<?php
//login class by abdohoo.com ----------------- Licience: Free for Non Commercial use, Only For Development Purposes
//To use it for commercial purpose, first get written permission from author is needed and agree to terms
// this class is only for development purposes.
    class login_Brain {

    protected $sr_user_agent,$sr_remote_ip,$s_username,$s_accesslevel,$s_useragent,$s_remote_ip,$s_remote_port,$s_abdohoo_unique_id,$s_abdohoo_randomnumber,$c_abdohoo_random_number;


    function  __construct() {
    $this->s_username = $_SESSION['username']; //session
    $this->s_useragent = $_SESSION['user_agent']; //session
    $this->s_remote_port = $_SESSION ['remote_port']; //session
    $this->s_remote_ip = $_SESSION ['remote_ip']; //session
    $this->s_accesslevel = $_SESSION ['accesslevel']; //session
    $this->s_abdohoo_unique_id = $_SESSION ['abdohoo_uniqueid']; //session
    $this->s_abdohoo_randomnumber = $_SESSION ['abdohoo_randomnumber']; //session
    $this->c_abdohoo_random_number = $_COOKIE['abdohoo_randomnumber']; //cookie
    $this->sr_remote_ip = $_SERVER['REMOTE_ADDR'];
    $this->sr_user_agent=$_SERVER['HTTP_USER_AGENT'];;
    }
   
    function db_connect(){
        //database info, or u can ur db conn file
    $hostname_login = "localhost";
    $database_login = "abdohoo_prdms";
    $username_login = "root";
    $password_login = "";
    $login = mysql_connect($hostname_login, $username_login, $password_login) or trigger_error(mysql_error(),E_USER_ERROR);
    mysql_select_db($database_login, $login);
    }


    function check_if_login_successful($do_check_username,$do_check_password_md) {

    $query_user_login = sprintf("SELECT
    *
    FROM
    `admin_information`
    WHERE admin_username=%s AND admin_password=%s",
    $this->GetSQLValueString($do_check_username, "text"),
    $this->GetSQLValueString($do_check_password_md, "text"));
    $user_login = mysql_query($query_user_login) or die(mysql_error());
    $row_user_login = mysql_fetch_assoc($user_login);
    $totalRows_user_login = mysql_num_rows($user_login);
    if ($totalRows_user_login == 0) { // Show if recordset empty
    return 1; //not logged In
    } // Show if recordset empty
    else if ($totalRows_user_login == 1) { // Show if recordset not empty
    switch($row_user_login['admin_active_id']){ //errors error no in login_error
    case 5 : return 5; break;
    case 6 : return 6; break;
    case 7 : return 7; break;
    case 8 : return 8; break;
    case 9 : return 9; break;
    // Login case-1
    case 1: return $this->login_proceed($row_user_login['admin_username'],$row_user_login['admin_permission_id'],$row_user_login['abdohoo_app_id']); break;
    }
    } 
    }


    function check_if_already_logged_in() {
    if ((isset ( $this->s_username, $this->s_useragent, $this->s_remote_ip )) && ($this->s_remote_ip == $this->sr_remote_ip) && ($this->s_useragent == $this->sr_user_agent)) {
    $query_user_checkin = sprintf("SELECT
    *
    FROM
    login_information
    WHERE
    login_information.login_session_id =  %s AND
    login_information.login_remoteip =  %s AND
    login_information.login_randomnumber =  %s AND
    login_information.login_user_name =  %s AND
    login_information.login_accesslevel =  %s AND
    login_information.login_date_time <  %s
    ",
    $this->GetSQLValueString(session_id(), "text"),
    $this->GetSQLValueString($_SERVER ['REMOTE_ADDR'], "text"),
    $this->GetSQLValueString($this->c_abdohoo_random_number, "int"),
    $this->GetSQLValueString($this->s_username, "text"),
    $this->GetSQLValueString(md5($this->s_accesslevel), "text"),
    $this->GetSQLValueString(time(), "int"));
    $user_checkin = mysql_query($query_user_checkin) or die(mysql_error());
    $row_user_login = mysql_fetch_assoc($user_checkin);
    $totalRows_user_checkin = mysql_num_rows($user_checkin);
    if ($totalRows_user_checkin == 0) { // Show if recordset empty
    $this->session_end(1);
    return false; //not logged In
    } //========================================================
    else if ($totalRows_user_checkin == 1) { // successful

    return true;
    } // else 
    $this->session_end(1);
    return false;
    }
    else {
    return false;
    }
    }
    function login_proceed($username, $accesslevel, $abdohoo_unique_id) {
    $_SESSION ['username'] = $username; // only database have information
    $_SESSION ['accesslevel'] = $accesslevel; //only database have information
    $_SESSION ['user_agent'] = $_SERVER ['HTTP_USER_AGENT'];
    $_SESSION ['remote_ip'] = $_SERVER ['REMOTE_ADDR'];
    $_SESSION ['remote_port'] = $_SERVER ['REMOTE_PORT'];
    $_SESSION ['abdohoo_uniqueid'] = $abdohoo_unique_id; // only database have information
    $_SESSION ['abdohoo_randomnumber'] = rand ( 1, 9999999999 );
    setcookie ( 'abdohoo_randomnumber', $_SESSION ['abdohoo_randomnumber'], time () + 3600 );
    // --------------------------------------------------------------------------------------------
    return $this->log_to_database ();

    }

    function log_to_database() {
    // $this->db_connect();

    $insertSQL = sprintf ( "INSERT INTO login_information (abdohoo_unique_id, login_user_name, login_session_id, login_date_time, login_randomnumber, login_remoteip, login_useragent, login_remoteport, login_accesslevel) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s)",
    $this->GetSQLValueString ( $_SESSION ['abdohoo_uniqueid'], "int" ),
    $this->GetSQLValueString ( $_SESSION ['username'], "text" ),
    $this->GetSQLValueString ( session_id (), "text" ),
    $this->GetSQLValueString ( time (), "text" ),
    $this->GetSQLValueString ( $_SESSION ['abdohoo_randomnumber'], "int" ),
    $this->GetSQLValueString ( $_SESSION ['remote_ip'], "text" ),
    $this->GetSQLValueString ( $_SESSION ['user_agent'], "text" ),
    $this->GetSQLValueString ( $_SESSION ['remote_port'], "int" ),
    $this->GetSQLValueString ( md5($_SESSION ['accesslevel']), "text" ) );

    $result_itd = mysql_query ( $insertSQL ) or die ( mysql_error () );
    if (! ($result_itd)) {
    //    echo "failed";
    }
    else {
    self::__construct();
    return true;
    }
    }

    function clean_login_db($logout="") {
    $cdtime = time() - (1* 01 * 60 * 60);
    // time, if one hour completes, it elans the db and logout process
    if (isset($logout) && ($logout!=""))
    {

    $clean_db_sql = "Delete from login_information WHERE login_session_id = '" .session_id(). "'";
    }
    else {
    $clean_db_sql = "Delete from login_information WHERE login_date_time <= $cdtime  ";
    }
    mysql_query($clean_db_sql) or die(mysql_error());
    }

    function session_end($destroy="") {
    $this->clean_login_db(1);

    $_SESSION = array ();
    if (isset ( $_COOKIE [session_name ()] )) {
    setcookie ( session_name (), '', time () - 42000, '/' );
    setcookie ("abdohoo_randomnumber",'',time()-4200);
    }
    if ($destroy == "") //not to destroy session if any other session is going on
    {
    session_destroy ();
    //session_start();
    }

    }


    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") {
    if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc () ? stripslashes ( $theValue ) : $theValue;
    }

    $theValue = function_exists ( "mysql_real_escape_string" ) ? mysql_real_escape_string ( $theValue ) : mysql_escape_string ( $theValue );

    switch ($theType) {
    case "text" :
    $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    break;
    case "long" :
    case "int" :
    $theValue = ($theValue != "") ? intval ( $theValue ) : "NULL";
    break;
    case "double" :
    $theValue = ($theValue != "") ? doubleval ( $theValue ) : "NULL";
    break;
    case "date" :
    $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    break;
    case "defined" :
    $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
    break;
    }
    return $theValue;
    }

    } // end of class


    ?>