Userlib - User Library |
[eluser]Xikeon[/eluser]
Hello, Because nearly every site needs/wants a Member/User system and so did I for my sites, so I made a library for it. I'll update when I need something, and post further versions Download Link: Click Here! (yup, tabs messed outside my code (PHP Designer 2007)) So, currently my class can do: - Register a user - Log in (CI session based) - Check if logged in (CI session based) - Forgot password (email based, new password sent to email) - Get data from database by username (be careful, encrypted passwords could be get!) - Get age by month I'll explain every function and how to use them How to install Put the code posted above in system\application\libraries\Userlib.php Now open system\application\config\config.php And search for $config['sess_use_database'] Put that on TRUE. Now open system\application\config\autoload.php Be sure that $autoload['libraries'] has all these in it: 'database', 'session', 'Userlib' And the SQL: Code: CREATE TABLE `ci_sessions` ( 0 = banned 1 = member 2 = moderator 3 = administrator And now: The functions -> How to use! Register string $this->userlib->register( username, password, email [, status [, emailcheck [, ipcheck ] ] ] ); username: The username of the user password: the password, this will be encrypted automaticly in: sha1( md5( password ) ) email: the email [for password retrieval and such] status: (optional) the status to give the user, default = 1 emailcheck: (optional) Check if the email address has been used on a different account, default = TRUE ipcheck: (optional) Check if the ip address has been used on a different account, default = TRUE You echo this function, or send it save it as a variable. This way if there is an error message it will be put on your screen. Examples of usage: Code: // Only required data Login boolean $this->userlib->login( username, password ); username: the username duh password: the password duh Example of usage: Code: if( $this->userlib->login( "Xikeon", "mypass" ) ) Logged in boolean $this->userlib->logged_in( ); Example of usage: Code: if( $this->userlib->logged_in( ) ) Forgot boolean $this->userlib->forgot( email, length ); email: email of the user who forgot the password length: length of new password which will be sent to the email Example of use: Code: //create a password of 5 digits Get Data string $this->userlib->getData( username, what ); username: the username of who you want to grab the data from what: row name of what you want to get out of the database from the username Example of use: Code: // Grab the status Get Age integer $this->userlib->getAge( day, month, year ); day: day of birth month: month of birth year: year of birth Example of use: Code: // Get my age, will return: 15 So, that was it I guess. Report any problems please. If any idea's, please PM them to me! Greetings, Mike.
[eluser]ztinger[/eluser]
Good work! I'm going to test it. Thanks for sharing.
[eluser]Xikeon[/eluser]
Thanks, please tell me if you find any problems or notice anything
[eluser]Unknown[/eluser]
I am very new to CI and I was just starting to look for an example of user control code. I will also start trying it and see how I get on.
[eluser]Xikeon[/eluser]
Hey, thanks for trying my class. If you need any help or don't understand (parts of) my library, just post here PM me. I might be able to help you Good luck!
[eluser]Xikeon[/eluser]
Thanks Sander. I've updated the link, now to my own pastebin. I also fixed some typo's in the comments, because I changed/updated functions and didn't change the comments. Not really a needed update, just comment fixes.
[eluser]Christian Land[/eluser]
Btw. handling the "Forgot Password" function like you do is an open invitation for troublemakers... store the new password in an additional field and don't overwrite the old one until the user logs himself in with the new password - otherwise, somebody could abuse your "forget password" function to render all logins of a site useless until their resprective owners have read the mail (just imagine a simple script that scans your site for usernames and then invokes your forget password page with all found usernames)
[eluser]Xikeon[/eluser]
[quote author="Christian Land" date="1183720119"]Btw. handling the "Forgot Password" function like you do is an open invitation for troublemakers... store the new password in an additional field and don't overwrite the old one until the user logs himself in with the new password - otherwise, somebody could abuse your "forget password" function to render all logins of a site useless until their resprective owners have read the mail (just imagine a simple script that scans your site for usernames and then invokes your forget password page with all found usernames)[/quote] Yes I know, I was a bit lazy on that function.. Hehe. I will make it better in the next version.
[eluser]jbowman[/eluser]
Since you are getting peoples emails, why not make that their login authentication variable, rather than their username? Since, hopefully, people won't be making email addresses visible on the site, this would also cut down on people trying to brute force password using screenname/password |
Welcome Guest, Not a member yet? Register Sign In |