db_host = _host; $this->db_user = _db_user; $this->db_pass = _db_pass; $this->db_name = _db_name; } //ฟังก์ชั่นติดต่อฐานข้อมูล function J_ConnectDB() { $this->db_connect = @mysql_connect($this->db_host,$this->db_user,$this->db_pass,true) or die(mysql_error()); } //ฟังก์ชั่นเลือกฐานข้อมูล function J_SelectDB() { @mysql_select_db($this->db_name) or die(mysql_error()); } //ฟังก์ชั่นที่ทำให้ MySQL แสดงอักขระเป็น tis620 function set_char_tis620() { $cs1 = "SET character_set_results=tis620"; $cs2 = "SET character_set_client = tis620"; $cs3 = "SET character_set_connection = tis620"; @mysql_query($cs1) or die('Error query: ' . mysql_error()); @mysql_query($cs2) or die('Error query: ' . mysql_error()); @mysql_query($cs3) or die('Error query: ' . mysql_error()); } //ฟังก์ชั่นที่ทำให้ MySQL แสดงอักขระเป็น utf8 function set_char_utf8() { $cs1 = "SET character_set_results=utf8"; $cs2 = "SET character_set_client = utf8"; $cs3 = "SET character_set_connection = utf8"; @mysql_query($cs1) or die('Error query: ' . mysql_error()); @mysql_query($cs2) or die('Error query: ' . mysql_error()); @mysql_query($cs3) or die('Error query: ' . mysql_error()); } //ฟังก์ชั่นเรียกดูข้อมูลในฐานข้อมูล คืนค่าเป็น อะเรย์ function J_Select($fieldNames,$tableName) { $sql = "SELECT ".$fieldNames." FROM ".$tableName; $rs = @mysql_query($sql) or die(mysql_error()); while($row = @mysql_fetch_array($rs)) { $array[] = $row; } return $array; } //ฟังก์ชั่นทำคำสั่ง sql โดยไม่มีการแสดงผลเช่น INSERT, DELETE, UPDATE function J_Max($f,$tbl) { $sql = "SELECT MAX(".$f.") FROM ".$tbl; @$rs = mysql_query($sql); @$re_rs = mysql_result($rs,0,0); if($re_rs > 0) $max = $re_rs + 1; else $max = 1; return $max; } //ฟังก์ชั่นเพิ่มข้อมูลลงในฐานข้อมูล function J_Insert($fieldsAndValues,$tableName) { $sql = "INSERT INTO ".$tableName; $f = "("; $val = " VALUES("; for($i < 0 ; $i < count($fieldsAndValues);$i++) { $f .= key($fieldsAndValues); if($i != (count($fieldsAndValues)-1)) $f .= ","; $val .= "'".$fieldsAndValues[key($fieldsAndValues)]."'"; if($i != (count($fieldsAndValues) - 1)) $val .= ","; next($fieldsAndValues); } $f .= ")"; $val .= ")"; $sql .= $f.$val; return @mysql_query($sql) or die(mysql_error()); } //ฟังก็ชั่นปรับปรุงข้อมูลในฐานข้อมูล function J_Update($fieldsAndValues,$key,$tableName) { $sql = "UPDATE ".$tableName." SET "; $w = ""; for($i < 0 ; $i < count($fieldsAndValues);$i++) { $sql .= key($fieldsAndValues)." = '".$fieldsAndValues[key($fieldsAndValues)]."'"; if($i != (count($fieldsAndValues)-1)) $sql .= ", "; if($i == $key[$i]) { $w .= key($fieldsAndValues)." = '".$fieldsAndValues[key($fieldsAndValues)]."'"; if($i != (count($key)-1)) $w .= " AND "; } next($fieldsAndValues); } $sql .= " WHERE ".$w; return @mysql_query($sql) or die(mysql_error()); } //ฟังก์ชั่นทำคำสั่ง sql โดยไม่มีการแสดงผลเช่น INSERT, DELETE, UPDATE function J_ExecuteNonQuery($sql) { @mysql_query($sql) or die(mysql_error()); } //ฟังก์ชั่นทำคำสั่ง sql คืนค่าเป็น อะเรย์ function J_Execute($sql) { $rs = @mysql_query($sql) or die(mysql_error()); while($row = @mysql_fetch_array($rs)) { $array[] = $row; } return $array; } function J_Execute2($sql) { $rs = @mysql_query($sql) or die(mysql_error()); return $rs; } function J_NumRows(){ $rs = mysql_num_rows($rs); return $rs; } //ฟังก์ชั่นปิดการเชื่อมต่อฐานข้อมูล function J_Close() { @mysql_close($this->db_connect); } } ?>J_SQL(); $this->J_ConnectDB(); $this->J_SelectDB(); $this->set_char_utf8(); } function authen(){ $session_id = session_id(); $fieldName = "*"; $tableName = "tbl_members where user_name = '".mysql_real_escape_string($this->user_name)."' AND user_pass = '".mysql_real_escape_string($this->user_pass)."'"; $result = $this->J_Select($fieldName,$tableName); if(count($result) > 0){ foreach($result as $read){ $_SESSION["_userid"] = $read["id"]; $_SESSION["_role"] = $read["role"]; $_SESSION["_user_name"] = $read["user_name"]; $_SESSION["_user_img"] = $read["user_image"]; $_SESSION["_user_session"] = $session_id.''.$this->sj_rand().''.$this->sj_rand(); } $ins["user_id"] = $_SESSION["_userid"]; $ins["user_session"] = $_SESSION["_user_session"]; $t = strtotime("+20 Minutes"); $t = date('Y-m-d H:i:s',$t); $ins["mktime"] = $t; $this->J_Insert($ins,"tbl_user_log"); $this->user_session = $_SESSION["_user_session"]; $this->user_id = $_SESSION["_userid"]; $r = true; }else{ // ลบ session $this->clear_session(); $r = false; } return $r; } function check_session(){ if($_SESSION["_user_session"] != null && $_SESSION["_userid"] != null){ $fieldName = "*"; $tableName = "tbl_user_log where user_session = '".mysql_real_escape_string($_SESSION["_user_session"])."' and user_id = ".mysql_real_escape_string($_SESSION["_userid"])." and mktime > '".date('Y-m-d H:i:s')."'"; $result = $this->J_Select($fieldName,$tableName); if(count($result) > 0){ foreach($result as $read){ $t = strtotime("+20 Minutes"); $t = date('Y-m-d H:i:s',$t); $sql = "update tbl_user_log set mktime = '".$t."' where id =".$read["id"]; $this->J_ExecuteNonQuery($sql); } $r = true; }else{ $this->clear_session(); $r = false; } }else{ $r = false; } // ลบ session ที่มีเวลาน้อยกว่าเวลาปัจจุบันออก $sql = "delete from tbl_user_log where mktime < '".date('Y-m-d H:i:s')."' "; $this->J_ExecuteNonQuery($sql); return $r; } function sj_rand(){ return substr(str_shuffle(str_repeat('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789',6)),0,6); } function clear_session(){ if($_SESSION["_userid"] != null){ // ลบ session เมื่อ Logout $sql = "delete from tbl_user_log where user_id = ".mysql_real_escape_string($_SESSION["_userid"]); $this->J_ExecuteNonQuery($sql); } $_SESSION["_userid"] = null; $_SESSION["_user_img"] = null; $_SESSION["_role"] = null; $_SESSION["_user_name"] = null; $_SESSION["_user_session"] = null; $_SESSION["_chk_login"] = null; } } ?>