|
|
域名空间 下载中心 社区论坛 信息公告 MY小屋 | |
 |
联系我们 设为首页 加入收藏 |
 |
|
 |
首页 | 新闻资讯 | 编程开发 | 网页设计 | 图形图象 | 网络媒体 | 网站模板 | 数 据 库 | 投稿 论坛 | 操作系统 | 系统优化 | 网络安全 | 黑客技术 | 硬件学堂 | 硬件报价 | 服 务 器 | 地图 专题 | 应用软件 | 聊天通讯 | Q Q 专栏 | 建站经验 | 在线工具 | 站长Club | 注 册 表 | 旧版 社会 | 游戏娱乐 | 设计欣赏 | 疑难解答 | 社区论坛 | 韩国素材 | 素材图库 | 广告服务 | 服务 |
 |
 |
 |
 当前位置:首页>>编程开发>>PHP专区>>正文 |
新版上线![旧版] |  |
|||
注:打开慢时请稍等
一个用于网站用户管理的函数库http://www.iyit.net 日期:2006-5-25 10:36:15 来源:本站整理转载 点击: |
$hidden_hash_var='your_password_here'; $LOGGED_IN=false; //clear it out in case someone sets it in the URL or something unset($LOGGED_IN); /* create table user ( user_id int not null auto_increment primary key, user_name text, real_name text, email text, password text, remote_addr text, confirm_hash text, is_confirmed int not null default 0 ); */ function user_isloggedin() { global $user_name,$id_hash,$hidden_hash_var,$LOGGED_IN; //have we already run the hash checks? //If so, return the pre-set var if (isset($LOGGED_IN)) { return $LOGGED_IN; } if ($user_name && $id_hash) { $hash=md5($user_name.$hidden_hash_var); if ($hash == $id_hash) { $LOGGED_IN=true; return true; } else { $LOGGED_IN=false; return false; } } else { $LOGGED_IN=false; return false; } } function user_login($user_name,$password) { global $feedback; if (!$user_name || !$password) { $feedback .= ' ERROR - Missing user name or password '; return false; } else { $user_name=strtolower($user_name); $password=strtolower($password); $sql="SELECT * FROM user WHERE user_name='$user_name' AND password='". md5($password) ."'"; $result=db_query($sql); if (!$result || db_numrows($result) < 1){ $feedback .= ' ERROR - User not found or password incorrect '; return false; } else { if (db_result($result,0,'is_confirmed') == '1') { user_set_tokens($user_name); $feedback .= ' SUCCESS - You Are Now Logged In '; return true; } else { $feedback .= ' ERROR - You haven\'t Confirmed Your Account Yet '; return false; } } } } function user_logout() { setcookie('user_name','',(time()+2592000),'/','',0); setcookie('id_hash','',(time()+2592000),'/','',0); } function user_set_tokens($user_name_in) { global $hidden_hash_var,$user_name,$id_hash; if (!$user_name_in) { $feedback .= ' ERROR - User Name Missing When Setting Tokens '; return false; } $user_name=strtolower($user_name_in); $id_hash= md5($user_name.$hidden_hash_var); setcookie('user_name',$user_name,(time()+2592000),'/','',0); setcookie('id_hash',$id_hash,(time()+2592000),'/','',0); } function user_confirm($hash,$email) { /* Call this function on the user confirmation page, which they arrive at when the click the link in the account confirmation email */ global $feedback,$hidden_hash_var; //verify that they didn't tamper with the email address $new_hash=md5($email.$hidden_hash_var); if ($new_hash && ($new_hash==$hash)) { //find this record in the db $sql="SELECT * FROM user WHERE confirm_hash='$hash'"; $result=db_query($sql); if (!$result || db_numrows($result) < 1) { $feedback .= ' ERROR - Hash Not Found '; return false; } else { //confirm the email and set account to active $feedback .= ' User Account Updated - You Are Now Logged In '; user_set_tokens(db_result($result,0,'user_name')); $sql="UPDATE user SET email='$email',is_confirmed='1' WHERE confirm_hash='$hash'"; $result=db_query($sql); return true; } } else { $feedback .= ' HASH INVALID - UPDATE FAILED '; return false; } } function user_change_password ($new_password1,$new_password2,$change_user_name,$old_password) { global $feedback; //new passwords present and match? if ($new_password1 && ($new_password1==$new_password2)) { //is this password long enough? if (account_pwvalid($new_password1)) { //all vars are present? if ($change_user_name && $old_password) { //lower case everything $change_user_name=strtolower($change_user_name); $old_password=strtolower($old_password); $new_password1=strtolower($new_password1); $sql="SELECT * FROM user WHERE user_name='$change_user_name' AND password='". md5($old_password) ."'"; $result=db_query($sql); if (!$result || db_numrows($result) < 1) { $feedback .= ' User not found or bad password '.db_error(); return false; } else { $sql="UPDATE user SET password='". md5($new_password1). "' ". "WHERE user_name='$change_user_name' AND password='". md5($old_password). "'"; $result=db_query($sql); if (!$result || db_affected_rows($result) < 1) { $feedback .= ' NOTHING Changed '.db_error(); return false; } else { $feedback .= ' Password Changed '; return true; } } } else { $feedback .= ' Must Provide User Name And Old Password '; return false; } } else { $feedback .= ' New Passwords Doesn\'t Meet Criteria '; return false; } } else { return false; $feedback .= ' New Passwords Must Match '; } } function user_lost_password ($email,$user_name) { global $feedback,$hidden_hash_var; if ($email && $user_name) { $user_name=strtolower($user_name); $sql="SELECT * FROM user WHERE user_name='$user_name' AND email='$email'"; $result=db_query($sql); if (!$result || db_numrows($result) < 1) { //no matching user found $feedback .= ' ERROR - Incorrect User Name Or Email Address '; return false; } else { //create a secure, new password $new_pass=strtolower(substr(md5(time().$user_name.$hidden_hash_var),1,14)); //update the database to include the new password $sql="UPDATE user SET password='". md5($new_pass) ."' WHERE user_name='$user_name'"; $result=db_query($sql); //send a simple email with the new password mail ($email,'Password Reset','Your Password '. 'has been reset to: '.$new_pass,'From: noreply@company.com'); $feedback .= ' Your new password has been emailed to you. '; return true; } } else { $feedback .= ' ERROR - User Name and Email Address Are Required '; return false; } } function user_change_email ($password1,$new_email,$user_name) { global $feedback,$hidden_hash_var; if (validate_email($new_email)) { $hash=md5($new_email.$hidden_hash_var); //change the confirm hash in the db but not the email - //send out a new confirm email with a new hash $user_name=strtolower($user_name); $password1=strtolower($password1); $sql="UPDATE user SET confirm_hash='$hash' WHERE user_name='$user_name' AND password='". md5($password1) ."'"; $result=db_query($sql); if (!$result || db_affected_rows($result) < 1) { $feedback .= ' ERROR - Incorrect User Name Or Password '; return false; } else { $feedback .= ' Confirmation Sent '; user_send_confirm_email($new_email,$hash); return true; } } else { $feedback .= ' New Email Address Appears Invalid '; return false; } } function user_send_confirm_email($email,$hash) { /* Used in the initial registration function as well as the change email address function */ $message = "Thank You For Registering at PHPBuilder.com". "\nSimply follow this link to confirm your registration: ". "\n\nhttp://www.phpbuilder.com/account/confirm.php?hash=$hash&email=". urlencode($email). "\n\nOnce you confirm, you can use the services on PHPBuilder."; mail ($email,'PHPBuilder Registration Confirmation',$message,'From: noreply@phpbuilder.com'); } function user_register($user_name,$password1,$password2,$email,$real_name) { global $feedback,$hidden_hash_var; //all vars present and passwords match? if ($user_name && $password1 && $password1==$password2 && $email && validate_email($email)) { //password and name are valid? if (account_namevalid($user_name) && account_pwvalid($password1)) { $user_name=strtolower($user_name); $password1=strtolower($password1); //does the name exist in the database? $sql="SELECT * FROM user WHERE user_name='$user_name'"; $result=db_query($sql); if ($result && db_numrows($result) > 0) { $feedback .= ' ERROR - USER NAME EXISTS '; return false; } else { //create a new hash to insert into the db and the confirmation email $hash=md5($email.$hidden_hash_var); $sql="INSERT INTO user (user_name,real_name,password,email,remote_addr,confirm_hash,is_confirmed) ". "VALUES ('$user_name','$real_name','". md5($password1) ."','$email','$GLOBALS[REMOTE_ADDR]','$hash','0')"; $result=db_query($sql); if (!$result) { $feedback .= ' ERROR - '.db_error(); return false; } else { //send the confirm email user_send_confirm_email($email,$hash); $feedback .= ' Successfully Registered. You Should Have a Confirmation Email Waiting '; return true; } } } else { $feedback .= ' Account Name or Password Invalid '; return false; } } else { $feedback .= ' ERROR - Must Fill In User Name, Matching Passwords, And Provide Valid Email Address '; return false; } } function user_getid() { global $G_USER_RESULT; //see if we have already fetched this user from the db, if not, fetch it if (!$G_USER_RESULT) { $G_USER_RESULT=db_query("SELECT * FROM user WHERE user_name='" . user_getname() . "'"); } if ($G_USER_RESULT && db_numrows($G_USER_RESULT) > 0) { return db_result($G_USER_RESULT,0,'user_id'); } else { return false; } } function user_getrealname() { global $G_USER_RESULT; //see if we have already fetched this user from the db, if not, fetch it if (!$G_USER_RESULT) { $G_USER_RESULT=db_query("SELECT * FROM user WHERE user_name='" . user_getname() . "'"); } if ($G_USER_RESULT && db_numrows($G_USER_RESULT) > 0) { return db_result($G_USER_RESULT,0,'real_name'); } else { return false; } } function user_getemail() { global $G_USER_RESULT; //see if we have already fetched this user from the db, if not, fetch it if (!$G_USER_RESULT) { $G_USER_RESULT=db_query("SELECT * FROM user WHERE user_name='" . user_getname() . "'"); } if ($G_USER_RESULT && db_numrows($G_USER_RESULT) > 0) { return db_result($G_USER_RESULT,0,'email'); } else { return false; } } function user_getname() { if (user_isloggedin()) { return $GLOBALS['user_name']; } else { //look up the user some day when we need it return ' ERROR - Not Logged In '; } } function account_pwvalid($pw) { global $feedback; if (strlen($pw) < 6) { $feedback .= " Password must be at least 6 characters. "; return false; } return true; } function account_namevalid($name) { global $feedback; // no spaces if (strrpos($name,' ') > 0) { $feedback .= " There cannot be any spaces in the login name. "; return false; } // must have at least one character if (strspn($name,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") == 0) { $feedback .= "There must be at least one character."; return false; } // must contain all legal characters if (strspn($name,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_") != strlen($name)) { $feedback .= " Illegal character in name. "; return false; } // min and max length if (strlen($name) < 5) { $feedback .= " Name is too short. It must be at least 5 characters. "; return false; } if (strlen($name) > 15) { $feedback .= "Name is too long. It must be less than 15 characters."; return false; } // illegal names if (eregi("^((root)|(bin)|(daemon)|(adm)|(lp)|(sync)|(shutdown)|(halt)|(mail)|(news)" . "|(uucp)|(operator)|(games)|(mysql)|(httpd)|(nobody)|(dummy)" . "|(www)|(cvs)|(shell)|(ftp)|(irc)|(debian)|(ns)|(download))$",$name)) { $feedback .= "Name is reserved."; return 0; } if (eregi("^(anoncvs_)",$name)) { $feedback .= "Name is reserved for CVS."; return false; } return true; } function validate_email ($address) { return (ereg('^-!} ?> 编辑:黑鹰 [发送给好友] [打印本页] [关闭窗口] [返回顶部] 上一篇:基类 调试类 错误类 下一篇:封装常用Javascript以便PHP快速调用 转载请注明来源:www.iyit.net 特别声明: 本站除部分特别声明禁止转载的专稿外的其他文章可以自由转载,但请务必注明出处和原始作者。文章版权归文章原始作者所有。对于被本站转载文章的个人和网站,我们表示深深的谢意。如果本站转载的文章有版权问题请联系编辑人员,我们尽快予以更正。 |
| 相关文章 | ||||
| 友情链接 | ||||||
 |
设置首 页 - 版权声明 - 广告服务 - 关于我们 - 联系我们 - 友情连接 |  |
| |||||||
易特网络技术