Supports both admin and member mode. Has a small footprint so you can use it with sessions to keep track of members easily.

By : smckone

<?php
/***********************************************************************
User authorization:
An easy object oriented way to keep users
and admins from accessing off limit parts of
your site.

Sam McKone <sam@evilwalrus.com>
2001
***********************************************************************/
class USER{
var $user_name = "";
var $encripted_pass = "";
var $db = -1;
var $db_name = "database name";

var $logged_in = false;
var $member_type = "";
//==================================================================
// Initialization
function USER($user,$pass){
$this->db_connect();
$this->log_in($user,$pass);
}
function db_connect(){
if($this->db == -1){
$this->db = mysql_connect("host.dot.com","username","pass")
or die ("connection error");
}
}
function db_close(){
mysql_close($this->db);
$this->db= -1;
}
//================================================================
// information functions

function is_admin(){
if($this->logged_in && $this->member_type == "admin"){
return true;
}else{
return false;
}
}
function is_basic(){
if($this->logged_in && $this->member_type == "basic"){
return true;
}else{
return false;
}
}
function get_user(){
if($this->user_name != ""){
return $this->user_name;
}
return false;
}
function get_pass(){
if($this->encripted_pass != ""){
return $this->user_name;
}
return false;
}

//================================================================
// control functions

function log_out(){
$this->user_name = "";
$this->member_type = "";
$this->logged_in = false;
}
function log_in($user,$pass){

// secret md5() variables to make this script harder to crack
// got the idea from phpbuilder
$key[basic] = "345hjk435oo4i2mdhndf";
$key[admin] = "hajh389asdmf9291asd";
$type = 0;

// check to see if the users is in the database and
// return the type of user they are.
$query = "SELECT type FROM users WHERE username='"
.$user."' AND password='".$pass."'";
$result = mysql_db_query($this->db_name,$query,$this->db)
or die ("Query error: getting username");


if(mysql_num_rows($result) > 0){
$type = mysql_fetch_assoc($result);
$type = $type[type];

$this->user_name = $user;
$this->encripted_pass = md5($pass.$key[$type]);

$this->logged_in = true;
$this->member_type = $type;
}else{
$this->user_name = "";
$this->encripted_pass = "";

$this->logged_in = false;
$this->member_type = "";
}
}
function register($user,$pass){
// check if user exists
$query = "SELECT id FROM users WHERE username='"
.$this->user_name."';";
$result = mysql_db_query($this->db_name,$query,$this->db)
or die ("Write 1 error");

if(mysql_num_rows($result) <= 0){
// if not than add user to the database
$query = "INSERT INTO users VALUES('0','".$user
. "','" . $pass . "','basic')";
}

if(mysql_db_query($db_name,$query,$db)){
$this->log_in($user,$pass);
return true;
}
return false;
}
}
?>
//=================================================================
//Examples
//=================================================================
<?php
// user with a session
session_start();
if($_SESSION["user"]){
$localuser = unserialize($_SESSION["user"]);
}else{
$localuser = new USER($_POST["username"],$POST["username"]);
}

// make sure you close the user if you use the db functions.
$localuser->db_close();

if(!$_SESSION["user"]){
session_register("user");
}
$_SESSION["user"] = $localuser;
?>
All you have to do once you get the users authorized is check
them to see if they can do certen things on the site. ie
<?php
if($localuser->is_basic() || $localuser->is_admin()){
// can add messages or something
}
?>
======================== mysql table structure ===============================
CREATE TABLE IF NOT EXISTS users VALUES(id INT UNSIGNED
AUTO_INCREMENT PRIMARY KEY,username TEXT,password TEXT,type TEXT)

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

More User Management Code Articles
More By Codewalkers

 

developerWorks - FREE Tools!

NEW! Discovering the value of WebSphere Process Server WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies. FREE! Go There Now!

NEW! Rational Talks to You: Manage RUP-based CMMI initiatives Join this Rational Talks to You teleconference on December 4 at 1:00 pm ET to discuss how Rational Method Composer can help meet your compliance objectives. Get your questions answered! FREE! Go There Now!

Role of Integrated Requirements Management in Software Delivery As organizations integrate software into every aspect of business, they are constantly pressured to deliver faster, better, and cheaper results. Unfortunately, a “dis-integrated” software delivery approach reduces returns while increasing costs. This IBM Rational White Paper shows how Integrated Requirements Management aligns organizations around maximizing value and keeping pace with change. FREE! Go There Now!

Check out the new Jazz space on developerWorks <a href="http://zeus.developershed.com/shonuff.php?blackbird=3853&zoneid=442&source=&dest=http%3A%2F%2Fwww.ibm.com%2Fdeveloperworks%2Fspaces%2Fjazz%3FS_TACT%3D105AGY31%26S_CMP%3DDEVSHED&ismap="><img src="http://images.devshed.com/corp/img/news/jazz01.gif" alt="developerWorks Jazz space" align="left"></a>You've heard the buzz about Jazz... want to know more about it from a developer's perspective? Check out the Jazz space on developerWorks. This space is an up-to-date resource for developers, including technical information about Jazz and products built on Jazz, like Rational Team Concert Express. The Jazz space includes content from a wide variety of sources, including links, feeds, and comments from experts. FREE! Go There Now!

NEW! Achieving True Agility -- How process can change the behavior of your tools Achieving true agility is a never-ending effort. We will showcase how you can become agile incrementally, a few practices at the time.Which practices should any agile team strive to adopt? What additional practices should you consider based on your needs to scale? Adopting practices are however made much easier with the right tool support. What about if your tools adapt to your practices? We will take a look at how the Jazz technology can be leveraged to make your process change the behavior of your tools. FREE! Go There Now!

NEW! Evaluate IBM Lotus Sametime Standard V8.0 Visit IBM developerWorks to download a free trial of the latest release of IBM Lotus Sametime Standard V8.0. Lotus Sametime Standard V8.0 is a platform for unified communications and collaboration that combines security features with an extensible, open solution including integrated Voice over IP, geographic location awareness, mobile clients, and a robust Business Partner community offering telephony and video integration. FREE! Go There Now!

IBM DB2 Deep Compression ROI Tool The IBM DB2 Deep Compression ROI tool is designed for DBA’s and IT management personnel to perform a clinical analysis of the cost savings gained from the Storage Optimization feature of DB2 9 for Linux, UNIX and Windows. The feature, also known as Deep Compression, compresses data that lies within a database by up to 80% at times. FREE! Go There Now!

NEW! The role of integrated requirements management in software delivery This paper is about the critical role that a discipline called integrated require­ments management can play in helping to ensure that your business goals and IT investments are continuously aligned—whether you are sourcing, integrat­ing, building or maintaining software. It also looks at ways that automated IBM Rational® products can work together to help you use requirements in the very best way. FREE! Go There Now!

NEW! Webcast: Striking the right balance between manual and automated testing Join this webcast to learn how IBM Rational's Functional Testing solution enables you to implement automation your way, at your pace, with your existing staff. In this webcast, you’ll learn how you can eliminate redundancy of manual test scripts, reduce errors, and increase test coverage through test automation. After this presentation you will understand how IBM Rational Functional Testing solution can streamline your manual testing and make test automation easily attainable. FREE! Go There Now!

NEW! Run your first CICS application on a PC using TXSeries for Windows Learn the basics of the IBM Customer Information Control System (CICS). With a hands-on exercise, learn how to get your first CICS application up and running on your desktop using TXSeries V6.1 for Windows. The tutorial shows you how to download and install a free trial version of TXSeries V6.1. FREE! Go There Now!

All FREE IBM® developerWorks Tools!