PHP 验证登陆类分享

/*

 *   例子

 *

 *  $Auth=new Auth();

 *  $Auth->login("123@123.com","123");

 *  $Auth->logout();

 *  echo $r->init();     

 *

**/

<?php

/*

 *

 * @ID:      验证登陆类

 *

 * @class:   Auth.class.php

 *

 * @auther:  欣儿

 *

 * @time:    2015/03/12

 *

 * @web:     http://my.oschina.net/xinger

 *

**/

class Auth {

    //外部设置

    //cookie设置

    var $cookie_time;//         7200

    var $cookie_where;//        '/'

    var $cookie_domain;//       'yourweb.com'

    var $cookie_secure;//       1和0

    //数据库设置     

    var $select_uid;//          'uid'

    var $select_table;//        'user'

    var $select_usersname;//    'email'

    var $select_password;//     'password'

    //盐

    var $salt;//                "12332"

    var $guest_name;//          'Guest'

    //用户获取值

    var $user_id;

    var $username;

    var $ok;

    var $pre;//                 'auth_'

    var $depr;//                '-'

    //内部变量

    private $pre_username;

    private $pre_password;

    public function __construct($config=array()){

        $this->set($config);

        $this->pre_username=sha1(md5($this->pre.'username'));

        $this->pre_password=sha1(md5($this->pre.'password'));

    }

    public function set($config){

        $this->cookie_time       = isset($config['cookie_time'])?$config['cookie_time']: 7200;

        $this->cookie_where      = isset($config['cookie_where'])?$config['cookie_where']:'/';

        $this->cookie_domain = isset($config['cookie_domain'])?$config['cookie_domain']:'';

        $this->cookie_secure = isset($config['cookie_secure'])?$config['cookie_secure']:'';

        $this->select_uid        = isset($config['select_uid'])?$config['select_uid']:'uid';

        $this->select_table      = isset($config['select_table'])?$config['select_table']:'table';

        $this->select_usersname  = isset($config['select_usersname'])?$config['select_usersname']:'user_name';

        $this->select_password   = isset($config['select_password'])?$config['select_password']:'password';

        $this->salt              = isset($config['salt'])?$config['salt']:'sghsdghsdg';//

        $this->guest_name        = isset($config['guest_name'])?$config['guest_name']:'Guest';//

        $this->pre               = isset($config['auth'])?$config['auth']:'auth_';

        $this->depr              = isset($config['depr'])?$config['depr']:'-';

    }

    //

    public function init(){ 

        $this->user_id       = 0;

        $this->username      = $this->guest_name;

        $this->ok            = false;

        if(!$this->check_session()){

            $this->check_cookie();

        }

        return $this->ok;

    }

    //验证SESSION

    private function check_session(){

        if(!empty($_SESSION[$this->pre_username])&&!empty($_SESSION[$this->pre_password])){

            return $this->check($_SESSION[$this->pre_username],$_SESSION[$this->pre_password]);

        } else {

            return false;

        }

    }

    //验证COOKIE

    private function check_cookie(){

        if(!empty($_COOKIE[$this->pre_username])&&!empty($_COOKIE[$this->pre_password])){

            return $this->check($_COOKIE[$this->pre_username],$_COOKIE[$this->pre_password]);

        } else {

            return false;

        }

    }

    //登陆

    public function login($username,$password){

        $sql    = "select ".$this->select_uid." from ".$this->select_table." where ".$this->select_usersname."='$username' and ".$this->select_password."='$password'";

        $result = mysql_query($sql);

        $rows   = mysql_num_rows($sql);

        if($rows==1){

            $this->user_id   = mysql_result($result,0,0);

            $this->username  = $username;

            $this->ok        = true;

            $username   = $username.$this->depr.$this->get_ip();

            $user_name  = $this->encrypt($username,'E',$this->salt);

            $_SESSION[$this->pre_username]=$user_name;

            $_SESSION[$this->pre_password]=md5(md5($password,$this->salt));

            setcookie($this->pre_username,$user_name,time()+$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);

            setcookie($this->pre_password,md5(md5($password,$this->salt)),time()+$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);

            return true;

        }

        return false;

    }

    //验证

    private function check($username,$password){

        $user_name  = $this->encrypt($username,'D',$this->salt);

        $name       = explode($this->depr, $user_name);

        $username   = $name[0];

        $ip         = isset($name[1]) ? $name[1] : NULL;

        if($ip !== $this->get_ip()) return false;

        static $vars = array();

        if(!empty($vars)&&is_array($vars)&&isset($vars[$username.$password])){

            $this->user_id   = $vars['user_id'];

            $this->username  = $vars['username'];

            $this->ok        = $vars['ok'];

            return true;

        }

        $sql    = "select ".$this->select_uid.",".$this->select_password." from ".$this->select_table." where ".$this->select_usersname."='$username'";

        $query  = mysql_query($sql);

        $result = mysql_fetch_array($query);

        $row    = mysql_num_rows($sql);

        if($row == 1){

            $db_password=$result[$this->select_password];

            if(md5(md5($db_password,$this->salt)) == $password){

                $this->user_id   = $vars['user_id']  = $result[$this->select_uid];

                $this->username  = $vars['username'] = $username;

                $this->ok        = $vars['ok']       = true;

                $vars[$username.$password]          = md5($username.$password);

                return true;

            }

        }

        return false;

    }

    //退出

    public function logout(){

        $this->user_id       = 0;

        $this->username      = $this->guest_name;

        $this->ok            = false;

        $_SESSION[$this->pre_username]="";

        $_SESSION[$this->pre_password]="";

        setcookie($this->pre_username,"",time()-$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);

        setcookie($this->pre_password,"",time()-$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);

    }   

    //加密 

    public function encrypt($string,$operation,$key='') {

        $key=md5($key);

        $key_length=strlen($key);

        $string=$operation=='D'?base64_decode($string):substr(md5($string.$key),0,8).$string;

        $string_length=strlen($string);

        $rndkey=$box=array();

        $result='';

        for($i=0;$i<=255;$i++)

        {

            $rndkey[$i]=ord($key[$i%$key_length]);

            $box[$i]=$i;

        }

        for($j=$i=0;$i<256;$i++)

        {

            $j=($j+$box[$i]+$rndkey[$i])%256;

            $tmp=$box[$i];

            $box[$i]=$box[$j];

            $box[$j]=$tmp;

        }

        for($a=$j=$i=0;$i<$string_length;$i++)

        {

            $a=($a+1)%256;

            $j=($j+$box[$a])%256;

            $tmp=$box[$a];

            $box[$a]=$box[$j];

            $box[$j]=$tmp;

            $result.=chr(ord($string[$i])^($box[($box[$a]+$box[$j])%256]));

        }

        if($operation=='D')

        {

            if(substr($result,0,8)==substr(md5(substr($result,8).$key),0,8))

            {

                return substr($result,8);

            }

            else

            {

                return'';

            }

        }

        else

        {

            return str_replace('=','',base64_encode($result));

        }

    }

    public function get_ip() {

        return $_SERVER['REMOTE_ADDR'];

    }

}

?>