User Management Code
  Home arrow User Management Code arrow User authorization class
Codewalker Forums 
  Tutorials  
Database Articles  
Miscellaneous  
Navigation Usability  
PEAR Articles  
Programming Basics  
Server Administration  
XML Tutorials  
  Reviews  
Database Book Reviews  
Linux Book Reviews  
Miscellaneous Reviews  
PHP Book Reviews  
PHP Software Reviews  
Server Admin Reviews  
SQL Tool Reviews  
  Code Gallery  
Content Management Code  
Contest Code  
Counters Code  
Database Code  
Date Time Code  
Discussion Board Code  
Email Code  
File Manipulation Code  
GUI Code  
Link Farm Code  
Miscellaneous Code  
Search Code  
Site Navigation Code  
User Management Code  
Mobile Linux 
App Generation ROI 
IBM® developerWorks 
Download TestComplete 
Forums Sitemap 
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us Get Paid 
Request Media Kit
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
USER MANAGEMENT CODE

User authorization class
By: Codewalkers
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 4 stars4 stars4 stars4 stars4 stars / 2
    2002-01-18

    Table of Contents:

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     
    ADVERTISEMENT


    Supports both admin and member mode. Has a small footprint so you can use it with sessions to keep track of members easily.

    By : smckone

    <?php
    /***********************************************************************
    User authorization:
    An easy object oriented way to keep users
    and admins from accessing off limit parts of
    your site.

    Sam McKone <sam@evilwalrus.com>
    2001
    ***********************************************************************/
    class USER{
    var $user_name = "";
    var $encripted_pass = "";
    var $db = -1;
    var $db_name = "database name";

    var $logged_in = false;
    var $member_type = "";
    //==================================================================
    // Initialization
    function USER($user,$pass){
    $this->db_connect();
    $this->log_in($user,$pass);
    }
    function db_connect(){
    if($this->db == -1){
    $this->db = mysql_connect("host.dot.com","username","pass")
    or die ("connection error");
    }
    }
    function db_close(){
    mysql_close($this->db);
    $this->db= -1;
    }
    //================================================================
    // information functions

    function is_admin(){
    if($this->logged_in && $this->member_type == "admin"){
    return true;
    }else{
    return false;
    }
    }
    function is_basic(){
    if($this->logged_in && $this->member_type == "basic"){
    return true;
    }else{
    return false;
    }
    }
    function get_user(){
    if($this->user_name != ""){
    return $this->user_name;
    }
    return false;
    }
    function get_pass(){
    if($this->encripted_pass != ""){
    return $this->user_name;
    }
    return false;
    }

    //================================================================
    // control functions

    function log_out(){
    $this->user_name = "";
    $this->member_type = "";
    $this->logged_in = false;
    }
    function log_in($user,$pass){

    // secret md5() variables to make this script harder to crack
    // got the idea from phpbuilder
    $key[basic] = "345hjk435oo4i2mdhndf";
    $key[admin] = "hajh389asdmf9291asd";
    $type = 0;

    // check to see if the users is in the database and
    // return the type of user they are.
    $query = "SELECT type FROM users WHERE username='"
    .$user."' AND password='".$pass."'";
    $result = mysql_db_query($this->db_name,$query,$this->db)
    or die ("Query error: getting username");


    if(mysql_num_rows($result) > 0){
    $type = mysql_fetch_assoc($result);
    $type = $type[type];

    $this->user_name = $user;
    $this->encripted_pass = md5($pass.$key[$type]);

    $this->logged_in = true;
    $this->member_type = $type;
    }else{
    $this->user_name = "";
    $this->encripted_pass = "";

    $this->logged_in = false;
    $this->member_type = "";
    }
    }
    function register($user,$pass){
    // check if user exists
    $query = "SELECT id FROM users WHERE username='"
    .$this->user_name."';";
    $result = mysql_db_query($this->db_name,$query,$this->db)
    or die ("Write 1 error");

    if(mysql_num_rows($result) <= 0){
    // if not than add user to the database
    $query = "INSERT INTO users VALUES('0','".$user
    . "','" . $pass . "','basic')";
    }

    if(mysql_db_query($db_name,$query,$db)){
    $this->log_in($user,$pass);
    return true;
    }
    return false;
    }
    }
    ?>
    //=================================================================
    //Examples
    //=================================================================
    <?php
    // user with a session
    session_start();
    if($_SESSION["user"]){
    $localuser = unserialize($_SESSION["user"]);
    }else{
    $localuser = new USER($_POST["username"],$POST["username"]);
    }

    // make sure you close the user if you use the db functions.
    $localuser->db_close();

    if(!$_SESSION["user"]){
    session_register("user");
    }
    $_SESSION["user"] = $localuser;
    ?>
    All you have to do once you get the users authorized is check
    them to see if they can do certen things on the site. ie
    <?php
    if($localuser->is_basic() || $localuser->is_admin()){
    // can add messages or something
    }
    ?>
    ======================== mysql table structure ===============================
    CREATE TABLE IF NOT EXISTS users VALUES(id INT UNSIGNED
    AUTO_INCREMENT PRIMARY KEY,username TEXT,password TEXT,type TEXT)
    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More User Management Code Articles
    More By Codewalkers

     

    IBM® developerWorks developerWorks - FREE Tools!


    NEW! Develop Systems Software Assets with IBM Rational Asset Manager

    Join us for this on demand webcast to learn about developing complex systems more quickly and efficiently. We'll cover market drivers for developing, governing and reusing systems software assets and how you can develop system software assets with Rational Asset Manager.
    FREE! Go There Now!


    NEW! Discovering the value of WebSphere Process Server

    WebSphere Process Server delivers a unique integration framework that simplifies existing IT resources. Often, as IT assets grow to support business demand, so too does their complexity and manageability. In this webcast, we’ll discuss how WebSphere Process Server helps deliver an SOA infrastructure that provides a common model to orchestrate, mediate, connect, map, and execute the underlying IT functions. Discover how WebSphere Process Server simplifies integration of business processes by leveraging existing IT assets as reusable services without the complexities of traditional integration methodologies.
    FREE! Go There Now!


    NEW! IBM Rational AppScan Standard Edition V7.7

    Secure your Web applications with IBM Rational AppScan Standard Edition V7.7, previously known as Watchfire AppScan. This Web application security testing tool automates vulnerability assessments and scans and tests for common Web application vulnerabilities. Visit IBM developerWorks to download a free trial of IBM Rational AppScan Standard Edition V7.7.
    FREE! Go There Now!


    NEW! IBM Rational ClearCase Innovator's Series

    Learn from the best! Find out how developers use Rational ClearCase to be more flexible, innovative and deliver higher quality code in the Rational ClearCase Power Users eKit. This complimentary eKit provides a collection of materials, like articles, whitepapers, and demos that can help you become a power user of Rational ClearCase.
    FREE! Go There Now!


    NEW! Info 2.0: Harnessing the power of Web 2.0 and Enterprise Mashups

    Listen to this webcast to get an overview of Info 2.0 and a technical demo of how to quickly build an enterprise mashup. IBM's Info 2.0 technology leverages emerging Web 2.0 technologies such as mashups, feeds, AJAX, and JSON in order to simplify assembly of information using feeds and services. Come learn about the technical elements of Info 2.0 including the Feed Generation framework, Mashup Engine, and mashup assembly components. Learn how to pull information from databases, departmental information, and the Web to create mashups critical to your company’s success. We will also discuss best practices to help you get started.
    FREE! Go There Now!


    NEW! Maintaining QoS and Process Integrity in an SOA Environment

    This webcast outlines the best practices that must be instituted to gain the maximum benefit from SOA while maintaining high quality of service. Whether you are deploying new applications or managing and monitoring your existing infrastructure, learn how you can ensure high quality of services with SOA based solutions from IBM. All registrants who attend this live Web Seminar will receive complimentary access to a white paper titled “Maintaining QoS in an SOA Environment”.
    FREE! Go There Now!


    NEW! Rational Talks to You: Scott Ambler on being agile in a global development environment

    Join this Rational Talks to You teleconference on December 6 at 1:00 pm ET to participate in an agile application development discussion and get your questions answered on using IBM Rational Method Composer in a distributed environment.Get your questions answered!
    FREE! Go There Now!


    NEW! Software Change and Configuration Management Solution Guidelines

    This whitepaper provides areas to consider when evaluating any software configuration management solution. It addresses how the IBM solutions (Rational ClearCase and Rational ClearQuest) meet the needs and requirements of both project leaders and developers to provide successful Software Change and Configuration Management.
    FREE! Go There Now!


    NEW! Try the IBM SOA Sandbox for Process

    Visit IBM developerWorks to try the IBM SOA Sandbox for process. The SOA Sandbox for process focuses on providing a trial environment with the necessary tooling and components required to gain a better understanding of business processes and how to best improve existing business processes to derive value quickly.
    FREE! Go There Now!


    Refresh! IBM Rational Systems Development Solution eKit

    With IBM Rational Systems Development Solution, you can deliver products faster with higher quality. Within this kit, Read the “Model Driven Systems Development” white paper to see how to improve product quality and communication. Then check out the rest of the e-Kit to learn more about important topics that can affect the success of any software project through customer examples, tutorials, informative Webcasts, and best practices for designing, building and managing systems. From start to finish, at every stage in your projects, Rational Systems Development Solution can help your company reach its full potential.
    FREE! Go There Now!



    All FREE IBM® developerWorks Tools!

    USER MANAGEMENT CODE ARTICLES

    - XCRYPT v1.0b
    - DB_eSession class stores sessions in a MySQL...
    - Ever Changing Dynamic Passcode Code
    - phpAutoMembersArea - create own members area
    - Azura Signup 2.5
    - Azura Signup 2.0
    - Azura Signup
    - Flexcustomer
    - PHP Quicksite 2.0
    - PHP Quicksite 1.0
    - random string generator (key generator)
    - Example Login system
    - Simple and Easy Security
    - Basic Security
    - UMA - User Management and Authentication





    © 2003-2009 by Developer Shed. All rights reserved. DS Cluster 2 Hosted by Hostway
    For more Enterprise Application Development news, visit eWeek