PHP 验证登陆类

<?php  /* * * @ID:      验证登陆类 * * @class:   Auth.class.php * * @auther:  欣儿 * * @time:    2015/03/12 * * @web:     http://my.oschina.net/xinger ***/  class Auth {    //外部设置    //cookie设置    var $cookie_time;//         7200    var $cookie_where;//        '/'    var $cookie_domain;//       'yourweb.com'    var $cookie_secure;//       1和0    //数据库设置         var $select_uid;//          'uid'    var $select_table;//        'user'    var $select_usersname;//    'email'    var $select_password;//     'password'    //盐    var $salt;//                "12332"    var $guest_name;//          'Guest'    //用户获取值    var $user_id;    var $username;    var $ok;    var $pre;//                 'auth_'    var $depr;//                '-'         //内部变量    private $pre_username;    private $pre_password;         public function __construct($config=array()){        $this->set($config);         $this->pre_username=sha1(md5($this->pre.'username'));        $this->pre_password=sha1(md5($this->pre.'password'));    }         public function set($config){        $this->cookie_time       = isset($config['cookie_time'])?$config['cookie_time']: 7200;        $this->cookie_where      = isset($config['cookie_where'])?$config['cookie_where']:'/';        $this->cookie_domain = isset($config['cookie_domain'])?$config['cookie_domain']:'';        $this->cookie_secure = isset($config['cookie_secure'])?$config['cookie_secure']:'';                 $this->select_uid        = isset($config['select_uid'])?$config['select_uid']:'uid';        $this->select_table      = isset($config['select_table'])?$config['select_table']:'table';        $this->select_usersname  = isset($config['select_usersname'])?$config['select_usersname']:'user_name';        $this->select_password   = isset($config['select_password'])?$config['select_password']:'password';                 $this->salt              = isset($config['salt'])?$config['salt']:'sghsdghsdg';//        $this->guest_name        = isset($config['guest_name'])?$config['guest_name']:'Guest';//                 $this->pre               = isset($config['auth'])?$config['auth']:'auth_';        $this->depr              = isset($config['depr'])?$config['depr']:'-';    }    //    public function init(){         $this->user_id       = 0;        $this->username      = $this->guest_name;        $this->ok            = false;                 if(!$this->check_session()){            $this->check_cookie();        }         return $this->ok;    }    //验证SESSION    private function check_session(){        if(!empty($_SESSION[$this->pre_username])&&!empty($_SESSION[$this->pre_password])){            return $this->check($_SESSION[$this->pre_username],$_SESSION[$this->pre_password]);        } else {            return false;        }    }    //验证COOKIE    private function check_cookie(){        if(!empty($_COOKIE[$this->pre_username])&&!empty($_COOKIE[$this->pre_password])){            return $this->check($_COOKIE[$this->pre_username],$_COOKIE[$this->pre_password]);        } else {            return false;        }    }    //登陆    public function login($username,$password){        $sql    = "select ".$this->select_uid." from ".$this->select_table." where ".$this->select_usersname."='$username' and ".$this->select_password."='$password'";        $result = mysql_query($sql);        $rows   = mysql_num_rows($result);                 if($rows==1){            $this->user_id   = mysql_result($result,0,0);            $this->username  = $username;            $this->ok        = true;                         $username   = $username.$this->depr.$this->get_ip();            $user_name  = $this->encrypt($username,'E',$this->salt);                             $_SESSION[$this->pre_username]=$user_name;            $_SESSION[$this->pre_password]=md5(md5($password,$this->salt));            setcookie($this->pre_username,$user_name,time()+$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);            setcookie($this->pre_password,md5(md5($password,$this->salt)),time()+$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);                         return true;        }        return false;    }    //验证    private function check($username,$password){        $user_name  = $this->encrypt($username,'D',$this->salt);        $name       = explode($this->depr, $user_name);        $username   = $name[0];        $ip         = isset($name[1]) ? $name[1] : NULL;        if($ip !== $this->get_ip()) return false;                 static $vars = array();        if(!empty($vars)&&is_array($vars)&&isset($vars[$username.$password])){            $this->user_id   = $vars['user_id'];            $this->username  = $vars['username'];            $this->ok        = $vars['ok'];            return true;        }                 $sql    = "select ".$this->select_uid.",".$this->select_password." from ".$this->select_table." where ".$this->select_usersname."='$username'";        $query  = mysql_query($sql);        $result = mysql_fetch_array($query);        $row    = mysql_num_rows($query);                     if($row == 1){            $db_password=$result[$this->select_password];            if(md5(md5($db_password,$this->salt)) == $password){                $this->user_id   = $vars['user_id']  = $result[$this->select_uid];                $this->username  = $vars['username'] = $username;                $this->ok        = $vars['ok']       = true;                $vars[$username.$password]          = md5($username.$password);                return true;            }        }        return false;    }    //退出    public function logout(){        $this->user_id       = 0;        $this->username      = $this->guest_name;        $this->ok            = false;                     $_SESSION[$this->pre_username]="";        $_SESSION[$this->pre_password]="";        setcookie($this->pre_username,"",time()-$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);        setcookie($this->pre_password,"",time()-$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);    }            //加密     public function encrypt($string,$operation,$key='') {        $key=md5($key);        $key_length=strlen($key);        $string=$operation=='D'?base64_decode($string):substr(md5($string.$key),0,8).$string;        $string_length=strlen($string);        $rndkey=$box=array();        $result='';        for($i=0;$i<=255;$i++)        {            $rndkey[$i]=ord($key[$i%$key_length]);            $box[$i]=$i;        }        for($j=$i=0;$i<256;$i++)        {            $j=($j+$box[$i]+$rndkey[$i])%256;            $tmp=$box[$i];            $box[$i]=$box[$j];            $box[$j]=$tmp;        }        for($a=$j=$i=0;$i<$string_length;$i++)        {            $a=($a+1)%256;            $j=($j+$box[$a])%256;            $tmp=$box[$a];            $box[$a]=$box[$j];            $box[$j]=$tmp;            $result.=chr(ord($string[$i])^($box[($box[$a]+$box[$j])%256]));        }        if($operation=='D')        {            if(substr($result,0,8)==substr(md5(substr($result,8).$key),0,8))            {                return substr($result,8);            }            else            {                return'';            }        }        else        {            return str_replace('=','',base64_encode($result));        }    }         public function get_ip() {        return $_SERVER['REMOTE_ADDR'];    }}?>