<?php
Class Auth{
    private $mysql_db;
    private $mysql_user;
    private $mysql_pass;
    private $mysql_server;
    private $mysql_port;
 
    private $table_name;
    private $table_nickCol;
    private $table_passCol;
    private $table_loginAttemps;
 
    private $db_connection;
    private $query;
 
    private $userName;
    private $userPass;
 
    public function setDb( $server, $user, $pass, $db, $port = 3306 ){
        $this -> mysql_db       = $db;
        $this -> mysql_user     = $user;
        $this -> mysql_pass     = $pass;
        $this -> mysql_server   = $server;
        $this -> mysql_port     = $port;
    }
 
    public function setTable( $name, $nickCol, $passCol, $loginAttemps ){
        $this -> table_name         = $name;
        $this -> table_nickCol      = $nickCol;
        $this -> table_passCol      = $passCol;
        $this -> table_loginAttemps = $loginAttemps;
 
    }
 
    public function dbConnect(){
        if( !$this -> checkServer($this -> mysql_server) ){
            throw new Exception( 'Server is DOWN.' );
        }
 
        if( !($this ->db_connection = @mysql_connect($this -> mysql_server . ':' . $this -> mysql_port, $this -> mysql_user, $this -> mysql_pass)) ){
            throw new Exception( 'Can\'t connect to MySql Server. <br /><b>' . mysql_error() . '</b>' );            
        }
 
        if( !@mysql_selectdb( $this ->mysql_db, $this -> db_connection ) ){
            throw new Exception( 'Can\'t connect to data base.<br /><b>' . mysql_error() . '<br />' );
        }
    }
 
    public function logIn( $userName, $userPass ){
        if( !$this -> existTable( $this -> table_name )){
            throw new Exception( 'MySql error.<br /><b>Table <i>' . $this -> table_name . '</i> couldn\'t be found in data base</b>' );
        }
 
        if( !$this -> existField($this -> table_nickCol) || !$this -> existField($this -> table_passCol) ){
            throw new Exception( 'MySql error.<br /><b>Couldn\'t find the necessary fields in table <i>' . $this -> table_name . '</i></b>' );   
        }
 
        $this -> userName = $userName;
        $this -> userPass = $userPass;
 
        if( !$this -> confirmUser() ){
            throw new Exception( 'Can\'t do <b>Login</b>.<br />Username o password incorrect.' );
        }
 
        if( !$this -> confirmLogin() ){
            $this -> increaseAttempts();
            throw new Exception( 'Can\'t do <b>Login</b>.<br />Username o password incorrect.' );
        }
    }
 
    private function confirmUser(){
        $sql = sprintf('SELECT ' . $this -> table_nickCol . 
                       ' FROM '  . $this -> table_name . 
                       ' WHERE LOWER(' . $this -> table_nickCol . ') = \'%s\' LIMIT 1;',
                        strtolower($this -> stringEscape($this -> userName)) );
 
        $query = mysql_query( $sql, $this -> db_connection );
        $confirm = ( mysql_num_rows($query) > 0 )? true : false;
        mysql_free_result( $query );
        return( $confirm );
    }
 
    private function increaseAttempts(){
        $sql = sprintf('UPDATE ' . $this -> table_name .
                       ' SET ' . $this -> table_loginAttemps . ' = ' . $this -> table_loginAttemps . ' + 1
                         WHERE LOWER(' . $this -> table_nickCol . ') = \'%s\';',
                       strtolower($this -> stringEscape($this -> userName)) );
 
        mysql_query( $sql, $this -> db_connection );
    }
 
    private function confirmLogin(){
        $sql = sprintf( 'SELECT * FROM ' . $this -> table_name .
                        ' WHERE LOWER(' .$this -> table_nickCol . ') = \'%s\'
                          AND ' . $this -> table_passCol . ' = md5(\'%s\') LIMIT 1;',
                        strtolower($this -> stringEscape($this -> userName)),
                        $this -> stringEscape($this -> userPass) );
 
        $query = mysql_query( $sql, $this -> db_connection );
        $confirm= ( mysql_num_rows($query) > 0 )? true : false;
        if( $confirm ) $this -> makeSessions( mysql_fetch_assoc($query) );
        mysql_free_result( $query );
        return( $confirm );
    }
 
    private function makeSessions( $data ){
        print $data['userNick'];
    }
 
    private function stringEscape( $string ){
        if( get_magic_quotes_gpc() ){
            $string = stripslashes( $string );
        }
        $string = mysql_real_escape_string($string, $this -> db_connection);
        return( $string );       
    }
 
    private function checkServer( $server ){        
        $file      = @fsockopen($server, $this -> mysql_port, $errno, $errstr, 10 );
        $status    = false;
        if( $file ){
            fclose($file);
            $status = true;
        }
        return $status;
    }
 
    private function existTable( $table ){
        $exist = false;
        $querry = mysql_query( 'SHOW tables FROM ' . $this -> mysql_db . ' LIKE ' . '\'' . $table . '\'', $this -> db_connection );
        if( mysql_num_rows($querry) == 1 ){
            $exist = true;
        }
        return( $exist );
    }
 
    private function existField( $field ){
        $exist = false;
        $query = mysql_query( 'SHOW COLUMNS FROM ' .$this -> table_name . ' LIKE ' . '\'' . $field . '\'', $this -> db_connection );
        if( mysql_num_rows($query) == 1 ){
            $exist = true;
        }
        return( $exist );
    }
 
    public function closeDb(){
        $ok = true;
        if( !@mysql_close( $this -> db_connection ) ){
            $ok = false;
        }
        return( $ok );
    }
}
 
$login = new Auth();
$login -> setDb( '127.0.0.1', 'root', '', 'web');
$login -> setTable( 'users', 'userNick', 'userPass', 'loginAttemps' );
try{
    $login -> dbConnect();
    $login -> logIn( 'test', 'test' );
    $login -> closeDb();
 
}catch( Exception $e ){
    print $e -> getMessage();
}
?>