分享
 
 
 

一个用于网站用户管理的函数库

王朝html/css/js·作者佚名  2008-05-21
窄屏简体版  字體: |||超大  

<?php$hidden_hash_var='your_password_here';$LOGGED_IN=false;//clear it out in case someone sets it in the URL or somethingunset($LOGGED_IN);/*create table user (user_id int not null auto_increment primary key,user_name text,real_name text,email text,password text,remote_addr text,confirm_hash text,is_confirmed int not null default 0);*/function user_isloggedin() {global $user_name,$id_hash,$hidden_hash_var,$LOGGED_IN;//have we already run the hash checks?//If so, return the pre-set varif (isset($LOGGED_IN)) {return $LOGGED_IN;}if ($user_name && $id_hash) {$hash=md5($user_name.$hidden_hash_var);if ($hash == $id_hash) {$LOGGED_IN=true;return true;} else {$LOGGED_IN=false;return false;}} else {$LOGGED_IN=false;return false;}}function user_login($user_name,$password) {global $feedback;if (!$user_name || !$password) {$feedback .= ' ERROR - Missing user name or password ';return false;} else {$user_name=strtolower($user_name);$password=strtolower($password);$sql="SELECT * FROM user WHERE user_name='$user_name' AND password='". md5($password) ."'";$result=db_query($sql);if (!$result || db_numrows($result) < 1){$feedback .= ' ERROR - User not found or password incorrect ';return false;} else {if (db_result($result,0,'is_confirmed') == '1') {user_set_tokens($user_name);$feedback .= ' SUCCESS - You Are Now Logged In ';return true;} else {$feedback .= ' ERROR - You haven't Confirmed Your Account Yet ';return false;}}}}function user_logout() {setcookie('user_name','',(time()+2592000),'/','',0);setcookie('id_hash','',(time()+2592000),'/','',0);}function user_set_tokens($user_name_in) {global $hidden_hash_var,$user_name,$id_hash;if (!$user_name_in) {$feedback .= ' ERROR - User Name Missing When Setting Tokens ';return false;}$user_name=strtolower($user_name_in);$id_hash= md5($user_name.$hidden_hash_var);setcookie('user_name',$user_name,(time()+2592000),'/','',0);setcookie('id_hash',$id_hash,(time()+2592000),'/','',0);}function user_confirm($hash,$email) {/*Call this function on the user confirmation page,which they arrive at when the click the link in theaccount confirmation email*/global $feedback,$hidden_hash_var;//verify that they didn't tamper with the email address$new_hash=md5($email.$hidden_hash_var);if ($new_hash && ($new_hash==$hash)) {//find this record in the db$sql="SELECT * FROM user WHERE confirm_hash='$hash'";$result=db_query($sql);if (!$result || db_numrows($result) < 1) {$feedback .= ' ERROR - Hash Not Found ';return false;} else {//confirm the email and set account to active$feedback .= ' User Account Updated - You Are Now Logged In ';user_set_tokens(db_result($result,0,'user_name'));$sql="UPDATE user SET email='$email',is_confirmed='1' WHERE confirm_hash='$hash'";$result=db_query($sql);return true;}} else {$feedback .= ' HASH INVALID - UPDATE FAILED ';return false;}}function user_change_password ($new_password1,$new_password2,$change_user_name,$old_password) {global $feedback;//new passwords present and match?if ($new_password1 && ($new_password1==$new_password2)) {//is this password long enough?if (account_pwvalid($new_password1)) {//all vars are present?if ($change_user_name && $old_password) {//lower case everything$change_user_name=strtolower($change_user_name);$old_password=strtolower($old_password);$new_password1=strtolower($new_password1);$sql="SELECT * FROM user WHERE user_name='$change_user_name' AND password='". md5($old_password) ."'";$result=db_query($sql);if (!$result || db_numrows($result) < 1) {$feedback .= ' User not found or bad password '.db_error();return false;} else {$sql="UPDATE user SET password='". md5($new_password1). "' "."WHERE user_name='$change_user_name' AND password='". md5($old_password). "'";$result=db_query($sql);if (!$result || db_affected_rows($result) < 1) {$feedback .= ' NOTHING Changed '.db_error();return false;} else {$feedback .= ' Password Changed ';return true;}}} else {$feedback .= ' Must Provide User Name And Old Password ';return false;}} else {$feedback .= ' New Passwords Doesn't Meet Criteria ';return false;}} else {return false;$feedback .= ' New Passwords Must Match ';}}function user_lost_password ($email,$user_name) {global $feedback,$hidden_hash_var;if ($email && $user_name) {$user_name=strtolower($user_name);$sql="SELECT * FROM user WHERE user_name='$user_name' AND email='$email'";$result=db_query($sql);if (!$result || db_numrows($result) < 1) {//no matching user found$feedback .= ' ERROR - Incorrect User Name Or Email Address ';return false;} else {//create a secure, new password$new_pass=strtolower(substr(md5(time().$user_name.$hidden_hash_var),1,14));//update the database to include the new password$sql="UPDATE user SET password='". md5($new_pass) ."' WHERE user_name='$user_name'";$result=db_query($sql);//send a simple email with the new passwordmail ($email,'Password Reset','Your Password '.'has been reset to: '.$new_pass,'From: noreply@company.com');$feedback .= ' Your new password has been emailed to you. ';return true;}} else {$feedback .= ' ERROR - User Name and Email Address Are Required ';return false;}}function user_change_email ($password1,$new_email,$user_name) {global $feedback,$hidden_hash_var;if (validate_email($new_email)) {$hash=md5($new_email.$hidden_hash_var);//change the confirm hash in the db but not the email -//send out a new confirm email with a new hash$user_name=strtolower($user_name);$password1=strtolower($password1);$sql="UPDATE user SET confirm_hash='$hash' WHERE user_name='$user_name' AND password='". md5($password1) ."'";$result=db_query($sql);if (!$result || db_affected_rows($result) < 1) {$feedback .= ' ERROR - Incorrect User Name Or Password ';return false;} else {$feedback .= ' Confirmation Sent ';user_send_confirm_email($new_email,$hash);return true;}} else {$feedback .= ' New Email Address Appears Invalid ';return false;}}function user_send_confirm_email($email,$hash) {/*Used in the initial registration functionas well as the change email address function*/$message = "Thank You For Registering at PHPBuilder.com"."

Simply follow this link to confirm your registration: "."

http://www.phpbuilder.com/account/confirm.php?hash=$hash&email=". urlencode($email)."

Once you confirm, you can use the services on PHPBuilder.";mail ($email,'PHPBuilder Registration Confirmation',$message,'From: noreply@phpbuilder.com');}function user_register($user_name,$password1,$password2,$email,$real_name) {global $feedback,$hidden_hash_var;//all vars present and passwords match?if ($user_name && $password1 && $password1==$password2 && $email && validate_email($email)) {//password and name are valid?if (account_namevalid($user_name) && account_pwvalid($password1)) {$user_name=strtolower($user_name);$password1=strtolower($password1);//does the name exist in the database?$sql="SELECT * FROM user WHERE user_name='$user_name'";$result=db_query($sql);if ($result && db_numrows($result) > 0) {$feedback .= ' ERROR - USER NAME EXISTS ';return false;} else {//create a new hash to insert into the db and the confirmation email$hash=md5($email.$hidden_hash_var);$sql="INSERT INTO user (user_name,real_name,password,email,remote_addr,confirm_hash,is_confirmed) "."VALUES ('$user_name','$real_name','". md5($password1) ."','$email','$GLOBALS[REMOTE_ADDR]','$hash','0')";$result=db_query($sql);if (!$result) {$feedback .= ' ERROR - '.db_error();return false;} else {//send the confirm emailuser_send_confirm_email($email,$hash);$feedback .= ' Successfully Registered. You Should Have a Confirmation Email Waiting ';return true;}}} else {$feedback .= ' Account Name or Password Invalid ';return false;}} else {$feedback .= ' ERROR - Must Fill In User Name, Matching Passwords, And Provide Valid Email Address ';return false;}}function user_getid() {global $G_USER_RESULT;//see if we have already fetched this user from the db, if not, fetch itif (!$G_USER_RESULT) {$G_USER_RESULT=db_query("SELECT * FROM user WHERE user_name='" . user_getname() . "'");}if ($G_USER_RESULT && db_numrows($G_USER_RESULT) > 0) {return db_result($G_USER_RESULT,0,'user_id');} else {return false;}}function user_getrealname() {global $G_USER_RESULT;//see if we have already fetched this user from the db, if not, fetch itif (!$G_USER_RESULT) {$G_USER_RESULT=db_query("SELECT * FROM user WHERE user_name='" . user_getname() . "'");}if ($G_USER_RESULT && db_numrows($G_USER_RESULT) > 0) {return db_result($G_USER_RESULT,0,'real_name');} else {return false;}}function user_getemail() {global $G_USER_RESULT;//see if we have already fetched this user from the db, if not, fetch itif (!$G_USER_RESULT) {$G_USER_RESULT=db_query("SELECT * FROM user WHERE user_name='" . user_getname() . "'");}if ($G_USER_RESULT && db_numrows($G_USER_RESULT) > 0) {return db_result($G_USER_RESULT,0,'email');} else {return false;}}function user_getname() {if (user_isloggedin()) {return $GLOBALS['user_name'];} else {//look up the user some day when we need itreturn ' ERROR - Not Logged In ';}}function account_pwvalid($pw) {global $feedback;if (strlen($pw) < 6) {$feedback .= " Password must be at least 6 characters. ";return false;}return true;}function account_namevalid($name) {global $feedback;// no spacesif (strrpos($name,' ') > 0) {$feedback .= " There cannot be any spaces in the login name. ";return false;}// must have at least one characterif (strspn($name,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") == 0) {$feedback .= "There must be at least one character.";return false;}// must contain all legal charactersif (strspn($name,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_")!= strlen($name)) {$feedback .= " Illegal character in name. ";return false;}// min and max lengthif (strlen($name) < 5) {$feedback .= " Name is too short. It must be at least 5 characters. ";return false;}if (strlen($name) > 15) {$feedback .= "Name is too long. It must be less than 15 characters.";return false;}// illegal namesif (eregi("^((root)|(bin)|(daemon)|(adm)|(lp)|(sync)|(shutdown)|(halt)|(mail)|(news)". "|(uucp)|(operator)|(games)|(mysql)|(httpd)|(nobody)|(dummy)". "|(www)|(cvs)|(shell)|(ftp)|(irc)|(debian)|(ns)|(download))$",$name)) {$feedback .= "Name is reserved.";return 0;}if (eregi("^(anoncvs_)",$name)) {$feedback .= "Name is reserved for CVS.";return false;}return true;}function validate_email ($address) {return (ereg('^-!}?>

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有