PHP 확인 로그인 클래스 사용

/*
 *   例子
 *
 *  $Auth=new Auth();
 *  $Auth->login("123@123.com","123");
 *  $Auth->logout();
 *  echo $r->init();     
 *
**/

<?php
/*
 *
 * @ID:      验证登陆类
 *
 * @class:   Auth.class.php
 *
 * @auther:  欣儿
 *
 * @time:    2015/03/12
 *
 * @web:     http://my.oschina.net/xinger
 *
**/
class Auth {
    //外部设置
    //cookie设置
    var $cookie_time;//         7200
    var $cookie_where;//        &#39;/&#39;
    var $cookie_domain;//       &#39;yourweb.com&#39;
    var $cookie_secure;//       1和0
    //数据库设置     
    var $select_uid;//          &#39;uid&#39;
    var $select_table;//        &#39;user&#39;
    var $select_usersname;//    &#39;email&#39;
    var $select_password;//     &#39;password&#39;
    //盐
    var $salt;//                "12332"
    var $guest_name;//          &#39;Guest&#39;
    //用户获取值
    var $user_id;
    var $username;
    var $ok;
    var $pre;//                 &#39;auth_&#39;
    var $depr;//                &#39;-&#39;
    //内部变量
    private $pre_username;
    private $pre_password;
    public function __construct($config=array()){
        $this->set($config);
        $this->pre_username=sha1(md5($this->pre.&#39;username&#39;));
        $this->pre_password=sha1(md5($this->pre.&#39;password&#39;));
    }
    public function set($config){
        $this->cookie_time       = isset($config[&#39;cookie_time&#39;])?$config[&#39;cookie_time&#39;]: 7200;
        $this->cookie_where      = isset($config[&#39;cookie_where&#39;])?$config[&#39;cookie_where&#39;]:&#39;/&#39;;
        $this->cookie_domain = isset($config[&#39;cookie_domain&#39;])?$config[&#39;cookie_domain&#39;]:&#39;&#39;;
        $this->cookie_secure = isset($config[&#39;cookie_secure&#39;])?$config[&#39;cookie_secure&#39;]:&#39;&#39;;
        $this->select_uid        = isset($config[&#39;select_uid&#39;])?$config[&#39;select_uid&#39;]:&#39;uid&#39;;
        $this->select_table      = isset($config[&#39;select_table&#39;])?$config[&#39;select_table&#39;]:&#39;table&#39;;
        $this->select_usersname  = isset($config[&#39;select_usersname&#39;])?$config[&#39;select_usersname&#39;]:&#39;user_name&#39;;
        $this->select_password   = isset($config[&#39;select_password&#39;])?$config[&#39;select_password&#39;]:&#39;password&#39;;
        $this->salt              = isset($config[&#39;salt&#39;])?$config[&#39;salt&#39;]:&#39;sghsdghsdg&#39;;//
        $this->guest_name        = isset($config[&#39;guest_name&#39;])?$config[&#39;guest_name&#39;]:&#39;Guest&#39;;//
        $this->pre               = isset($config[&#39;auth&#39;])?$config[&#39;auth&#39;]:&#39;auth_&#39;;
        $this->depr              = isset($config[&#39;depr&#39;])?$config[&#39;depr&#39;]:&#39;-&#39;;
    }
    //
    public function init(){ 
        $this->user_id       = 0;
        $this->username      = $this->guest_name;
        $this->ok            = false;
        if(!$this->check_session()){
            $this->check_cookie();
        }
        return $this->ok;
    }
    //验证SESSION
    private function check_session(){
        if(!empty($_SESSION[$this->pre_username])&&!empty($_SESSION[$this->pre_password])){
            return $this->check($_SESSION[$this->pre_username],$_SESSION[$this->pre_password]);
        } else {
            return false;
        }
    }
    //验证COOKIE
    private function check_cookie(){
        if(!empty($_COOKIE[$this->pre_username])&&!empty($_COOKIE[$this->pre_password])){
            return $this->check($_COOKIE[$this->pre_username],$_COOKIE[$this->pre_password]);
        } else {
            return false;
        }
    }
    //登陆
    public function login($username,$password){
        $sql    = "select ".$this->select_uid." from ".$this->select_table." where ".$this->select_usersname."=&#39;$username&#39; and ".$this->select_password."=&#39;$password&#39;";
        $result = mysql_query($sql);
        $rows   = mysql_num_rows($sql);
        if($rows==1){
            $this->user_id   = mysql_result($result,0,0);
            $this->username  = $username;
            $this->ok        = true;
            $username   = $username.$this->depr.$this->get_ip();
            $user_name  = $this->encrypt($username,&#39;E&#39;,$this->salt);
            $_SESSION[$this->pre_username]=$user_name;
            $_SESSION[$this->pre_password]=md5(md5($password,$this->salt));
            setcookie($this->pre_username,$user_name,time()+$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);
            setcookie($this->pre_password,md5(md5($password,$this->salt)),time()+$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);
            return true;
        }
        return false;
    }
    //验证
    private function check($username,$password){
        $user_name  = $this->encrypt($username,&#39;D&#39;,$this->salt);
        $name       = explode($this->depr, $user_name);
        $username   = $name[0];
        $ip         = isset($name[1]) ? $name[1] : NULL;
        if($ip !== $this->get_ip()) return false;
        static $vars = array();
        if(!empty($vars)&&is_array($vars)&&isset($vars[$username.$password])){
            $this->user_id   = $vars[&#39;user_id&#39;];
            $this->username  = $vars[&#39;username&#39;];
            $this->ok        = $vars[&#39;ok&#39;];
            return true;
        }
        $sql    = "select ".$this->select_uid.",".$this->select_password." from ".$this->select_table." where ".$this->select_usersname."=&#39;$username&#39;";
        $query  = mysql_query($sql);
        $result = mysql_fetch_array($query);
        $row    = mysql_num_rows($sql);
        if($row == 1){
            $db_password=$result[$this->select_password];
            if(md5(md5($db_password,$this->salt)) == $password){
                $this->user_id   = $vars[&#39;user_id&#39;]  = $result[$this->select_uid];
                $this->username  = $vars[&#39;username&#39;] = $username;
                $this->ok        = $vars[&#39;ok&#39;]       = true;
                $vars[$username.$password]          = md5($username.$password);
                return true;
            }
        }
        return false;
    }
    //退出
    public function logout(){
        $this->user_id       = 0;
        $this->username      = $this->guest_name;
        $this->ok            = false;
        $_SESSION[$this->pre_username]="";
        $_SESSION[$this->pre_password]="";
        setcookie($this->pre_username,"",time()-$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);
        setcookie($this->pre_password,"",time()-$this->cookie_time,$this->cookie_where,$this->cookie_domain,$this->cookie_secure);
    }   
    //加密 
    public function encrypt($string,$operation,$key=&#39;&#39;) {
        $key=md5($key);
        $key_length=strlen($key);
        $string=$operation==&#39;D&#39;?base64_decode($string):substr(md5($string.$key),0,8).$string;
        $string_length=strlen($string);
        $rndkey=$box=array();
        $result=&#39;&#39;;
        for($i=0;$i<=255;$i++)
        {
            $rndkey[$i]=ord($key[$i%$key_length]);
            $box[$i]=$i;
        }
        for($j=$i=0;$i<256;$i++)
        {
            $j=($j+$box[$i]+$rndkey[$i])%256;
            $tmp=$box[$i];
            $box[$i]=$box[$j];
            $box[$j]=$tmp;
        }
        for($a=$j=$i=0;$i<$string_length;$i++)
        {
            $a=($a+1)%256;
            $j=($j+$box[$a])%256;
            $tmp=$box[$a];
            $box[$a]=$box[$j];
            $box[$j]=$tmp;
            $result.=chr(ord($string[$i])^($box[($box[$a]+$box[$j])%256]));
        }
        if($operation==&#39;D&#39;)
        {
            if(substr($result,0,8)==substr(md5(substr($result,8).$key),0,8))
            {
                return substr($result,8);
            }
            else
            {
                return&#39;&#39;;
            }
        }
        else
        {
            return str_replace(&#39;=&#39;,&#39;&#39;,base64_encode($result));
        }
    }
    public function get_ip() {
        return $_SERVER[&#39;REMOTE_ADDR&#39;];
    }
}
?>