Supports both admin and member mode. Has a small footprint so you can use it with sessions to keep track of members easily.

By : smckone

<?php
/***********************************************************************
User authorization:
An easy object oriented way to keep users
and admins from accessing off limit parts of
your site.

Sam McKone <sam@evilwalrus.com>
2001
***********************************************************************/
class USER{
var $user_name = "";
var $encripted_pass = "";
var $db = -1;
var $db_name = "database name";

var $logged_in = false;
var $member_type = "";
//==================================================================
// Initialization
function USER($user,$pass){
$this->db_connect();
$this->log_in($user,$pass);
}
function db_connect(){
if($this->db == -1){
$this->db = mysql_connect("host.dot.com","username","pass")
or die ("connection error");
}
}
function db_close(){
mysql_close($this->db);
$this->db= -1;
}
//================================================================
// information functions

function is_admin(){
if($this->logged_in && $this->member_type == "admin"){
return true;
}else{
return false;
}
}
function is_basic(){
if($this->logged_in && $this->member_type == "basic"){
return true;
}else{
return false;
}
}
function get_user(){
if($this->user_name != ""){
return $this->user_name;
}
return false;
}
function get_pass(){
if($this->encripted_pass != ""){
return $this->user_name;
}
return false;
}

//================================================================
// control functions

function log_out(){
$this->user_name = "";
$this->member_type = "";
$this->logged_in = false;
}
function log_in($user,$pass){

// secret md5() variables to make this script harder to crack
// got the idea from phpbuilder
$key[basic] = "345hjk435oo4i2mdhndf";
$key[admin] = "hajh389asdmf9291asd";
$type = 0;

// check to see if the users is in the database and
// return the type of user they are.
$query = "SELECT type FROM users WHERE username='"
.$user."' AND password='".$pass."'";
$result = mysql_db_query($this->db_name,$query,$this->db)
or die ("Query error: getting username");


if(mysql_num_rows($result) > 0){
$type = mysql_fetch_assoc($result);
$type = $type[type];

$this->user_name = $user;
$this->encripted_pass = md5($pass.$key[$type]);

$this->logged_in = true;
$this->member_type = $type;
}else{
$this->user_name = "";
$this->encripted_pass = "";

$this->logged_in = false;
$this->member_type = "";
}
}
function register($user,$pass){
// check if user exists
$query = "SELECT id FROM users WHERE username='"
.$this->user_name."';";
$result = mysql_db_query($this->db_name,$query,$this->db)
or die ("Write 1 error");

if(mysql_num_rows($result) <= 0){
// if not than add user to the database
$query = "INSERT INTO users VALUES('0','".$user
. "','" . $pass . "','basic')";
}

if(mysql_db_query($db_name,$query,$db)){
$this->log_in($user,$pass);
return true;
}
return false;
}
}
?>
//=================================================================
//Examples
//=================================================================
<?php
// user with a session
session_start();
if($_SESSION["user"]){
$localuser = unserialize($_SESSION["user"]);
}else{
$localuser = new USER($_POST["username"],$POST["username"]);
}

// make sure you close the user if you use the db functions.
$localuser->db_close();

if(!$_SESSION["user"]){
session_register("user");
}
$_SESSION["user"] = $localuser;
?>
All you have to do once you get the users authorized is check
them to see if they can do certen things on the site. ie
<?php
if($localuser->is_basic() || $localuser->is_admin()){
// can add messages or something
}
?>
======================== mysql table structure ===============================
CREATE TABLE IF NOT EXISTS users VALUES(id INT UNSIGNED
AUTO_INCREMENT PRIMARY KEY,username TEXT,password TEXT,type TEXT)

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

More User Management Code Articles
More By Codewalkers

 

developerWorks - FREE Tools!

NEW! Develop Systems Software Assets with IBM Rational Asset Manager Join us for this on demand webcast to learn about developing complex systems more quickly and efficiently. We'll cover market drivers for developing, governing and reusing systems software assets and how you can develop system software assets with Rational Asset Manager. FREE! Go There Now!

NEW! Discovering the value of WebSphere Process Server WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies. FREE! Go There Now!

NEW! IBM Rational AppScan Standard Edition V7.7 Secure your Web applications with IBM Rational AppScan Standard Edition V7.7, previously known as Watchfire AppScan. This Web application security testing tool automates vulnerability assessments and scans and tests for common Web application vulnerabilities. Visit IBM developerWorks to download a free trial of IBM Rational AppScan Standard Edition V7.7. FREE! Go There Now!

NEW! IBM Rational ClearCase Innovator's Series Learn from the best! Find out how developers use Rational ClearCase to be more flexible, innovative and deliver higher quality code in the Rational ClearCase Power Users eKit. This complimentary eKit provides a collection of materials, like articles, whitepapers, and demos that can help you become a power user of Rational ClearCase. FREE! Go There Now!

NEW! Info 2.0: Harnessing the power of Web 2.0 and Enterprise Mashups Listen to this webcast to get an overview of Info 2.0 and a technical demo of how to quickly build an enterprise mashup. IBM's Info 2.0 technology leverages emerging Web 2.0 technologies such as mashups, feeds, AJAX, and JSON in order to simplify assembly of information using feeds and services. Come learn about the technical elements of Info 2.0 including the Feed Generation framework, Mashup Engine, and mashup assembly components. Learn how to pull information from databases, departmental information, and the Web to create mashups critical to your company’s success. We will also discuss best practices to help you get started. FREE! Go There Now!

NEW! Maintaining QoS and Process Integrity in an SOA Environment This webcast outlines the best practices that must be instituted to gain the maximum benefit from SOA while maintaining high quality of service. Whether you are deploying new applications or managing and monitoring your existing infrastructure, learn how you can ensure high quality of services with SOA based solutions from IBM. All registrants who attend this live Web Seminar will receive complimentary access to a white paper titled “Maintaining QoS in an SOA Environment”. FREE! Go There Now!

NEW! Rational Talks to You: Scott Ambler on being agile in a global development environment Join this Rational Talks to You teleconference on December 6 at 1:00 pm ET to participate in an agile application development discussion and get your questions answered on using IBM Rational Method Composer in a distributed environment.Get your questions answered! FREE! Go There Now!

NEW! Software Change and Configuration Management Solution Guidelines This whitepaper provides areas to consider when evaluating any software configuration management solution. It addresses how the IBM solutions (Rational ClearCase and Rational ClearQuest) meet the needs and requirements of both project leaders and developers to provide successful Software Change and Configuration Management. FREE! Go There Now!

NEW! Try the IBM SOA Sandbox for Process Visit IBM developerWorks to try the IBM SOA Sandbox for process. The SOA Sandbox for process focuses on providing a trial environment with the necessary tooling and components required to gain a better understanding of business processes and how to best improve existing business processes to derive value quickly. FREE! Go There Now!

Refresh! IBM Rational Systems Development Solution eKit With IBM Rational Systems Development Solution, you can deliver products faster with higher quality. Within this kit, Read the “Model Driven Systems Development” white paper to see how to improve product quality and communication. Then check out the rest of the e-Kit to learn more about important topics that can affect the success of any software project through customer examples, tutorials, informative Webcasts, and best practices for designing, building and managing systems. From start to finish, at every stage in your projects, Rational Systems Development Solution can help your company reach its full potential. FREE! Go There Now!

All FREE IBM® developerWorks Tools!