1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
|
<?php
class User extends Core
{
// Userdaten
public $userRow;
protected $allFields = "userID,userName, userPass,userSalt, userMail,userRegDate,userRegIp,userLastLogin,userStatus";
//private $userRight;
//Userdaten vor dem Login
private $userLoginInfo = false;
//protected $cookieExp = time()+(30*60);
public function __construct($userID = NULL)
{
// wie gesagt der Konstruktor ist für den **** :(
if($userID !== NULL)
{
$resultObj = parent::$dbObj->query("SELECT ".$allFields."
FROM ".TABLE_PREFIX."user
WHERE userID = ".intval($userID)."
LIMIT 1");
if(!$resultObj) $this->userRow = "Guest";
else $this->userRow = $resultObj->fetch_assoc;
} else {
$this->userRow = "Guest";
}
}
public function createSession($userRow = $this->userRow) {}
// Überprüfe Username
public function checkUsername($userName)
{
$sqlStmt = "SELECT userID,
userName,
userPass,
userSalt
FROM ".TABLE_PREFIX."user
WHERE userName = '".parent::$dbObj->escape_string($userName)."'
AND userStatus = 'active'
LIMIT 1";
$resultObj = parent::$dbObj->query($sqlStmt);
if(!$resultObj) return false;
else
{
$this->userLoginInfo = $resultObj->fetch_assoc();
return true;
}
}
// Danach kann das Passwort kontrolliert werden
public function checkPassword($userPassword)
{
if($this->userLoginInfo === FALSE) return false;
$sqlStmt = "SELECT userMail,
userRegDate,
userRegIp,
userLastLogin,
userStatus
FROM ".TABLE_PREFIX."user
WHERE userPassword = '".hash("sha256", $userPassword.$this->userLoginInfo['userSalt'])."'
AND userStatus = 'active'
LIMIT 1";
$resultObj = parent::$dbObj->query($sqlStmt);
if(!$resultObj) return false;
else
{
$this->userLoginInfo[] = $resultObj->fetch_assoc();
return true;
}
}
// Sobald Username und Passwort in Ordnung sind kann man einloggen
public function performLogin()
{
if($this->userLoginInfo === false || !isset($this->userLoginInfo['userMail'])) return false;
parent::$dbObj->query("UPDATE ".TABLE_PREFIX."site set userLastLogin=NOW() WHERE userID=".$this->userLoginInfo['userID']." LIMIT 1");
$this->userRow = $this->userLoginInfo;
$this->createSession();
return true;
}
// Statische Registrier Funktion
public static function registerUser($userID, $userName, $userPass, $userMail)
{
$userSalt = parent::generateSalt();
$userRegIp = $_SERVER['REMOTE_ADDR'];
$sqlStmt = "INSERT INTO ".TABLE_PREFIX."site(".$allFields.") VALUES(NULL, '".$dbObj->escape_string($userName)."', '".hash("sha256", $userPass.$userSalt)."', '".$userSalt."', '".$dbObj->escape_string($userMail)."', NOW(), '".$dbObj->escape_string($userRegIp)."', NULL, NULL)";
$dbObj->query($sqlStmt)
/**
* Rechte Tabelle ausfüllen fehlt auch noch...
**/
}
}
?>
|