I've been working on a login system, and it's coming along great. When you log in you set a session, etc. Cookies also work. Whenever a page is loaded it checks if the session is valid, and if its not will unset the session. I need a way to tell the rest of the page whether or not the user is logged in. It might explain better if I post the code:
In the sessions function, whenever it returns true I also need it to output something to tell the page that the user is logged in. I could use a global variable, but would rather not. Any suggestions?PHP Code:<?php
class login {
var $display;
var $error;
function login($array, $mysql){
if($array['submit'] == 'Login'){
$rows = $mysql->numrows('SELECT id FROM u_users WHERE uname = \'' . addslashes($array['uname']) . '\' LIMIT 1');
$err0 = $rows != 1 ? '<br />Invalid Username' : NULL;
$rows = $mysql->numrows('SELECT id FROM u_users WHERE uname = \'' . addslashes($array['uname']) . '\' AND pass = \'' . md5($array['pass']) . '\' LIMIT 1');
$err1 = $rows != 1 ? '<br />Invalid Password' : NULL;
$rows = $mysql->numrows('SELECT level FROM u_users WHERE uname = \'' . addslashes($array['uname']) . '\' AND level > 0 LIMIT 1');
$err2 = empty($err0) && $rows != 1 ? '<br />Please activate your account and retry' : NULL;
$this->error = isset($err0) || isset($err1) || isset($err2)
? '<div class="error"><strong class="error">Error(s):' . $err0 . $err1 . $err2 . '</strong></div>' : NULL;
if(!empty($this->error)){
return $this->error;
}
else{
$row = $mysql->result('SELECT id, level, rand FROM u_users WHERE uname = \'' . addslashes($array['uname']) . '\'');
$rand = md5(mt_rand());
$_SESSION['userinfo'] = $row[0];
$_SESSION['userinfo'][2] = $rand;
$mysql->query('UPDATE u_users SET rand = \'' . $rand . '\' WHERE id = \'' . $row[0][0] . '\'');
if($array['remember'] == 'checked'){
setcookie('userinfo', $row[0][0] . ', ' . $row[0][1] . ', ' . $row[0][2], time()+3600*24*30, '/');
}
return header('location: /account/');
}
}
}
function display($array, $mysql){
$this->display = '<div class="top">Login</div>' . "\n"
. '<form action="/login/" method="post">' . "\n"
. $this->login($array, $mysql) . "\n"
. '<div class="reglcol">' . "\n"
. 'Username:<br />' . "\n"
. 'Password:<br />' . "\n"
. 'Remember Info: <input class="checkbox" type="checkbox" name="remember" value="checked" />' . "\n"
. '</div>' . "\n"
. '<div class="regrcol">' . "\n"
. '<input type="text" name="uname" maxlength="20" /><br />' . "\n"
. '<input type="password" name="pass" maxlength="32" /><br />' . "\n"
. '<input class="button" type="submit" name="submit" value="Login" />' . "\n"
. '</form>' . "\n";
return $this->display;
}
}
class sessions {
function sessions($mysql){
session_start();
if(empty($_SESSION['userinfo'])){
if(isset($_COOKIE['userinfo'])){
$userinfo = explode(', ', $_COOKIE['userinfo']);
$_SESSION['userinfo'] = $userinfo;
return true;
}
return false;
}
else{
$row = $mysql->result('SELECT id, level, rand FROM u_users WHERE id = \'' . addslashes($_SESSION['userinfo'][0]) . '\'');
if($row[0] == $_SESSION['userinfo']){
return true;
}
unset($_SESSION['userinfo']);
return false;
}
}
}
?>
Originally Posted by victorvp
Bookmarks