Adds admins array for multiple admin accounts
This commit is contained in:
Thomas Leister
parent
94799bff66
commit
3335c6edce
2 changed files with 34 additions and 32 deletions
|
|
@ -1,58 +1,60 @@
|
|||
<?php
|
||||
class USER {
|
||||
|
||||
/*
|
||||
|
||||
/*
|
||||
* Class attributes
|
||||
*/
|
||||
|
||||
|
||||
private $uid;
|
||||
private $email;
|
||||
private $role;
|
||||
private $loggedin = false;
|
||||
|
||||
|
||||
/*
|
||||
* Constructor
|
||||
*
|
||||
*
|
||||
* Fills the user object up with anonymous data
|
||||
*/
|
||||
|
||||
|
||||
function __construct(){
|
||||
global $admins;
|
||||
|
||||
// Start session
|
||||
session_start();
|
||||
session_regenerate_id();
|
||||
|
||||
if(isset($_SESSION['email']) && $_SESSION['email'] === ADMIN_EMAIL){
|
||||
|
||||
if(isset($_SESSION['email']) && in_array($_SESSION['email'], $admins)){
|
||||
$this->role = "admin";
|
||||
}
|
||||
else{
|
||||
$this->role = "user";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if(isset($_SESSION['uid']) && $_SESSION['uid'] != ""){
|
||||
// revive session ...
|
||||
$this->uid = $_SESSION['uid'];
|
||||
$this->loggedin = true;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Getter functions
|
||||
*/
|
||||
|
||||
|
||||
function getUID(){
|
||||
return $this->uid;
|
||||
}
|
||||
|
||||
|
||||
function getRole(){
|
||||
return $this->role;
|
||||
}
|
||||
|
||||
|
||||
function isLoggedIn(){
|
||||
return $this->loggedin;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* Login function. Checks login data and writes information to SESSION
|
||||
*
|
||||
|
|
@ -60,7 +62,7 @@ class USER {
|
|||
* true: Login was successful
|
||||
* false: Login was not successful
|
||||
*/
|
||||
|
||||
|
||||
function login($email, $password){
|
||||
global $db;
|
||||
// Prepare e-mail address
|
||||
|
|
@ -70,27 +72,27 @@ class USER {
|
|||
$email_part = explode("@", $email);
|
||||
$username = $email_part[0];
|
||||
$domain = $email_part[1];
|
||||
|
||||
|
||||
|
||||
|
||||
// Check e-mail address
|
||||
$sql = "SELECT `".DBC_USERS_ID."`, `".DBC_USERS_PASSWORD."` FROM `".DBT_USERS."` WHERE `".DBC_USERS_USERNAME."` = '$username' AND `".DBC_USERS_DOMAIN."` = '$domain' LIMIT 1;";
|
||||
|
||||
|
||||
if(!$result = $db->query($sql)){
|
||||
die('There was an error running the query [' . $db->error . ']');
|
||||
}
|
||||
|
||||
|
||||
if($result->num_rows === 1){
|
||||
$userdata = $result->fetch_array(MYSQLI_ASSOC);
|
||||
$uid = $userdata[DBC_USERS_ID];
|
||||
$password_hash = $userdata[DBC_USERS_PASSWORD];
|
||||
|
||||
|
||||
// Check password
|
||||
if (crypt($password, $password_hash) === $password_hash) {
|
||||
// Password is valid, start a logged-in user session
|
||||
$this->loggedin = true;
|
||||
$_SESSION['uid'] = $uid;
|
||||
$_SESSION['email'] = $email;
|
||||
|
||||
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
|
|
@ -103,15 +105,15 @@ class USER {
|
|||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
/*
|
||||
* Changes user password.
|
||||
* Changes user password.
|
||||
* Returns:
|
||||
* true: Change success
|
||||
* false: Error
|
||||
*/
|
||||
|
||||
|
||||
function change_password($newpass, $newpass_rep){
|
||||
$pass_ok = check_new_pass($newpass, $newpass_rep);
|
||||
if($pass_ok === true){
|
||||
|
|
@ -124,4 +126,4 @@ class USER {
|
|||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
</div> <!-- Closing content -->
|
||||
|
||||
|
||||
<div id="footer">
|
||||
Software by Thomas Leister, 2014<br/> WebMUM on GitHub: <a href="https://github.com/ThomasLeister/webmum/">https://github.com/ThomasLeister/webmum/</a> | License: GNU-GPL 3.0
|
||||
Software by Thomas Leister, 2015<br/> WebMUM on GitHub: <a href="https://github.com/ThomasLeister/webmum/">https://github.com/ThomasLeister/webmum/</a> | License: GNU-GPL 3.0
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
</html>
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue