PHP 用户登录实例
create database PHPDemo01
use PHPDemo01
create table worx_user(
user_id integer unsigned not null auto_increment,
username varchar(20) not null,
password char(40) not null,
email_addr varchar(100),
is_acvtive tinyint(1) default 0,
primary key(user_id)
)
engine=myisam default character set latin1
collate latin1_general_cs auto_increment=0;
create table worx_pending(
user_id integer unsigned not null,
token char(10) not null,
create_date timestamp default current_timestamp,
foreign key(user_id) references worx_user(user_id)
)
engine=myisam default character set latin1
collate latin1_general_cs;
?
$value)
{
$key = ($top)?$key : stripslashes($key);
$clean_data[$key] = (is_array($value))? stripslashes_rcurs($value,false) : stripslashes($value);
}
return $clean_data;
}
$_GET = _stripslashes_rcurs($_GET);
$_POST = _stripslashes_rcurs($_POST);
}
?>
?
?
?
uid = null;
$this->fields = array('username' => '', 'password' => '', 'emailAddr' => '',
'isActive' => false);
}
public function _get($field)
{
if ($field == 'userId') {
return $this->uid;
} else {
return $this->fields[$field];
}
}
public function _set($field, $value)
{
if (array_key_exists($field, $this->fields)) {
$this->fields[$field] = $value;
}
}
public static function validateUserName($username)
{
return preg_match('/^[A-Z0-9]{2,20}$/i', $username);
}
public static function validateEmailAddr($email)
{
return filter_var($email, FILTER_VALIDATE_EMAIL);
}
public static function getById($user_id)
{
$user = new User();
$query = sprintf('select username,password,email_addr,is_active' .
'from %sUser where User_ID =%d', DB_TEL_PERFIX, $user_id);
$result = mysql_query($query, $GLOBALS['DB']);
if (mysql_num_rows($result)) {
$row = mysql_fetch_assoc($result);
$user->username = $row['USERNAME'];
$user->password = $row['PASSWORD'];
$user->emailAddr = $row['EMAIL_ADDR'];
$user->isactive = $row['IS_ACTIVE'];
$user->uid = $user_id;
}
mysql_free_result($result);
return $user;
}
public static function getByUsername($username)
{
$user = new User();
$query = sprintf('select user_id,password,email_addr,is_active' .
'from %sUser where username = "$s"', DB_TEL_PERFIX, mysql_real_escape_string($username,
$GLOBALS['DB']));
$result = mysql_query($query, $GLOBALS['DB']);
if (mysql_num_rows($result)) {
$row = mysql_fetch_assoc($result);
$user->username = $row['USERNAME'];
$user->password = $row['PASSWORD'];
$user->emailAddr = $row['EMAIL_ADDR'];
$user->isactive = $row['IS_ACTIVE'];
$user->uid = $user_id;
}
mysql_free_result($result);
return $user;
}
public function save()
{
if ($this->uid) {
$query = sprintf('update %sUser set username="%s",password="%s",email_addr="%s",is_active=%d' .
'where user_id = %d', DB_TEL_PERFIX, mysql_real_escape_string($this->username, $GLOBALS['DB']),
mysql_real_escape_string($this->password, $GLOBALS['DB']),
mysql_real_escape_string($this->emailaddr, $GLOBALS['DB']), $this->isActive, $this->
userId);
return mysql_query($query, $GLOBALS['DB']);
} else {
$query = sprintf('insert into %sUser (username,password,email_addr,is_active) values ("%s","%s","%s","%d")',
DB_TEL_PERFIX, mysql_real_escape_string($this->username, $GLOBALS['DB']),
mysql_real_escape_string($this->password, $GLOBALS['DB']),
mysql_real_escape_string($this->emailaddr, $GLOBALS['DB']), $this->isActive);
if (mysql_query($query, $GLOBALS['DB'])) {
$this->uid = mysql_insert_id($GLOBALS['DB']);
return true;
} else {
return false;
}
}
}
public function setInactive()
{
$this->isActive = false;
$this->save();
$token = random_text(5);
$query = sprintf('insert into %sPending (user_id,token) values (%d,"%s")',
DB_TEL_PERFIX, $this - uid, $token);
return (mysql_query($query, $GLOBALS['DB'])) ? $token : false;
}
public function setActive($token)
{
$query = sprintf('select token from %sPending where user_id = %d'.
'And token ="%s"',DB_TEL_PERFIX,$this-uid,
mysql_real_escape_string($token,$GLOBALS['DB']));
$result = mysql_query($query,$GLOBALS['DB']);
if(!mysql_num_rows($result))
{
mysql_free_result($result);
return false;
}
else
{
mysql_free_result($result);
}
}
}
?>
?
