PHP 用户登录实例
<?phpclass User{ private $uid; private $fields; public function _construct() { $this->uid = null; $this->fields = array('username' => '', 'password' => '', 'emailAddr' => '', 'isActive' => false); } public function _get($field) { if ($field == 'userId') { return $this->uid; } else { return $this->fields[$field]; } } public function _set($field, $value) { if (array_key_exists($field, $this->fields)) { $this->fields[$field] = $value; } } public static function validateUserName($username) { return preg_match('/^[A-Z0-9]{2,20}$/i', $username); } public static function validateEmailAddr($email) { return filter_var($email, FILTER_VALIDATE_EMAIL); } public static function getById($user_id) { $user = new User(); $query = sprintf('select username,password,email_addr,is_active' . 'from %sUser where User_ID =%d', DB_TEL_PERFIX, $user_id); $result = mysql_query($query, $GLOBALS['DB']); if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $user->username = $row['USERNAME']; $user->password = $row['PASSWORD']; $user->emailAddr = $row['EMAIL_ADDR']; $user->isactive = $row['IS_ACTIVE']; $user->uid = $user_id; } mysql_free_result($result); return $user; } public static function getByUsername($username) { $user = new User(); $query = sprintf('select user_id,password,email_addr,is_active' . 'from %sUser where username = "$s"', DB_TEL_PERFIX, mysql_real_escape_string($username, $GLOBALS['DB'])); $result = mysql_query($query, $GLOBALS['DB']); if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $user->username = $row['USERNAME']; $user->password = $row['PASSWORD']; $user->emailAddr = $row['EMAIL_ADDR']; $user->isactive = $row['IS_ACTIVE']; $user->uid = $user_id; } mysql_free_result($result); return $user; } public function save() { if ($this->uid) { $query = sprintf('update %sUser set username="%s",password="%s",email_addr="%s",is_active=%d' . 'where user_id = %d', DB_TEL_PERFIX, mysql_real_escape_string($this->username, $GLOBALS['DB']), mysql_real_escape_string($this->password, $GLOBALS['DB']), mysql_real_escape_string($this->emailaddr, $GLOBALS['DB']), $this->isActive, $this-> userId); return mysql_query($query, $GLOBALS['DB']); } else { $query = sprintf('insert into %sUser (username,password,email_addr,is_active) values ("%s","%s","%s","%d")', DB_TEL_PERFIX, mysql_real_escape_string($this->username, $GLOBALS['DB']), mysql_real_escape_string($this->password, $GLOBALS['DB']), mysql_real_escape_string($this->emailaddr, $GLOBALS['DB']), $this->isActive); if (mysql_query($query, $GLOBALS['DB'])) { $this->uid = mysql_insert_id($GLOBALS['DB']); return true; } else { return false; } } } public function setInactive() { $this->isActive = false; $this->save(); $token = random_text(5); $query = sprintf('insert into %sPending (user_id,token) values (%d,"%s")', DB_TEL_PERFIX, $this - uid, $token); return (mysql_query($query, $GLOBALS['DB'])) ? $token : false; } public function setActive($token) { $query = sprintf('select token from %sPending where user_id = %d'. 'And token ="%s"',DB_TEL_PERFIX,$this-uid, mysql_real_escape_string($token,$GLOBALS['DB'])); $result = mysql_query($query,$GLOBALS['DB']); if(!mysql_num_rows($result)) { mysql_free_result($result); return false; } else { mysql_free_result($result); } }}?>?