Файл: sys/system.auth.php
Строк: 87
<?php
// Авторизация
class Authorization {
function IsUserAuthorized() {
if(isset($_SESSION["username"]) && isset($_SESSION["userpassword"])) {
return true;
} else {
return false;
}
}
function GetUserRights($db) {
if(!isset($_SESSION["username"])) {
return "Гость";
}
$sqlq = "SELECT rights FROM users WHERE nick='$_SESSION[username]'";
$arr = $db->QueryAndFetch($sqlq);
if($arr["rights"] == 1) {
return "Пользователь";
}
if($arr["rights"] == 2) {
return "Модератор";
}
if($arr["rights"] == 3) {
return "Администратор";
}
if($arr["rights"] == 4) {
return "Создатель";
}
if($arr["rights"] == -1) {
return "Парится в баньке";
}
}
function IsUserExists($sql, $username) {
$sql->Filter($username);
$sqlq = "SELECT * FROM users WHERE nick='$username'";
$arr = $sql->QueryAndFetch($sqlq);
if($username == $arr["nick"]) {
return true;
} else {
return false;
}
}
function RegisterNewUser($db, $username, $userpassword) {
$db->Filter($username);
$db->Filter($userpassword);
$sql = "INSERT INTO `users` (`nick`, `password`, `realname`, `age`, `os`, `city`, `rights`, `id`) VALUES
('$username', '" . md5($userpassword) . "', 'Not defined', 0, 'Not defined', 'Not defined', 1, 0)";
$db->Query($sql, null);
}
function GetUserID($db, $username) {
$db->Filter($username);
$sql = "SELECT nick, password, id FROM users WHERE nick='$username'";
$arr = $db->QueryAndFetch($sql, null);
return $arr["id"];
}
function GetUserFromID($db, $id) {
$db->Filter($id);
$sql = "SELECT nick, password, id FROM users WHERE id='$id'";
$arr = $db->QueryAndFetch($sql, null);
return $arr["nick"];
}
function GetUserInformation($db, $id) {
$db->Filter($id);
$sql = "SELECT * FROM users WHERE id='$id'";
$arr = $db->QueryAndFetch($sql, null);
return $arr;
}
function EditInfo($db, $id, $field, $value) {
$db->Filter($id);
$db->Filter($field);
$db->Filter($value);
$sql = "UPDATE users SET $field='$value'";
$arr = $db->Query($sql, null);
}
function Login($render, $db, $username, $userpassword) {
$db->Filter($username);
$db->Filter($userpassword);
$sql = "SELECT nick, password FROM users WHERE nick='$username'";
$arr = $db->QueryAndFetch($sql);
if($arr["password"] ==md5($userpassword)) {
$_SESSION["username"] = $username;
$_SESSION["userpassword"] = md5($userpassword);
} else {
$render->CreateText("Неверный пароль!");
exit;
}
}
// Выйти
function Logout() {
unset($_SESSION["username"]);
unset($_SESSION["userpassword"]);
}
}
?>