PHP 验证登陆类

简单的登录类，没有把登录和数据库查询分开 PHP /* * 例子 * *$Auth=new Auth(); *$Auth-login("123@123.com","123"); *$Auth-logout(); *echo $r-init(); ***/ ?php/* * * @ID: 验证登陆类 * * @class: Auth.class.php * * @auther: 欣儿 * * @time: 2015/03

简单的登录类，没有把登录和数据库查询分开 PHP

/*
 *   例子
 *
 *	$Auth=new Auth();
 *	$Auth->login("123@123.com","123");
 *	$Auth->logout();
 *	echo $r->init();		
 *
**/

<?php


/*
 *
 * @ID:      验证登陆类
 *
 * @class:   Auth.class.php
 *
 * @auther:  欣儿
 *
 * @time:    2015/03/12
 *
 * @web:     http://my.oschina.net/xinger
 *
**/


class Auth {
	//外部设置
	//cookie设置
	var $cookie_time;//  		7200
	var $cookie_where;//  		'/'
	var $cookie_domain;// 		'yourweb.com'
	var $cookie_secure;// 		1和0
	//数据库设置		
	var $select_uid;// 			'uid'
	var $select_table;//		'user'
	var $select_usersname;//	'email'
	var $select_password;//		'password'
	//盐
	var $salt;//				"12332"
	var $guest_name;//			'Guest'
	//用户获取值
	var $user_id;
	var $username;
	var $ok;
	var $pre;//					'auth_'
	var $depr;//				'-'
	
	//内部变量
	private $pre_username;
	private $pre_password;
	
	public function __construct($config=array()){
		$this->set($config);

		$this->pre_username=sha1(md5($this->pre.'username'));
		$this->pre_password=sha1(md5($this->pre.'password'));
	}
	
	public function set($config){
		$this->cookie_time		= isset($config['cookie_time'])?$config['cookie_time']: 7200;
		$this->cookie_where		= isset($config['cookie_where'])?$config['cookie_where']:'/';
		$this->cookie_domain	= isset($config['cookie_domain'])?$config['cookie_domain']:'';
		$this->cookie_secure	= isset($config['cookie_secure'])?$config['cookie_secure']:'';
		
		$this->select_uid		= isset($config['select_uid'])?$config['select_uid']:'uid';
		$this->select_table		= isset($config['select_table'])?$config['select_table']:'table';
		$this->select_usersname	= isset($config['select_usersname'])?$config['select_usersname']:'user_name';
		$this->select_password	= isset($config['select_password'])?$config['select_password']:'password';
		
	    $this->salt				= isset($config['salt'])?$config['salt']:'sghsdghsdg';//
	    $this->guest_name		= isset($config['guest_name'])?$config['guest_name']:'Guest';//
		
		$this->pre				= isset($config['auth'])?$config['auth']:'auth_';
		$this->depr				= isset($config['depr'])?$config['depr']:'-';
	}
	//
	public function init(){	
		$this->user_id		= 0;
		$this->username		= $this->guest_name;
		$this->ok			= false;
		
		if(!$this->check_session()){
			$this->check_cookie();
		}

		return $this->ok;
	}
	//验证SESSION
	private function check_session(){
		if(!empty($_SESSION[$this->pre_username])&&!empty($_SESSION[$this->pre_password])){
			return $this->check($_SESSION[$this->pre_username],$_SESSION[$this->pre_password]);
		} else {
			return false;
		}
	}
	//验证COOKIE
	private function check_cookie(){
		if(!empty($_COOKIE[$this->pre_username])&&!empty($_COOKIE[$this->pre_password])){
			return $this->check($_COOKIE[$this->pre_username],$_COOKIE[$this->pre_password]);
		} else {
			return false;
		}
	}
	//登陆
	public function login($username,$password){
		$sql	= "select ".$this->select_uid." from ".$this->select_table." where ".$this->select_usersname."='$username' and ".$this->select_password."='$password'";
		$result = mysql_query($sql);
		$rows	= mysql_num_rows($result);
		
		if($rows==1){
			$this->user_id	= mysql_result($result,0,0);
			$this->username	= $username;
			$this->ok		= true;
			
			$username 	= $username.$this->depr.$this->get_ip();
			$user_name 	= $this->encrypt($username,'E',$this->salt);
				
			$_SESSION[$this->pre_username]=$user_name;
			$_SESSION[$this->pre_password]=md5(md5($password,$this->salt));
			setcookie($this->pre_username,$user_name,time()+$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);
			setcookie($this->pre_password,md5(md5($password,$this->salt)),time()+$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);
			
			return true;
		}
		return false;
	}
	//验证
	private function check($username,$password){
		$user_name 	= $this->encrypt($username,'D',$this->salt);
		$name 		= explode($this->depr, $user_name);
		$username 	= $name[0];
		$ip			= isset($name[1]) ? $name[1] : NULL;
		if($ip !== $this->get_ip()) return false;
		
		static $vars = array();
		if(!empty($vars)&&is_array($vars)&&isset($vars[$username.$password])){
			$this->user_id	= $vars['user_id'];
			$this->username	= $vars['username'];
			$this->ok		= $vars['ok'];
			return true;
		}
		
		$sql	= "select ".$this->select_uid.",".$this->select_password." from ".$this->select_table." where ".$this->select_usersname."='$username'";
		$query	= mysql_query($sql);
		$result	= mysql_fetch_array($query);
		$row	= mysql_num_rows($query);
			
		if($row == 1){
			$db_password=$result[$this->select_password];
			if(md5(md5($db_password,$this->salt)) == $password){
				$this->user_id	= $vars['user_id']  = $result[$this->select_uid];
				$this->username	= $vars['username'] = $username;
				$this->ok		= $vars['ok'] 		= true;
				$vars[$username.$password] 			= md5($username.$password);
				return true;
			}
		}
		return false;
	}
	//退出
	public function logout(){
		$this->user_id		= 0;
		$this->username		= $this->guest_name;
		$this->ok			= false;
			
		$_SESSION[$this->pre_username]="";
		$_SESSION[$this->pre_password]="";
		setcookie($this->pre_username,"",time()-$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);
		setcookie($this->pre_password,"",time()-$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);
	}	
	
    //加密 
	public function encrypt($string,$operation,$key='') {
        $key=md5($key);
        $key_length=strlen($key);
        $string=$operation=='D'?base64_decode($string):substr(md5($string.$key),0,8).$string;
        $string_length=strlen($string);
        $rndkey=$box=array();
        $result='';
        for($i=0;$i<=255;$i++)
        {
            $rndkey[$i]=ord($key[$i%$key_length]);
            $box[$i]=$i;
        }
        for($j=$i=0;$i<256;$i++)
        {
            $j=($j+$box[$i]+$rndkey[$i])%256;
            $tmp=$box[$i];
            $box[$i]=$box[$j];
            $box[$j]=$tmp;
        }
        for($a=$j=$i=0;$i<$string_length;$i++)
        {
            $a=($a+1)%256;
            $j=($j+$box[$a])%256;
            $tmp=$box[$a];
            $box[$a]=$box[$j];
            $box[$j]=$tmp;
            $result.=chr(ord($string[$i])^($box[($box[$a]+$box[$j])%256]));
        }
        if($operation=='D')
        {
            if(substr($result,0,8)==substr(md5(substr($result,8).$key),0,8))
            {
                return substr($result,8);
            }
            else
            {
                return'';
            }
        }
        else
        {
            return str_replace('=','',base64_encode($result));
        }
    }
	
	public function get_ip() {
		return $_SERVER['REMOTE_ADDR'];
	}
}
?>