"oui", "log" => "oui", "debug" => "oui"); var $table_membres = array("table" => "membres", "login" => "pseudo", "pass" => "password", "last_access" => "date", "last_ip" => "ip"); var $table_sessions = "sessions"; var $cookie_domain = "82.224.17.102"; var $cookie_path = "/"; var $cookie_name = "ji_session"; var $user_infos = array(); // Gestion des erreurs function _err($err,$debug="") { // Si le debug est activé if($this->err[debug] == "oui" && !empty($debug)) $err.= "\n// DEBUG //\n".$debug; // Si on log les erreurs if($this->err[log] == "oui") $this->erreurs[] = $err; // Si on s'arrête sur les erreurs if($this->err[stop] == "oui") { echo "
".htmlentities(stripslashes($err))."
"; exit; } $this->erreur = $err; return FALSE; } // Connexion // $md5 = TRUE si mot de passe stocké en MD5 dans la table // $permanent = TRUE si session permanente (1 an) function connexion($login,$passe,$md5=TRUE,$permanent=FALSE) { // On enlève les éventuels espaces sur le login et le passe $login = trim($login); $passe = trim($passe); // Si le passe est stocké en MD5 alors on MD5 le pass donné if($md5 == TRUE) $passe = md5($passe); // On récupère le vrai mot de passe $requete = "SELECT {$this->table_membres[pass]},id,statut,banned FROM {$this->table_membres[table]} WHERE {$this->table_membres[login]}=\"{$login}\""; $res = mysql_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); // Si aucun enregistrement retourné, ce login n'existe pas $nb = mysql_num_rows($res); if($nb < 1) return $this->_err("Ce login n'existe pas."); // On récup le MDP $rec = mysql_fetch_row($res); $mdp = $rec[0]; $id = $rec[1]; $statut = $rec[2]; $banned = $rec[3]; // Si le passe donné n'est pas identique au passe enregistré c'est pas bon if($mdp != $passe) return $this->_err("Mauvais mot de passe."); $requete = "UPDATE {$this->table_membres[table]} SET {$this->table_membres[last_access]}=\"".time()."\", " ."{$this->table_membres[last_ip]}=\"{$_SERVER[REMOTE_ADDR]}\" WHERE id='{$id}'"; $res = mysql_unbuffered_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); $requete = "DELETE FROM {$this->table_sessions} WHERE id=\"{$id}\""; $res = mysql_unbuffered_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); $session = md5($login.$passe.time()); if($permanent === TRUE) $time = time()+(3600*24*30); else $time = "0"; setcookie($this->cookie_name,$session,$time,$this->cookie_path,$this->cookie_domain); $ip = getenv("REMOTE_ADDR"); $permanent ? $perma = "oui" : $perma = "non"; $requete = "INSERT INTO {$this->table_sessions} SET id=\"{$id}\", session=\"{$session}\", ". "dernier=\"".time()."\", permanent=\"{$perma}\", ip=\"{$ip}\""; $res = mysql_unbuffered_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); if($statut == "inscription" || $statut == "suspendu") mysql_unbuffered_query("UPDATE sessions SET statut='actif' WHERE id='".$id."'"); if(!empty($banned)) { $_COOKIE['stats_connect_user_lencrier'] = 42; setcookie('stats_connect_user_lencrier', '42', time() + (3600 * 24 * 900), $this->cookie_path, $this->cookie_domain); } if(empty($banned) && !empty($_COOKIE['stats_connect_user_lencrier'])) { mysql_unbuffered_query('UPDATE membres SET banned="2" WHERE id="'.intval($id).'";'); } return TRUE; } function is_banned() { if(!empty($this->user_infos['banned']) || !empty($_COOKIE['stats_connect_user_lencrier'])) { return true; } return false; } // Connexion d'un admin function connexion_admin($id) { $requete = "DELETE FROM {$this->table_sessions} WHERE id=\"{$id}\""; $res = mysql_unbuffered_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); $session = md5($id.time()); setcookie($this->cookie_name,$session,"0",$this->cookie_path,$this->cookie_domain); if($permanent === TRUE) $permanent = "oui"; else $permanent = "non"; $ip = getenv("REMOTE_ADDR"); $requete = "INSERT INTO {$this->table_sessions} SET id=\"{$id}\", session=\"{$session}\", ". "dernier=\"".time()."\", permanent=\"{$permanent}\", ip=\"{$ip}\""; $res = mysql_unbuffered_query($requete); if(!$res) return $this->_err("Problème technique.",mysql_error()); return TRUE; } // Le membre est-il connecté? function connected() { $session = $_COOKIE[$this->cookie_name]; if(empty($session)) return FALSE; $requete = "SELECT id FROM {$this->table_sessions} WHERE session=\"{$session}\""; $res = mysql_unbuffered_query($requete); $rec = @mysql_fetch_row($res); if($rec[0] < 1) return FALSE; $this->id = $rec[0]; $requete = "UPDATE {$this->table_sessions} SET dernier=\"".time()."\" WHERE session=\"{$session}\""; mysql_unbuffered_query($requete); $this->user_infos = $this->infos(); return TRUE; } function menage() { $requete = "DELETE FROM {$this->table_sessions} WHERE permanent != 'oui' AND dernier < ".(time() - 4000); mysql_unbuffered_query($requete); } function deco() { $session = $_COOKIE[$this->cookie_name]; $requete = "DELETE FROM {$this->table_sessions} WHERE session=\"{$session}\""; mysql_unbuffered_query($requete); $this->menage(); setcookie($this->cookie_name,"",0,$this->cookie_path,$this->cookie_domain); return TRUE; } function infos() { $requete = "SELECT * FROM {$this->table_membres[table]} WHERE id='{$this->id}'"; $res = mysql_unbuffered_query($requete); return @mysql_fetch_assoc($res); } function is_allowed($journal,$url="") { $res = mysql_query("SELECT COUNT(membre),log FROM restreint WHERE membre='{$this->id}' AND journal='{$journal}' GROUP BY journal"); $rec = @mysql_fetch_row($res); if($rec[0] < 1) return FALSE; //$log = $rec[1]."\n".date("d/m/Y H:i")." - ".$url; //mysql_unbuffered_query("UPDATE restreint SET log='{$log}' WHERE membre='{$this->id}' AND journal='{$journal}'"); return TRUE; } } ?>