SunQuest
 
       User Management Code
  Home arrow User Management Code arrow User authorization class
Codewalker Forums 
  Tutorials  
Database Articles  
Miscellaneous  
Navigation Usability  
PEAR Articles  
Programming Basics  
Server Administration  
XML Tutorials  
  Reviews  
Database Book Reviews  
Linux Book Reviews  
Miscellaneous Reviews  
PHP Book Reviews  
PHP Software Reviews  
Server Admin Reviews  
SQL Tool Reviews  
  Code Gallery  
Content Management Code  
Contest Code  
Counters Code  
Database Code  
Date Time Code  
Discussion Board Code  
Email Code  
File Manipulation Code  
GUI Code  
Link Farm Code  
Miscellaneous Code  
Search Code  
Site Navigation Code  
User Management Code  
Forums Sitemap 
Dedicated Servers  
Download TestComplete 
IBM® developerWorks
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
USER MANAGEMENT CODE

User authorization class
By: Codewalkers
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 1
    2002-01-18

    Table of Contents:

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     
    ADVERTISEMENT

    Stay one step ahead of the competition. Evaluate and give feedback on some of the hottest web development tools on the market today. Make your opinion heard! Click Here

    Supports both admin and member mode. Has a small footprint so you can use it with sessions to keep track of members easily.

    By : smckone

    <?php
    /***********************************************************************
    User authorization:
    An easy object oriented way to keep users
    and admins from accessing off limit parts of
    your site.

    Sam McKone <sam@evilwalrus.com>
    2001
    ***********************************************************************/
    class USER{
    var $user_name = "";
    var $encripted_pass = "";
    var $db = -1;
    var $db_name = "database name";

    var $logged_in = false;
    var $member_type = "";
    //==================================================================
    // Initialization
    function USER($user,$pass){
    $this->db_connect();
    $this->log_in($user,$pass);
    }
    function db_connect(){
    if($this->db == -1){
    $this->db = mysql_connect("host.dot.com","username","pass")
    or die ("connection error");
    }
    }
    function db_close(){
    mysql_close($this->db);
    $this->db= -1;
    }
    //================================================================
    // information functions

    function is_admin(){
    if($this->logged_in && $this->member_type == "admin"){
    return true;
    }else{
    return false;
    }
    }
    function is_basic(){
    if($this->logged_in && $this->member_type == "basic"){
    return true;
    }else{
    return false;
    }
    }
    function get_user(){
    if($this->user_name != ""){
    return $this->user_name;
    }
    return false;
    }
    function get_pass(){
    if($this->encripted_pass != ""){
    return $this->user_name;
    }
    return false;
    }

    //================================================================
    // control functions

    function log_out(){
    $this->user_name = "";
    $this->member_type = "";
    $this->logged_in = false;
    }
    function log_in($user,$pass){

    // secret md5() variables to make this script harder to crack
    // got the idea from phpbuilder
    $key[basic] = "345hjk435oo4i2mdhndf";
    $key[admin] = "hajh389asdmf9291asd";
    $type = 0;

    // check to see if the users is in the database and
    // return the type of user they are.
    $query = "SELECT type FROM users WHERE username='"
    .$user."' AND password='".$pass."'";
    $result = mysql_db_query($this->db_name,$query,$this->db)
    or die ("Query error: getting username");


    if(mysql_num_rows($result) > 0){
    $type = mysql_fetch_assoc($result);
    $type = $type[type];

    $this->user_name = $user;
    $this->encripted_pass = md5($pass.$key[$type]);

    $this->logged_in = true;
    $this->member_type = $type;
    }else{
    $this->user_name = "";
    $this->encripted_pass = "";

    $this->logged_in = false;
    $this->member_type = "";
    }
    }
    function register($user,$pass){
    // check if user exists
    $query = "SELECT id FROM users WHERE username='"
    .$this->user_name."';";
    $result = mysql_db_query($this->db_name,$query,$this->db)
    or die ("Write 1 error");

    if(mysql_num_rows($result) <= 0){
    // if not than add user to the database
    $query = "INSERT INTO users VALUES('0','".$user
    . "','" . $pass . "','basic')";
    }

    if(mysql_db_query($db_name,$query,$db)){
    $this->log_in($user,$pass);
    return true;
    }
    return false;
    }
    }
    ?>
    //=================================================================
    //Examples
    //=================================================================
    <?php
    // user with a session
    session_start();
    if($_SESSION["user"]){
    $localuser = unserialize($_SESSION["user"]);
    }else{
    $localuser = new USER($_POST["username"],$POST["username"]);
    }

    // make sure you close the user if you use the db functions.
    $localuser->db_close();

    if(!$_SESSION["user"]){
    session_register("user");
    }
    $_SESSION["user"] = $localuser;
    ?>
    All you have to do once you get the users authorized is check
    them to see if they can do certen things on the site. ie
    <?php
    if($localuser->is_basic() || $localuser->is_admin()){
    // can add messages or something
    }
    ?>
    ======================== mysql table structure ===============================
    CREATE TABLE IF NOT EXISTS users VALUES(id INT UNSIGNED
    AUTO_INCREMENT PRIMARY KEY,username TEXT,password TEXT,type TEXT)
    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More User Management Code Articles
    More By Codewalkers

     

    IBM® developerWorks developerWorks - FREE Tools!


    NEW! Discovering the value of WebSphere Process Server

    WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies.
    FREE! Go There Now!


    NEW! Rational Talks to You: Manage RUP-based CMMI initiatives

    Join this Rational Talks to You teleconference on December 4 at 1:00 pm ET to discuss how Rational Method Composer can help meet your compliance objectives. Get your questions answered!
    FREE! Go There Now!


    Role of Integrated Requirements Management in Software Delivery

    As organizations integrate software into every aspect of business, they are constantly pressured to deliver faster, better, and cheaper results. Unfortunately, a “dis-integrated” software delivery approach reduces returns while increasing costs. This IBM Rational White Paper shows how Integrated Requirements Management aligns organizations around maximizing value and keeping pace with change.
    FREE! Go There Now!


    Check out the new Jazz space on developerWorks

    <a href="http://zeus.developershed.com/shonuff.php?blackbird=3853&zoneid=442&source=&dest=http%3A%2F%2Fwww.ibm.com%2Fdeveloperworks%2Fspaces%2Fjazz%3FS_TACT%3D105AGY31%26S_CMP%3DDEVSHED&ismap="><img src="http://images.devshed.com/corp/img/news/jazz01.gif" alt="developerWorks Jazz space" align="left"></a>You've heard the buzz about Jazz... want to know more about it from a developer's perspective? Check out the Jazz space on developerWorks. This space is an up-to-date resource for developers, including technical information about Jazz and products built on Jazz, like Rational Team Concert Express. The Jazz space includes content from a wide variety of sources, including links, feeds, and comments from experts.
    FREE! Go There Now!


    NEW! Achieving True Agility -- How process can change the behavior of your tools

    Achieving true agility is a never-ending effort. We will showcase how you can become agile incrementally, a few practices at the time.Which practices should any agile team strive to adopt? What additional practices should you consider based on your needs to scale? Adopting practices are however made much easier with the right tool support. What about if your tools adapt to your practices? We will take a look at how the Jazz technology can be leveraged to make your process change the behavior of your tools.
    FREE! Go There Now!


    NEW! Evaluate IBM Lotus Sametime Standard V8.0

    Visit IBM developerWorks to download a free trial of the latest release of IBM Lotus Sametime Standard V8.0. Lotus Sametime Standard V8.0 is a platform for unified communications and collaboration that combines security features with an extensible, open solution including integrated Voice over IP, geographic location awareness, mobile clients, and a robust Business Partner community offering telephony and video integration.
    FREE! Go There Now!


    IBM DB2 Deep Compression ROI Tool

    The IBM DB2 Deep Compression ROI tool is designed for DBA’s and IT management personnel to perform a clinical analysis of the cost savings gained from the Storage Optimization feature of DB2 9 for Linux, UNIX and Windows. The feature, also known as Deep Compression, compresses data that lies within a database by up to 80% at times.
    FREE! Go There Now!


    NEW! The role of integrated requirements management in software delivery

    This paper is about the critical role that a discipline called integrated require­ments management can play in helping to ensure that your business goals and IT investments are continuously aligned—whether you are sourcing, integrat­ing, building or maintaining software. It also looks at ways that automated IBM Rational® products can work together to help you use requirements in the very best way.
    FREE! Go There Now!


    NEW! Webcast: Striking the right balance between manual and automated testing

    Join this webcast to learn how IBM Rational's Functional Testing solution enables you to implement automation your way, at your pace, with your existing staff. In this webcast, you’ll learn how you can eliminate redundancy of manual test scripts, reduce errors, and increase test coverage through test automation. After this presentation you will understand how IBM Rational Functional Testing solution can streamline your manual testing and make test automation easily attainable.
    FREE! Go There Now!


    NEW! Run your first CICS application on a PC using TXSeries for Windows

    Learn the basics of the IBM Customer Information Control System (CICS). With a hands-on exercise, learn how to get your first CICS application up and running on your desktop using TXSeries V6.1 for Windows. The tutorial shows you how to download and install a free trial version of TXSeries V6.1.
    FREE! Go There Now!



    All FREE IBM® developerWorks Tools!

    USER MANAGEMENT CODE ARTICLES

    - XCRYPT v1.0b
    - DB_eSession class stores sessions in a MySQL...
    - Ever Changing Dynamic Passcode Code
    - phpAutoMembersArea - create own members area
    - Azura Signup 2.5
    - Azura Signup 2.0
    - Azura Signup
    - Flexcustomer
    - PHP Quicksite 2.0
    - PHP Quicksite 1.0
    - random string generator (key generator)
    - Example Login system
    - Simple and Easy Security
    - Basic Security
    - UMA - User Management and Authentication






    © 2003-2008 by Developer Shed. All rights reserved. DS Cluster 4 hosted by Hostway