| [ Index ] |
|
Code source de e107 0.7.8 |
1 <?php 2 3 /* 4 + ----------------------------------------------------------------------------+ 5 | e107 website system 6 | 7 | ©Steve Dunstan 2001-2002 8 | http://e107.org 9 | jalist@e107.org 10 | 11 | Released under the terms and conditions of the 12 | GNU General Public License (http://gnu.org). 13 | 14 | $Source: /cvsroot/e107/e107_0.7/e107_handlers/usersession_class.php,v $ 15 | $Revision: 1.9 $ 16 | $Date: 2006/11/09 09:28:58 $ 17 | $Author: lisa_ $ 18 +----------------------------------------------------------------------------+ 19 */ 20 21 if (!defined('e107_INIT')) { exit; } 22 23 class eUserSession { 24 25 var $_UserTrackingType; 26 var $_CookieName; 27 var $_SessionID; 28 var $_SessionName; 29 var $_LoginResult; 30 31 var $UserDetails = array(); 32 var $UserTimes = array(); 33 var $UserPrefs = array(); 34 var $UserIsAdmin = false; 35 var $_RawPermissions; 36 var $_Permissions = array(); 37 var $SuperAdmin = false; 38 var $SessionData = array(); 39 var $IsUser = false; 40 41 var $UserIP; 42 43 function eUserSession() { 44 global $pref; 45 46 // Login types operators 47 define('USERLOGIN_TYPE_COOKIE', 0); 48 define('USERLOGIN_TYPE_SESSION', 1); 49 define('USERLOGIN_TYPE_POST', 2); 50 51 // badlogin operators 52 define('LOGINRESULT_OK', 0); 53 define('LOGINRESULT_INVALIDCOOKIE', 1); 54 define('LOGINRESULT_INVALIDSESSION', 2); 55 define('LOGINRESULT_INVALIDSESSIONCOOKIE', 3); 56 define('LOGINRESULT_BADUSERPASS', 4); 57 define('LOGINRESULT_NOTLOGGEDIN', 5); 58 59 // Session handler options - adjust to taste 60 e107_ini_set('session.auto_start', 0); 61 e107_ini_set('session.serialize_handler', 'php'); 62 e107_ini_set('session.cookie_lifetime', 0); 63 e107_ini_set('session.use_cookies', 1); 64 e107_ini_set('session.use_only_cookies', 1); 65 e107_ini_set('url_rewriter.tags', ''); 66 e107_ini_set('session.use_trans_sid', 0); 67 68 $this->_SessionName = session_name(); 69 $this->_UserTrackingType = $pref['user_tracking']; 70 $this->_CookieName = $pref['cookie_name']; 71 72 global $e107; 73 $e107->getip; 74 } 75 76 function UserSessionStart() { 77 print_r($_POST); 78 79 if ($_POST['username'] && $_POST['userpass']) { 80 if (ini_get('magic_quotes_gpc' != 1)) { 81 $_POST['username'] = addslashes($_POST['username']); 82 $_POST['userpass'] = addslashes($_POST['userpass']); 83 } 84 $_POST['autologin'] = intval($_POST['autologin']); 85 $this->LoginUser(USERLOGIN_TYPE_POST, $_POST['username'], $_POST['userpass'], false, $_POST['autologin']); 86 } elseif ($this->_UserTrackingType == 'session' && $_COOKIE[$this->$_SessionName]) { 87 } elseif ($this->_UserTrackingType == 'cookie' && isset($_COOKIE[$this->_CookieName])) { 88 $Cookie = explode('.', $_COOKIE[$this->_CookieName]); 89 if (count($Cookie) != 2) { 90 $this->_LoginResult = LOGINRESULT_INVALIDCOOKIE; 91 } elseif(preg_match('/^[A-Fa-f0-9]{32}$/', $Cookie[1]) && intval($Cookie[0]) > 0) { 92 $this->LoginUser(USERLOGIN_TYPE_COOKIE, false, $Cookie[1], $Cookie[0]); 93 } else { 94 $this->_LoginResult = LOGINRESULT_INVALIDCOOKIE; 95 } 96 } else { 97 $this->AnonUser(); 98 $this->_LoginResult = LOGINRESULT_NOTLOGGEDIN; 99 } 100 if ($this->_LoginResult != LOGINRESULT_OK) { 101 $this->AnonUser(); 102 } 103 $this->CompatabiltyMode(); 104 } 105 106 function LoginUser($LoginType = false, $UserName = false, $UserPassword = false, $UserID = false, $AutoLogin = false) { 107 global $sql, $tp; 108 switch ($LoginType) { 109 case USERLOGIN_TYPE_COOKIE: 110 if (!$sql->db_Select('user', '*', "user_id = '".intval($UserID)."' AND md5(`user_password`) = '".$tp -> toDB($UserPassword)."'")){ 111 $this->_LoginResult = LOGINRESULT_INVALIDCOOKIE; 112 } else { 113 $row = $sql->db_Fetch(); 114 $this->ExtractDetails($row); 115 $this->IsUser = true; 116 $this->_LoginResult = LOGINRESULT_OK; 117 } 118 break; 119 case USERLOGIN_TYPE_SESSION: 120 echo "Session Handling Not Fully Implemented Yet!"; 121 break; 122 case USERLOGIN_TYPE_POST: 123 $UserPassword = md5($UserPassword); 124 if (!$sql->db_Select('user', '*', "user_name = '".$tp -> toDB($UserName)."' AND user_password = '".$tp -> toDB($UserPassword)."'", 'default', true)) { 125 $this->_LoginResult = LOGINRESULT_BADUSERPASS; 126 } else { 127 $row = $sql->db_Fetch(); 128 $this->IsUser = true; 129 $this->_LoginResult = LOGINRESULT_OK; 130 $this->ExtractDetails($row); 131 if ($AutoLogin == true) { 132 header('P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"'); 133 setcookie($this->_CookieName, $row['user_id'].'.'.md5($UserPassword), (time() + 3600 * 24 * 30)); 134 $_COOKIE[$this->_CookieName] = $row['user_id'].'.'.md5($UserPassword); 135 } else { 136 header('P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"'); 137 setcookie($this->_CookieName, $row['user_id'].'.'.$UserPassword); 138 $_COOKIE[$this->_CookieName] = $row['user_id'].'.'.md5($UserPassword); 139 } 140 if ($this->_UserTrackingType == 'session') { 141 session_start(); 142 } 143 } 144 break; 145 if ($this->_LoginResult == LOGINRESULT_INVALIDCOOKIE) { 146 header('P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"'); 147 setcookie($pref['cookie_name'], '', (time()-2592000)); 148 unset($_COOKIE[$this->_CookieName]); 149 } 150 } 151 } 152 153 function ExtractDetails($MySQL_Row) { 154 global $user_pref, $pref; 155 if ($MySQL_Row['user_ban'] == 1) { 156 exit(); 157 } 158 $this->UserDetails['Name'] = $MySQL_Row['user_name']; 159 $this->UserDetails['ID'] = $MySQL_Row['user_id']; 160 $this->UserDetails['Email'] = $MySQL_Row['user_email']; 161 $this->UserDetails['Class'] = $MySQL_Row['user_class']; 162 $this->UserDetails['Viewed'] = $MySQL_Row['user_viewed']; 163 $this->UserDetails['Image'] = $MySQL_Row['user_image']; 164 $this->UserTimes['PasswordChange'] = $MySQL_Row['user_pwchange']; 165 $this->UserTimes['LastVisit'] = $MySQL_Row['user_lastvisit']; 166 $this->UserTimes['CurrentVisit'] = $MySQL_Row['user_currentvisit']; 167 $this->UserTimes['Join'] = $MySQL_Row['user_join']; 168 $this->UserTimes['Lastpost'] = $MySQL_Row['user_lastpost']; 169 $this->UserPrefs = unserialize($MySQL_Row['user_prefs']); 170 $this->_UserSession = $MySQL_Row['user_sess']; 171 if ($MySQL_Row['user_admin'] == 1) { 172 $this->UserIsAdmin = true; 173 $this->_RawPermissions = $MySQL_Row['user_perms']; 174 $Perms = explode('.', $MySQL_Row['user_perms']); 175 $pTotal = count($Perms) - 1; 176 if ($Perms[$pTotal] == '') { 177 unset($Perms[$pTotal]); 178 } 179 if ($Perms[0] == '0') { 180 $this->SuperAdmin = true; 181 } else { 182 $this->_Permissions = $Perms; 183 } 184 } 185 if ($this->UserTimes['CurrentVisit'] + 3600 < time()) { 186 $this->UserTimes['LastVisit'] = $this->UserTimes['CurrentVisit']; 187 $this->UserTimes['CurrentVisit'] = time(); 188 $sql->db_Update('user', "user_visits = user_visits + 1, user_lastvisit = '{$this->UserTimes['LastVisit']}', user_currentvisit='{$this->UserTimes['CurrentVisit']}', user_viewed='' WHERE user_id='{$this->UserDetails['ID']}'"); 189 } 190 if (isset($_POST['settheme'])) { 191 $this->UserPrefs['sitetheme'] = ($pref['sitetheme'] == $_POST['sitetheme'] ? '' : $_POST['sitetheme']); 192 $user_pref = $this->UserPrefs; 193 save_prefs('user', $this->UserDetails['ID']); 194 } 195 $user_pref = $this->UserPrefs; 196 } 197 198 function AnonUser() { 199 $this->UserDetails['Name'] = 'Anonymous'; 200 $this->UserDetails['ID'] = 0; 201 $this->UserDetails['Email'] = ''; 202 $this->UserTimes['LastVisit'] = time(); 203 $this->UserTimes['CurrentVisit'] = time(); 204 $this->UserTimes['Join'] = time(); 205 $this->UserTimes['Lastpost'] = time(); 206 $this->UserPrefs = array(); 207 $this->UserIsAdmin = false; 208 $this->SuperAdmin = false; 209 $this->_Permissions = array(); 210 } 211 212 function CompatabiltyMode() { 213 if ($this->IsUser == true) { 214 define("USERID", $this->UserDetails['ID']); 215 define("USERNAME", $this->UserDetails['Name']); 216 define("USER", TRUE); 217 define("USERCLASS", $this->UserDetails['Class']); 218 define("USERVIEWED", $this->UserDetails['Viewed']); 219 define("USERIMAGE", $this->UserDetails['Image']); 220 define("USERSESS", $this->_UserSession); 221 222 define("USERTHEME", ($this->UserPrefs['sitetheme'] && file_exists(e_THEME.$this->UserPrefs['sitetheme'].'/theme.php') ? $this->UserPrefs['sitetheme'] : false)); 223 224 if ($this->UserIsAdmin == true) { 225 define("ADMIN", TRUE); 226 define("ADMINID", $this->UserDetails['ID']); 227 define("ADMINNAME", $this->UserDetails['Name']); 228 define("ADMINPERMS", $this->_RawPermissions); 229 define("ADMINEMAIL", $this->UserDetails['Email']); 230 define("ADMINPWCHANGE", $this->UserTimes['PasswordChange']); 231 } else { 232 define("ADMIN", FALSE); 233 } 234 } else { 235 define("USER", FALSE); 236 define("USERTHEME", FALSE); 237 define("ADMIN", FALSE); 238 define("GUEST", TRUE); 239 } 240 } 241 } 242 243 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 01:23:32 2007 | par Balluche grâce à PHPXref 0.7 |