
	$username = $this->getVar('un');
	$password = $this->getVar('pw');
	//echo '$username = '.$username.', $password= '.$password.'';
	$userData = $this->getData('username = "'.$username.'"');
		if (is_array($userData)){
			if($this->cryptPassword($password, $userData[0]['password']) ==  $userData[0]['password']){
				setcookie("un", $username, time()+3600);
				setcookie("pw", $password, time()+3600);
				echo '<hr> $username = '.$_COOKIE['un'].', $password= '.$_COOKIE['un'].'';
				return true;
			}
		}
		else {
			die($this->loginForm());
			return false;
		}
		
}
private function loginForm()
{
	echo '
	<fieldset style="float:left;"><legend>Please log in:</legend>
	<form action="" method="post" id="loginForm">
		<label><span>Username:</span><input type="text" value="" name="un"/></label>
		<label><span>Password:</span><input type="password" name="pw"/></label>
		<input type="submit" name="login" value="Login"/>
	</form>
	
	';
}
private function createUser()
{
	if (isset($_GET['createuser'])){
		if( ($_POST['pw'][0] != $_POST['pw'][1]) || !isset($_POST['un']) ){
			echo "<big>Passwords do not match or username was empty</big>";
		}
		else{
			$un = $_POST['un'];
			$pw = $this->cryptPassword($_POST['pw'][0]);
			$checkUN = $this->getData("username=\"$un\"");
			if(is_array($checkUN)){
				echo "<big>Username $un already exists!</big>";
			}
			else{
				$this->insertRecord(array( 'username' => $un, 'password' => $pw));
				echo "$un created!<hr/>";
				return true;
			}
		}
	}
	?>
	<fieldset style="float:left;"><legend>Create a new user:</legend>
	<form id="createUserForm" method="post" action="?createuser">
		<label><span>Username:</span><input type="text" value="" name="un"></label>
		<label><span>Password:</span><input type="password" name="pw[]"></label>
		<label><span>Password:</span><input type="password" name="pw[]"></label>
		<input type="submit" name="createuser" value="Create User" />
	</form>
	</fieldset>
	<?php
}

private function cryptPassword($pw, $salt=NULL)
{
	return crypt($pw,$salt);
}
}