Menu
[code]
<?
/**
* Main.php
*
* This is an example of the main page of a website. Here
* users will be able to login. However, like on most sites
* the login form doesn’t just have to be on the main page,
* but re-appear on subsequent pages, depending on whether
* the user has logged in or not.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 26, 2004
*/
include(“include/session.php”);
?>
<html>
<title>Jpmaster77’s Login Script</title>
<body>
<table>
<tr><td>
<?
/**
* User has already logged in, so display relavent links, including
* a link to the admin center if the user is an administrator.
*/
if($session->logged_in){
echo “<h1>Logged In</h1>”;
echo “<?php
header( ‘Location:protected.php’ ) ;
?><br><br>”
.”[<a href=”userinfo.php?user=$session->username”>My Account</a>] ”
.”[<a href=”useredit.php”>Edit Account</a>] ”;
if($session->isAdmin()){
echo “[<a href=”admin/admin.php”>Admin Center</a>] ”;
}
echo “[<a href=”process.php”>Logout</a>]”;
}
else{
?>
<h1>Login</h1>
<?
/**
* User not logged in, display the login form.
* If user has already tried to login, but errors were
* found, display the total number of errors.
* If errors occurred, they will be displayed.
*/
if($form->num_errors > 0){
echo “<font size=”2″ color=”#ff0000″>”.$form->num_errors.” error(s) found</font>”;
}
?>
<form action=”process.php” method=”POST”>
<table align=”left” border=”0″ cellspacing=”0″ cellpadding=”3″>
<tr><td>Username:</td><td><input type=”text” name=”user” maxlength=”30″ value=”<? echo $form->value(“user”); ?>”></td><td><? echo $form->error(“user”); ?></td></tr>
<tr><td>Password:</td><td><input type=”password” name=”pass” maxlength=”30″ value=”<? echo $form->value(“pass”); ?>”></td><td><? echo $form->error(“pass”); ?></td></tr>
<tr><td colspan=”2″ align=”left”><input type=”checkbox” name=”remember” <? if($form->value(“remember”) != “”){ echo “checked”; } ?>>
<font size=”2″>Remember me next time
<input type=”hidden” name=”sublogin” value=”1″>
<input type=”submit” value=”Login”></td></tr>
<tr><td colspan=”2″ align=”left”><br><font size=”2″>[<a href=”forgotpass.php”>Forgot Password?</a>]</font></td><td align=”right”></td></tr>
<tr><td colspan=”2″ align=”left”><br>Not registered? <a href=”register.php”>Sign-Up!</a></td></tr>
</table>
</form>
<?
}
?>
</td></tr>
</table>
</body>
</html>
I have been messing around all day taking things away and putting things into proper place. What i am trying to do is
a) Once people have a successful login, they are redirected (this is both the login page and the page that would also show.) to a new page. When they logged out, they would be brought here.
In this code, i tried adding a header, but it seemed not to work. Any ideas?
This is the site, without any layout. The username is [b]username[b]password
The page is: [url]http://telpeathsgift.awardspace.com/tglogin/index2.php
If you look at it, be careful if you logout, you will be on a different login page.
Thanks!
[code=php]
/**
* redirect to a specific URL
* @param $url
*/
function redirect($url)
{
if (!headers_sent())
{
//If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}
else
{
//If headers are sent... do javascript redirect...
//if javascript disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$url.'";';
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}
[/code][code=php]
if($session->logged_in){
$url = "/path/to/protected.php";
$session->redirect($url);
}
[/code]<i>
</i><?
/**
* Session.php
*
* The Session class is meant to simplify the task of keeping
* track of logged in users and also guests.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 19, 2004
*/
include("database.php");
include("mailer.php");
include("form.php");
class Session
{
var $username; //Username given on sign-up
var $userid; //Random value generated on current login
var $userlevel; //The level to which the user pertains
var $time; //Time user was last active (page loaded)
var $logged_in; //True if user is logged in, false otherwise
var $userinfo = array(); //The array holding all user info
var $url; //The page url current being viewed
var $referrer; //Last recorded site page viewed
/**
* Note: referrer should really only be considered the actual
* page referrer in process.php, any other time it may be
* inaccurate.
*/
/* Class constructor */
function Session(){
$this->time = time();
$this->startSession();
}
/**
* startSession - Performs all the actions necessary to
* initialize this session object. Tries to determine if the
* the user has logged in already, and sets the variables
* accordingly. Also takes advantage of this page load to
* update the active visitors tables.
*/
function startSession(){
global $database; //The database connection
session_start(); //Tell PHP to start the session
*blaha blah Blah
<i> </i> /* Password error checking */
<i> </i> $field = "pass"; //Use field name for password
<i> </i> if(!$subpass){
<i> </i> $form->setError($field, "* Password not entered");
<i> </i> }
<i> </i> else{
<i> </i> /* Spruce up password and check length*/
<i> </i> $subpass = stripslashes($subpass);
<i> </i> if(strlen($subpass) < 4){
<i> </i> $form->setError($field, "* Password too short");
<i> </i> }
<i> </i> /* Check if password is not alphanumeric */
<i> </i> else if(!eregi("^([0-9a-z])+$", ($subpass = trim($subpass)))){
<i> </i> $form->setError($field, "* Password not alphanumeric");
<i> </i> }
<i> </i> /**
<i> </i> * Note: I trimmed the password only after I checked the length
<i> </i> * because if you fill the password field up with spaces
<i> </i> * it looks like a lot more characters than 4, so it looks
<i> </i> * kind of stupid to report "password too short".
<i> </i> */
<i> </i> }
<i> </i> /* Email error checking */
<i> </i> $field = "email"; //Use field name for email
<i> </i> if(!$subemail || strlen($subemail = trim($subemail)) == 0){
<i> </i> $form->setError($field, "* Email not entered");
<i> </i> }
<i> </i> else{
<i> </i> /* Check if valid email address */
<i> </i> $regex = "^[_+a-z0-9-]+(.[_+a-z0-9-]+)*"
<i> </i> ."@[a-z0-9-]+(.[a-z0-9-]{1,})*"
<i> </i> .".([a-z]{2,}){1}$";
<i> </i> if(!eregi($regex,$subemail)){
<i> </i> $form->setError($field, "* Email invalid");
<i> </i> }
<i> </i> $subemail = stripslashes($subemail);
<i> </i> }
<i> </i> /* Errors exist, have user correct them */
<i> </i> if($form->num_errors > 0){
<i> </i> return 1; //Errors with form
<i> </i> }
<i> </i> /* No errors, add the new account to the */
<i> </i> else{
<i> </i> if($database->addNewUser($subuser, md5($subpass), $subemail)){
<i> </i> if(EMAIL_WELCOME){
<i> </i> $mailer->sendWelcome($subuser,$subemail,$subpass);
<i> </i> }
<i> </i> return 0; //New user added succesfully
<i> </i> }else{
<i> </i> return 2; //Registration attempt failed
<i> </i> }
<i> </i> }
}
/**
* editAccount - Attempts to edit the user's account information
* including the password, which it first makes sure is correct
* if entered, if so and the new password is in the right
* format, the change is made. All other fields are changed
* automatically.
*/
function editAccount($subcurpass, $subnewpass, $subemail){
global $database, $form; //The database and form object
/* New password entered */
if($subnewpass){
/* Current Password error checking */
$field = "curpass"; //Use field name for current password
if(!$subcurpass){
$form->setError($field, "* Current Password not entered");
}
else{
/* Check if password too short or is not alphanumeric */
$subcurpass = stripslashes($subcurpass);
if(strlen($subcurpass) < 4 ||
!eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){
$form->setError($field, "* Current Password incorrect");
}
/* Password entered is incorrect */
if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){
$form->setError($field, "* Current Password incorrect");
}
}
<i> </i> /* New Password error checking */
<i> </i> $field = "newpass"; //Use field name for new password
<i> </i> /* Spruce up password and check length*/
<i> </i> $subpass = stripslashes($subnewpass);
<i> </i> if(strlen($subnewpass) < 4){
<i> </i> $form->setError($field, "* New Password too short");
<i> </i> }
<i> </i> /* Check if password is not alphanumeric */
<i> </i> else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){
<i> </i> $form->setError($field, "* New Password not alphanumeric");
<i> </i> }
<i> </i> }
<i> </i> /* Change password attempted */
<i> </i> else if($subcurpass){
<i> </i> /* New Password error reporting */
<i> </i> $field = "newpass"; //Use field name for new password
<i> </i> $form->setError($field, "* New Password not entered");
<i> </i> }
<i> </i> /* Email error checking */
<i> </i> $field = "email"; //Use field name for email
<i> </i> if($subemail && strlen($subemail = trim($subemail)) > 0){
<i> </i> /* Check if valid email address */
<i> </i> $regex = "^[_+a-z0-9-]+(.[_+a-z0-9-]+)*"
<i> </i> ."@[a-z0-9-]+(.[a-z0-9-]{1,})*"
<i> </i> .".([a-z]{2,}){1}$";
<i> </i> if(!eregi($regex,$subemail)){
<i> </i> $form->setError($field, "* Email invalid");
<i> </i> }
<i> </i> $subemail = stripslashes($subemail);
<i> </i> }
<i> </i> /* Errors exist, have user correct them */
<i> </i> if($form->num_errors > 0){
<i> </i> return false; //Errors with form
<i> </i> }
<i> </i> /* Update password since there were no errors */
<i> </i> if($subcurpass && $subnewpass){
<i> </i> $database->updateUserField($this->username,"password",md5($subnewpass));
<i> </i> }
<i> </i> /* Change Email */
<i> </i> if($subemail){
<i> </i> $database->updateUserField($this->username,"email",$subemail);
<i> </i> }
<i> </i> /* Success! */
<i> </i> return true;
}
/**
* isAdmin - Returns true if currently logged in user is
* an administrator, false otherwise.
*/
function isAdmin(){
return ($this->userlevel == ADMIN_LEVEL ||
$this->username == ADMIN_NAME);
}
/**
* generateRandID - Generates a string made up of randomized
* letters (lower and upper case) and digits and returns
* the md5 hash of it to be used as a userid.
*/
function generateRandID(){
return md5($this->generateRandStr(16));
}
/**
* generateRandStr - Generates a string made up of randomized
* letters (lower and upper case) and digits, the length
* is a specified parameter.
*/
function generateRandStr($length){
$randstr = "";
for($i=0; $i<$length; $i++){
$randnum = mt_rand(0,61);
if($randnum < 10){
$randstr .= chr($randnum+48);
}else if($randnum < 36){
$randstr .= chr($randnum+55);
}else{
$randstr .= chr($randnum+61);
}
}
return $randstr;
}
};
/**
* Initialize session object - This must be initialized before
* the form object because the form uses session variables,
* which cannot be accessed unless the session has started.
*/
$session = new Session;
/* Initialize form object */
$form = new Form;
/**
* redirect to a specific URL
* @param $url
*/
function redirect($url)
{
if (!headers_sent())
{ <br/>
//If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}
else
{ <br/>
//If headers are sent... do javascript redirect...
//if javascript disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$url.'";';
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}
?>
[code=php]
<?
/**
* Session.php
*
* The Session class is meant to simplify the task of keeping
* track of logged in users and also guests.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 19, 2004
*/
include("database.php");
include("mailer.php");
include("form.php");
class Session
{
var $username; //Username given on sign-up
var $userid; //Random value generated on current login
var $userlevel; //The level to which the user pertains
var $time; //Time user was last active (page loaded)
var $logged_in; //True if user is logged in, false otherwise
var $userinfo = array(); //The array holding all user info
var $url; //The page url current being viewed
var $referrer; //Last recorded site page viewed
/**
* Note: referrer should really only be considered the actual
* page referrer in process.php, any other time it may be
* inaccurate.
*/
/* Class constructor */
function Session(){
$this->time = time();
$this->startSession();
}
/**
* startSession - Performs all the actions necessary to
* initialize this session object. Tries to determine if the
* the user has logged in already, and sets the variables
* accordingly. Also takes advantage of this page load to
* update the active visitors tables.
*/
function startSession(){
global $database; //The database connection
session_start(); //Tell PHP to start the session
*blaha blah Blah
/* Password error checking */
$field = "pass"; //Use field name for password
if(!$subpass){
$form->setError($field, "* Password not entered");
}
else{
/* Spruce up password and check length*/
$subpass = stripslashes($subpass);
if(strlen($subpass) < 4){
$form->setError($field, "* Password too short");
}
/* Check if password is not alphanumeric */
else if(!eregi("^([0-9a-z])+$", ($subpass = trim($subpass)))){
$form->setError($field, "* Password not alphanumeric");
}
/**
* Note: I trimmed the password only after I checked the length
* because if you fill the password field up with spaces
* it looks like a lot more characters than 4, so it looks
* kind of stupid to report "password too short".
*/
}
/* Email error checking */
$field = "email"; //Use field name for email
if(!$subemail || strlen($subemail = trim($subemail)) == 0){
$form->setError($field, "* Email not entered");
}
else{
/* Check if valid email address */
$regex = "^[_+a-z0-9-]+(.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(.[a-z0-9-]{1,})*"
.".([a-z]{2,}){1}$";
if(!eregi($regex,$subemail)){
$form->setError($field, "* Email invalid");
}
$subemail = stripslashes($subemail);
}
/* Errors exist, have user correct them */
if($form->num_errors > 0){
return 1; //Errors with form
}
/* No errors, add the new account to the */
else{
if($database->addNewUser($subuser, md5($subpass), $subemail)){
if(EMAIL_WELCOME){
$mailer->sendWelcome($subuser,$subemail,$subpass);
}
return 0; //New user added succesfully
}else{
return 2; //Registration attempt failed
}
}
}
/**
* editAccount - Attempts to edit the user's account information
* including the password, which it first makes sure is correct
* if entered, if so and the new password is in the right
* format, the change is made. All other fields are changed
* automatically.
*/
function editAccount($subcurpass, $subnewpass, $subemail){
global $database, $form; //The database and form object
/* New password entered */
if($subnewpass){
/* Current Password error checking */
$field = "curpass"; //Use field name for current password
if(!$subcurpass){
$form->setError($field, "* Current Password not entered");
}
else{
/* Check if password too short or is not alphanumeric */
$subcurpass = stripslashes($subcurpass);
if(strlen($subcurpass) < 4 ||
!eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){
$form->setError($field, "* Current Password incorrect");
}
/* Password entered is incorrect */
if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){
$form->setError($field, "* Current Password incorrect");
}
}
/* New Password error checking */
$field = "newpass"; //Use field name for new password
/* Spruce up password and check length*/
$subpass = stripslashes($subnewpass);
if(strlen($subnewpass) < 4){
$form->setError($field, "* New Password too short");
}
/* Check if password is not alphanumeric */
else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){
$form->setError($field, "* New Password not alphanumeric");
}
}
/* Change password attempted */
else if($subcurpass){
/* New Password error reporting */
$field = "newpass"; //Use field name for new password
$form->setError($field, "* New Password not entered");
}
/* Email error checking */
$field = "email"; //Use field name for email
if($subemail && strlen($subemail = trim($subemail)) > 0){
/* Check if valid email address */
$regex = "^[_+a-z0-9-]+(.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(.[a-z0-9-]{1,})*"
.".([a-z]{2,}){1}$";
if(!eregi($regex,$subemail)){
$form->setError($field, "* Email invalid");
}
$subemail = stripslashes($subemail);
}
/* Errors exist, have user correct them */
if($form->num_errors > 0){
return false; //Errors with form
}
/* Update password since there were no errors */
if($subcurpass && $subnewpass){
$database->updateUserField($this->username,"password",md5($subnewpass));
}
/* Change Email */
if($subemail){
$database->updateUserField($this->username,"email",$subemail);
}
/* Success! */
return true;
}
/**
* isAdmin - Returns true if currently logged in user is
* an administrator, false otherwise.
*/
function isAdmin(){
return ($this->userlevel == ADMIN_LEVEL ||
$this->username == ADMIN_NAME);
}
/**
* generateRandID - Generates a string made up of randomized
* letters (lower and upper case) and digits and returns
* the md5 hash of it to be used as a userid.
*/
function generateRandID(){
return md5($this->generateRandStr(16));
}
/**
* generateRandStr - Generates a string made up of randomized
* letters (lower and upper case) and digits, the length
* is a specified parameter.
*/
function generateRandStr($length){
$randstr = "";
for($i=0; $i<$length; $i++){
$randnum = mt_rand(0,61);
if($randnum < 10){
$randstr .= chr($randnum+48);
}else if($randnum < 36){
$randstr .= chr($randnum+55);
}else{
$randstr .= chr($randnum+61);
}
}
return $randstr;
}
/**
* redirect to a specific URL
* @param $url
*/
function redirect($url)
{
if (!headers_sent())
{
//If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}
else
{
//If headers are sent... do javascript redirect...
//if javascript disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$url.'";';
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}
};
/**
* Initialize session object - This must be initialized before
* the form object because the form uses session variables,
* which cannot be accessed unless the session has started.
*/
$session = new Session;
/* Initialize form object */
$form = new Form;
?>
[/code][code=php]
function a {
$session->redirect($url);
}
[/code][code=php]
function a {
global $session;
$session->redirect($url);
}
[/code][code=php]
} //<------- Class ends here, redirect function should be placed inside the class before this bracket.
/**
* redirect to a specific URL
* @param $url
*/
function redirect($url)
{
if (!headers_sent())
{
//If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}
else
{
//If headers are sent... do javascript redirect...
//if javascript disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$url.'";';
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}
/**
* Initialize session object - This must be initialized before
* the form object because the form uses session variables,
* which cannot be accessed unless the session has started.
*/
$session = new Session;
/* Initialize form object */
$form = new Form;
[/code][code=php]
<?
/**
* Session.php
*
* The Session class is meant to simplify the task of keeping
* track of logged in users and also guests.
*
* Written by: Jpmaster77 a.k.a. The Grandmaster of C++ (GMC)
* Last Updated: August 19, 2004
*/
include("database.php");
include("mailer.php");
include("form.php");
class Session
{
var $username; //Username given on sign-up
var $userid; //Random value generated on current login
var $userlevel; //The level to which the user pertains
var $time; //Time user was last active (page loaded)
var $logged_in; //True if user is logged in, false otherwise
var $userinfo = array(); //The array holding all user info
var $url; //The page url current being viewed
var $referrer; //Last recorded site page viewed
/**
* Note: referrer should really only be considered the actual
* page referrer in process.php, any other time it may be
* inaccurate.
*/
/* Class constructor */
function Session(){
$this->time = time();
$this->startSession();
}
/**
* startSession - Performs all the actions necessary to
* initialize this session object. Tries to determine if the
* the user has logged in already, and sets the variables
* accordingly. Also takes advantage of this page load to
* update the active visitors tables.
*/
function startSession(){
global $database; //The database connection
session_start(); //Tell PHP to start the session
*blaha blah Blah
/* Password error checking */
$field = "pass"; //Use field name for password
if(!$subpass){
$form->setError($field, "* Password not entered");
}
else{
/* Spruce up password and check length*/
$subpass = stripslashes($subpass);
if(strlen($subpass) < 4){
$form->setError($field, "* Password too short");
}
/* Check if password is not alphanumeric */
else if(!eregi("^([0-9a-z])+$", ($subpass = trim($subpass)))){
$form->setError($field, "* Password not alphanumeric");
}
/**
* Note: I trimmed the password only after I checked the length
* because if you fill the password field up with spaces
* it looks like a lot more characters than 4, so it looks
* kind of stupid to report "password too short".
*/
}
/* Email error checking */
$field = "email"; //Use field name for email
if(!$subemail || strlen($subemail = trim($subemail)) == 0){
$form->setError($field, "* Email not entered");
}
else{
/* Check if valid email address */
$regex = "^[_+a-z0-9-]+(.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(.[a-z0-9-]{1,})*"
.".([a-z]{2,}){1}$";
if(!eregi($regex,$subemail)){
$form->setError($field, "* Email invalid");
}
$subemail = stripslashes($subemail);
}
/* Errors exist, have user correct them */
if($form->num_errors > 0){
return 1; //Errors with form
}
/* No errors, add the new account to the */
else{
if($database->addNewUser($subuser, md5($subpass), $subemail)){
if(EMAIL_WELCOME){
$mailer->sendWelcome($subuser,$subemail,$subpass);
}
return 0; //New user added succesfully
}else{
return 2; //Registration attempt failed
}
}
}
/**
* editAccount - Attempts to edit the user's account information
* including the password, which it first makes sure is correct
* if entered, if so and the new password is in the right
* format, the change is made. All other fields are changed
* automatically.
*/
function editAccount($subcurpass, $subnewpass, $subemail){
global $database, $form; //The database and form object
/* New password entered */
if($subnewpass){
/* Current Password error checking */
$field = "curpass"; //Use field name for current password
if(!$subcurpass){
$form->setError($field, "* Current Password not entered");
}
else{
/* Check if password too short or is not alphanumeric */
$subcurpass = stripslashes($subcurpass);
if(strlen($subcurpass) < 4 ||
!eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){
$form->setError($field, "* Current Password incorrect");
}
/* Password entered is incorrect */
if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){
$form->setError($field, "* Current Password incorrect");
}
}
/* New Password error checking */
$field = "newpass"; //Use field name for new password
/* Spruce up password and check length*/
$subpass = stripslashes($subnewpass);
if(strlen($subnewpass) < 4){
$form->setError($field, "* New Password too short");
}
/* Check if password is not alphanumeric */
else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){
$form->setError($field, "* New Password not alphanumeric");
}
}
/* Change password attempted */
else if($subcurpass){
/* New Password error reporting */
$field = "newpass"; //Use field name for new password
$form->setError($field, "* New Password not entered");
}
/* Email error checking */
$field = "email"; //Use field name for email
if($subemail && strlen($subemail = trim($subemail)) > 0){
/* Check if valid email address */
$regex = "^[_+a-z0-9-]+(.[_+a-z0-9-]+)*"
."@[a-z0-9-]+(.[a-z0-9-]{1,})*"
.".([a-z]{2,}){1}$";
if(!eregi($regex,$subemail)){
$form->setError($field, "* Email invalid");
}
$subemail = stripslashes($subemail);
}
/* Errors exist, have user correct them */
if($form->num_errors > 0){
return false; //Errors with form
}
/* Update password since there were no errors */
if($subcurpass && $subnewpass){
$database->updateUserField($this->username,"password",md5($subnewpass));
}
/* Change Email */
if($subemail){
$database->updateUserField($this->username,"email",$subemail);
}
/* Success! */
return true;
}
/**
* isAdmin - Returns true if currently logged in user is
* an administrator, false otherwise.
*/
function isAdmin(){
return ($this->userlevel == ADMIN_LEVEL ||
$this->username == ADMIN_NAME);
}
/**
* generateRandID - Generates a string made up of randomized
* letters (lower and upper case) and digits and returns
* the md5 hash of it to be used as a userid.
*/
function generateRandID(){
return md5($this->generateRandStr(16));
}
/**
* generateRandStr - Generates a string made up of randomized
* letters (lower and upper case) and digits, the length
* is a specified parameter.
*/
function generateRandStr($length){
$randstr = "";
for($i=0; $i<$length; $i++){
$randnum = mt_rand(0,61);
if($randnum < 10){
$randstr .= chr($randnum+48);
}else if($randnum < 36){
$randstr .= chr($randnum+55);
}else{
$randstr .= chr($randnum+61);
}
}
return $randstr;
}
/**
* redirect to a specific URL
* @param $url
*/
function redirect($url)
{
if (!headers_sent())
{
//If headers not sent yet... then do php redirect
header('Location: '.$url); exit;
}
else
{
//If headers are sent... do javascript redirect...
//if javascript disabled, do html redirect.
echo '<script type="text/javascript">';
echo 'window.location.href="'.$url.'";';
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
echo '</noscript>'; exit;
}
}
};
/**
* Initialize session object - This must be initialized before
* the form object because the form uses session variables,
* which cannot be accessed unless the session has started.
*/
$session = new Session;
/* Initialize form object */
$form = new Form;
?>
[/code][code=php]
if($session->logged_in){
$url = "/path/to/protected.php";
$session->redirect($url);
}
[/code]0.1.9 — BETA 5.19