蓝派网(www.lan27.com)-精选网络资源,分享和交流! 文章首页站内搜索在线手册广告代码酷站欣赏万年历
您现在的位置: 蓝派网 >> 文章中心 >> 网络编程 >> PHP >> 正文

一个用于网站用户管理的函数库

作者:佚名    文章来源:网络转载    更新时间:2007-11-26 23:59:28
<?php

$hidden_hash_var='your_password_here';

$LOGGED_IN=false;
//clear it out in case someone sets it in the URL or something
unset($LOGGED_IN);

/*

create table user (
user_id int not null auto_increment primary key,
user_name text,
real_name text,
email text,
password text,
remote_addr text,
confirm_hash text,
is_confirmed int not null default 0
);

*/

function user_isloggedin() {
global $user_name,$id_hash,$hidden_hash_var,$LOGGED_IN;
//have we already run the hash checks?
//If so, return the pre-set var
if (isset($LOGGED_IN)) {
return $LOGGED_IN;
}
if ($user_name && $id_hash) {
$hash=md5($user_name.$hidden_hash_var);
if ($hash == $id_hash) {
$LOGGED_IN=true;
return true;
} else {
$LOGGED_IN=false;
return false;
}
} else {
$LOGGED_IN=false;
return false;
}
}

function user_login($user_name,$password) {
global $feedback;
if (!$user_name || !$password) {
$feedback .= ' ERROR - Missing user name or password ';
return false;
} else {
$user_name=strtolower($user_name);
$password=strtolower($password);
$sql="SELECT * FROM user WHERE user_name='$user_name' AND password='". md5($password) ."'";
$result=db_query($sql);
if (!$result || db_numrows($result) < 1){
$feedback .= ' ERROR - User not found or password incorrect ';
return false;
} else {
if (db_result($result,0,'is_confirmed') == '1') {
user_set_tokens($user_name);
$feedback .= ' SUCCESS - You Are Now Logged In ';
return true;
} else {
$feedback .= ' ERROR - You haven\'t Confirmed Your Account Yet ';
return false;
}
}
}
}

function user_logout() {
setcookie('user_name','',(time()+2592000),'/','',0);
setcookie('id_hash','',(time()+2592000),'/','',0);
}

function user_set_tokens($user_name_in) {
global $hidden_hash_var,$user_name,$id_hash;
if (!$user_name_in) {
$feedback .= ' ERROR - User Name Missing When Setting Tokens ';
return false;
}
$user_name=strtolower($user_name_in);
$id_hash= md5($user_name.$hidden_hash_var);

setcookie('user_name',$user_name,(time()+2592000),'/','',0);
setcookie('id_hash',$id_hash,(time()+2592000),'/','',0);
}

function user_confirm($hash,$email) {
/*
Call this function on the user confirmation page,
which they arrive at when the click the link in the
account confirmation email
*/

global $feedback,$hidden_hash_var;

//verify that they didn't tamper with the email address
$new_hash=md5($email.$hidden_hash_var);
if ($new_hash && ($new_hash==$hash)) {
//find this record in the db
$sql="SELECT * FROM user WHERE confirm_hash='$hash'";
$result=db_query($sql);
if (!$result || db_numrows($result) < 1) {
$feedback .= ' ERROR - Hash Not Found ';
return false;
} else {
//confirm the email and set account to active
$feedback .= ' User Account Updated - You Are Now Logged In ';
user_set_tokens(db_result($result,0,'user_name'));
$sql="UPDATE user SET email='$email',is_confirmed='1' WHERE confirm_hash='$hash'";
$result=db_query($sql);
return true;
}
} else {
$feedback .= ' HASH INVALID - UPDATE FAILED ';
return false;
}
}

function user_change_password ($new_password1,$new_password2,$change_user_name,$old_password) {
global $feedback;
//new passwords present and match?
if ($new_password1 && ($new_password1==$new_password2)) {
//is this password long enough?
if (account_pwvalid($new_password1)) {
//all vars are present?
if ($change_user_name && $old_password) {
//lower case everything
$change_user_name=strtolower($change_user_name);
$old_password=strtolower($old_password);
$new_password1=strtolower($new_password1);
$sql="SELECT * FROM user WHERE user_name='$change_user_name' AND password='". md5($old_password) ."'";
$result=db_query($sql);
if (!$result || db_numrows($result) < 1) {
$feedback .= ' User not found or bad password '.db_error();
return false;
} else {
$sql="UPDATE user SET password='". md5($new_password1). "' ".
"WHERE user_name='$change_user_name' AND password='". md5($old_password). "'";
$result=db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= ' NOTHING Changed '.db_error();
return false;
} else {
$feedback .= ' Password Changed ';
return true;
}
}
} else {
$feedback .= ' Must Provide User Name And Old Password ';
return false;
}
} else {
$feedback .= ' New Passwords Doesn\'t Meet Criteria ';
return false;
}
} else {
return false;
$feedback .= ' New Passwords Must Match ';
}
}

function user_lost_password ($em

[1] [2] [3] 下一页

 
【相关文章:】
一个用于MySQL的PHP XML类

发表评论】【打印此文】【关闭窗口】【点击数:
★好玩的休闲小游戏★