saaiful · August 29, 2015 14:06
diff --git a/CONFIG b/CONFIG
 <?php
 //DB Config 
 date_default_timezone_set('Asia/Dhaka');
 $db=new PDO('mysql:host=localhost;dbname=dbname;charset=utf8','root','pass'); 
 //Site Url
 $siteUrl = "http://localhost/fdfdf";
 ?>
diff --git a/Login Function b/Login Function
 <?php
 /*
 Function's For User Management 
 Coded by Saiful Islam
 &copy 2013 Macrotech Ltd
 http://macrotech.org
 */

 set_include_path(__DIR__."/");
 //cheek user exist or not
 if(!function_exists('error'))
 {
 	function error($msg){
 	echo '
 	<div class="alert alert-danger">
 		<button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
 		<strong>'.$msg.'</strong>
 	</div>';
 	}
 }

 if(!function_exists('success'))
 {
 	function success($msg){
 	echo '
 	<div class="alert alert-success">
 		<button type="button" class="close" data-dismiss="alert" aria-hidden="true">&times;</button>
 		<strong>'.$msg.'</strong>
 	</div>';
 	}
 }
 function user_exist($username)
 {
 	include("config.php");
 	$query=$db->prepare("SELECT * FROM user WHERE name=:username");
 	$query -> execute(array(':username' => $username));
 	$count=$query->rowCount();
 	if($count==0){return false;}
 	if($count!=0){return true;}
 }

 //cheek email exist or not 
 function email_exist($email)
 {
 	include("config.php");
 	$query=$db->prepare("SELECT * FROM user WHERE email=:email");
 	$query -> execute(array(':email' => $email));
 	$count=$query->rowCount();
 	if($count==0){return false;}
 	if($count!=0){return true;}
 }

 //genarate rendom word
 function getrandomstring($length) {
       global $template;
       settype($template, "string");
       $template = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
       settype($length, "integer");
       settype($rndstring, "string");
       settype($a, "integer");
       settype($b, "integer");
       for ($a = 0; $a <= $length; $a++) {
               $b = rand(0, strlen($template) - 1);
               $rndstring .= $template[$b];
       }

       return $rndstring; 
 }


 //hashing function
 function hashForMe($password)
 {
 	$password=md5(base64_encode($password));
 	$password=md5(base64_encode($password));
 	$password=md5(base64_encode($password));
 	return $password;
 }

 //function of mailing
 function emailNow($to,$from,$subject,$massage)
 {
 	  if(mail($to,$subject,$massage,"From:$from")){return true;}
 	  else{return false;}
 }

 //add user in database and genarate activation id
 function add_user($username,$email,$password)
 {
 	include("config.php");
 	$error="";
 	if(user_exist($username))
 	{
 		return false;
 		$error="User Exist !";
 		exit();
 	}

 	if(email_exist($email))
 		{
 			$error.='email Exist!';
 			return false;
 			exit();	
 		}
 		$password=hashForMe($password);
 		$query = $db -> prepare("INSERT INTO user (name, password, email) VALUES (:username, :password, :email)");
 		$query -> execute(array(':username' => $username, ':password' => $password, ':email' => $email));
 		$affected_rows = $query->rowCount();
 		if($affected_rows==1)
 		{
 			$error.="Data Saved !";
 			return true;
 		}
 		else{$error.="Data Not Saved!"; return false;}
 }

 //confirmation
 function confirm($token)
 {
 	include("config.php");
 	$query = $db -> prepare("SELECT * FROM user WHERE activation=:token LIMIT 1");
 	$query -> execute(array(':token' => $token));
 	$count = $query->rowCount();
 	if($count==1)
 	{
 		$query = $db -> prepare("UPDATE  user SET activation='' WHERE activation=:token ");
 		$query -> execute(array(':token' => $token));
 		$count = $query->rowCount();
 		if($count==1){return true;}
 		else{return false;}
 	}
 }


 //reseting password
 function resetPass($email)
 {
 	include("config.php");
 	$query = $db -> prepare("SELECT * FROM user WHERE email=:email LIMIT 1");
 	$query -> execute(array(':email' => $email));
 	$count = $query->rowCount();
 	if($count==1)
 	{
 		$key=getrandomstring(10);
 		$query = $db -> prepare("UPDATE  user SET reset=:key WHERE email=:mail");
 		$query -> execute(array(':key' => $key, ':mail' => $email));
 		$count = $query->rowCount();
 		if($count==1)
 		{
 			$massage="A Password reset request just recived.\nPlease follow this link: http://$siteUrl/reset.php?email=$email&reset=$key \n\n If It's not you dont do anything./n/nRegards,\nThe support team at $siteName\n";
 			emailNow($email,$siteEmail,"Password Reset",$massage);
 			return true;
 		}
 		else{return false;}
 	}
 }

 //password reset
 function passReset($password,$reset,$email)
 {
 	include("config.php");
 	$query = $db -> prepare("SELECT * FROM user WHERE email=:email  AND reset=:reset");
 	$query -> execute(array(':email' => $email, ':reset' => $reset));
 	$count = $query->rowCount();
 	if($count==1)
 	{
 		$password=hashForMe($password);
 		$query = $db -> prepare("UPDATE  user SET reset='',password=:password WHERE email=:email");
 		$query -> execute(array(':password' => $password, ':email' => $email));
 		$count = $query -> rowCount();
 		if($count==1){return true;}
 		else{return false;}
 	}
 }
 function getUserData($email)
 {
 	include 'config.php';
 	if(preg_match("/@/", $email))
 	{
 		$query = $db -> prepare("SELECT * FROM user WHERE email=:email LIMIT 1");
 		$query -> execute(array(':email' => $email));
 	}
 	elseif(preg_match("/[0-9]{13}/", $email))
 	{
 		$query = $db -> prepare("SELECT * FROM user WHERE mobile=:email LIMIT 1");
 		$query -> execute(array(':email' => $email));
 	}
 	else
 	{
 		$query = $db -> prepare("SELECT * FROM user WHERE id=:id LIMIT 1");
 		$query -> execute(array(':id' => $email));
 	}
 		$data = $query -> fetch();
 		return $data;
 }
 function getUserName($email)
 {
 	include 'config.php';
 	$query = $db -> prepare("SELECT * FROM user WHERE email=:email LIMIT 1");
 	$query -> execute(array(':email' => $email));
 	$data = $query -> fetch();
 	return $data['name'];
 }


 function login($email,$password,$redirect,$remember)
 {
 	include __DIR__."/config.php";
 	$password1=$password;
 	$password = hashForMe($password);
 	$query = $db -> prepare("SELECT * FROM user WHERE email=:email AND password=:password LIMIT 1");
 	$query -> execute(array(':email' => $email, ':password' => $password));
 	$count = $query->rowCount();
 	if($count==1)
 	{
 		$data = $query -> fetch();
 		@session_start();
 		// store session data
 		$_SESSION['email'] = $email;
 		$_SESSION['id'] = $data['id'];
 		$_SESSION['mobile'] = $data['mobile'];
 		$_SESSION['password'] = $password1;
 		$_SESSION['name'] = getUserName($email);
 		$_SESSION['start'] = time(); // taking now logged in time
 		$p=15;
 		if($remember=='yes'){$p=10000;}
 		$_SESSION['expire'] = $_SESSION['start'] + ($p * 60) ; // ending a session in 30
 		
 		if(empty($redirect)){$redirect="index.php";}
 		echo "<meta http-equiv=\"refresh\" content=\"1;url=$redirect\">";
 		return true;
 		
 	}
 	else
 	{
 		return false;
 	}
 }

 function UserType($type)
 {
 	include("config.php");
 	$email = $_SESSION['email'];
 	$password = $_SESSION['password'];
 	$password=hashForMe($password);
 	$query = $db -> prepare("SELECT * FROM user WHERE email=:email AND password=:password AND activation='' AND type=:type LIMIT 1");
 	$query -> execute(array(':email' => $email, ':password' => $password, ':type' => $type));
 	$count = $query->rowCount();
 	if($count==1){return true;}
 	else{return false;}
 }

 //protected page
 function protectedArea()
 {
 	@session_start();
 	$timeLeft = ($_SESSION['expire']-time())/60;
 	$currentFile ="http://".$_SERVER["SERVER_NAME"].$_SERVER['REQUEST_URI'];
 	$currentFile=base64_encode($currentFile);
 	if(!isset($_SESSION['email']))
 	{
 	    include 'config.php';
 	    header("Location: {$siteUrl}login.php?redirect={$currentFile}");
 	    exit();
 	}
 	else
 	{

 	    if($timeLeft<0)
 	    {
 	        session_destroy();
 	        $currentFile ="http://".$_SERVER["SERVER_NAME"].$_SERVER['REQUEST_URI'];
 			$currentFile=base64_encode($currentFile);
 		    include 'config.php';
 	    	header("Location: {$siteUrl}login.php?redirect={$currentFile}");
 	        exit();
 	    }
 	    if($timeLeft<10) { $_SESSION['expire'] = $_SESSION['expire'] + (5 * 60) ; }
 	    
 	 }   
 }



 ?>
diff --git a/SQL b/SQL
 CREATE TABLE IF NOT EXISTS `user` (
  `id` int(11) NOT NULL AUTO_INCREMENT,
  `name` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
  `password` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
  `email` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
  `activation` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
  `reset` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
  `type` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
  PRIMARY KEY (`id`)
 ) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=0 ;
	<?php
	//DB Config
	date_default_timezone_set('Asia/Dhaka');
	$db=new PDO('mysql:host=localhost;dbname=dbname;charset=utf8','root','pass');
	//Site Url
	$siteUrl = "http://localhost/fdfdf";
	?>
	<?php
	/*
	Function's For User Management
	Coded by Saiful Islam
	&copy 2013 Macrotech Ltd
	http://macrotech.org
	*/

	set_include_path(__DIR__."/");
	//cheek user exist or not
	if(!function_exists('error'))
	{
	function error($msg){
	echo '
	<div class="alert alert-danger">
	<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
	<strong>'.$msg.'</strong>
	</div>';
	}
	}

	if(!function_exists('success'))
	{
	function success($msg){
	echo '
	<div class="alert alert-success">
	<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
	<strong>'.$msg.'</strong>
	</div>';
	}
	}
	function user_exist($username)
	{
	include("config.php");
	$query=$db->prepare("SELECT * FROM user WHERE name=:username");
	$query -> execute(array(':username' => $username));
	$count=$query->rowCount();
	if($count==0){return false;}
	if($count!=0){return true;}
	}

	//cheek email exist or not
	function email_exist($email)
	{
	include("config.php");
	$query=$db->prepare("SELECT * FROM user WHERE email=:email");
	$query -> execute(array(':email' => $email));
	$count=$query->rowCount();
	if($count==0){return false;}
	if($count!=0){return true;}
	}

	//genarate rendom word
	function getrandomstring($length) {
	global $template;
	settype($template, "string");
	$template = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
	settype($length, "integer");
	settype($rndstring, "string");
	settype($a, "integer");
	settype($b, "integer");
	for ($a = 0; $a <= $length; $a++) {
	$b = rand(0, strlen($template) - 1);
	$rndstring .= $template[$b];
	}

	return $rndstring;
	}


	//hashing function
	function hashForMe($password)
	{
	$password=md5(base64_encode($password));
	$password=md5(base64_encode($password));
	$password=md5(base64_encode($password));
	return $password;
	}

	//function of mailing
	function emailNow($to,$from,$subject,$massage)
	{
	if(mail($to,$subject,$massage,"From:$from")){return true;}
	else{return false;}
	}

	//add user in database and genarate activation id
	function add_user($username,$email,$password)
	{
	include("config.php");
	$error="";
	if(user_exist($username))
	{
	return false;
	$error="User Exist !";
	exit();
	}

	if(email_exist($email))
	{
	$error.='email Exist!';
	return false;
	exit();
	}
	$password=hashForMe($password);
	$query = $db -> prepare("INSERT INTO user (name, password, email) VALUES (:username, :password, :email)");
	$query -> execute(array(':username' => $username, ':password' => $password, ':email' => $email));
	$affected_rows = $query->rowCount();
	if($affected_rows==1)
	{
	$error.="Data Saved !";
	return true;
	}
	else{$error.="Data Not Saved!"; return false;}
	}

	//confirmation
	function confirm($token)
	{
	include("config.php");
	$query = $db -> prepare("SELECT * FROM user WHERE activation=:token LIMIT 1");
	$query -> execute(array(':token' => $token));
	$count = $query->rowCount();
	if($count==1)
	{
	$query = $db -> prepare("UPDATE user SET activation='' WHERE activation=:token ");
	$query -> execute(array(':token' => $token));
	$count = $query->rowCount();
	if($count==1){return true;}
	else{return false;}
	}
	}


	//reseting password
	function resetPass($email)
	{
	include("config.php");
	$query = $db -> prepare("SELECT * FROM user WHERE email=:email LIMIT 1");
	$query -> execute(array(':email' => $email));
	$count = $query->rowCount();
	if($count==1)
	{
	$key=getrandomstring(10);
	$query = $db -> prepare("UPDATE user SET reset=:key WHERE email=:mail");
	$query -> execute(array(':key' => $key, ':mail' => $email));
	$count = $query->rowCount();
	if($count==1)
	{
	$massage="A Password reset request just recived.\nPlease follow this link: http://$siteUrl/reset.php?email=$email&reset=$key \n\n If It's not you dont do anything./n/nRegards,\nThe support team at $siteName\n";
	emailNow($email,$siteEmail,"Password Reset",$massage);
	return true;
	}
	else{return false;}
	}
	}

	//password reset
	function passReset($password,$reset,$email)
	{
	include("config.php");
	$query = $db -> prepare("SELECT * FROM user WHERE email=:email AND reset=:reset");
	$query -> execute(array(':email' => $email, ':reset' => $reset));
	$count = $query->rowCount();
	if($count==1)
	{
	$password=hashForMe($password);
	$query = $db -> prepare("UPDATE user SET reset='',password=:password WHERE email=:email");
	$query -> execute(array(':password' => $password, ':email' => $email));
	$count = $query -> rowCount();
	if($count==1){return true;}
	else{return false;}
	}
	}
	function getUserData($email)
	{
	include 'config.php';
	if(preg_match("/@/", $email))
	{
	$query = $db -> prepare("SELECT * FROM user WHERE email=:email LIMIT 1");
	$query -> execute(array(':email' => $email));
	}
	elseif(preg_match("/[0-9]{13}/", $email))
	{
	$query = $db -> prepare("SELECT * FROM user WHERE mobile=:email LIMIT 1");
	$query -> execute(array(':email' => $email));
	}
	else
	{
	$query = $db -> prepare("SELECT * FROM user WHERE id=:id LIMIT 1");
	$query -> execute(array(':id' => $email));
	}
	$data = $query -> fetch();
	return $data;
	}
	function getUserName($email)
	{
	include 'config.php';
	$query = $db -> prepare("SELECT * FROM user WHERE email=:email LIMIT 1");
	$query -> execute(array(':email' => $email));
	$data = $query -> fetch();
	return $data['name'];
	}


	function login($email,$password,$redirect,$remember)
	{
	include __DIR__."/config.php";
	$password1=$password;
	$password = hashForMe($password);
	$query = $db -> prepare("SELECT * FROM user WHERE email=:email AND password=:password LIMIT 1");
	$query -> execute(array(':email' => $email, ':password' => $password));
	$count = $query->rowCount();
	if($count==1)
	{
	$data = $query -> fetch();
	@session_start();
	// store session data
	$_SESSION['email'] = $email;
	$_SESSION['id'] = $data['id'];
	$_SESSION['mobile'] = $data['mobile'];
	$_SESSION['password'] = $password1;
	$_SESSION['name'] = getUserName($email);
	$_SESSION['start'] = time(); // taking now logged in time
	$p=15;
	if($remember=='yes'){$p=10000;}
	$_SESSION['expire'] = $_SESSION['start'] + ($p * 60) ; // ending a session in 30

	if(empty($redirect)){$redirect="index.php";}
	echo "<meta http-equiv=\"refresh\" content=\"1;url=$redirect\">";
	return true;

	}
	else
	{
	return false;
	}
	}

	function UserType($type)
	{
	include("config.php");
	$email = $_SESSION['email'];
	$password = $_SESSION['password'];
	$password=hashForMe($password);
	$query = $db -> prepare("SELECT * FROM user WHERE email=:email AND password=:password AND activation='' AND type=:type LIMIT 1");
	$query -> execute(array(':email' => $email, ':password' => $password, ':type' => $type));
	$count = $query->rowCount();
	if($count==1){return true;}
	else{return false;}
	}

	//protected page
	function protectedArea()
	{
	@session_start();
	$timeLeft = ($_SESSION['expire']-time())/60;
	$currentFile ="http://".$_SERVER["SERVER_NAME"].$_SERVER['REQUEST_URI'];
	$currentFile=base64_encode($currentFile);
	if(!isset($_SESSION['email']))
	{
	include 'config.php';
	header("Location: {$siteUrl}login.php?redirect={$currentFile}");
	exit();
	}
	else
	{

	if($timeLeft<0)
	{
	session_destroy();
	$currentFile ="http://".$_SERVER["SERVER_NAME"].$_SERVER['REQUEST_URI'];
	$currentFile=base64_encode($currentFile);
	include 'config.php';
	header("Location: {$siteUrl}login.php?redirect={$currentFile}");
	exit();
	}
	if($timeLeft<10) { $_SESSION['expire'] = $_SESSION['expire'] + (5 * 60) ; }

	}
	}



	?>
	CREATE TABLE IF NOT EXISTS `user` (
	`id` int(11) NOT NULL AUTO_INCREMENT,
	`name` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
	`password` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
	`email` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
	`activation` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
	`reset` varchar(50) COLLATE utf8_unicode_ci NOT NULL,
	`type` varchar(20) COLLATE utf8_unicode_ci NOT NULL,
	PRIMARY KEY (`id`)
	) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=0 ;