2018-11-09 13:21:34 +01:00
< ? php
Class user {
2019-05-19 18:37:00 +02:00
public $uid , $username , $email , $theme , $last_login ;
2018-11-09 15:16:36 +01:00
private $salt ;
function get_info ( $session_id ) {
2018-11-09 13:21:34 +01:00
include $_SESSION [ " docroot " ] . '/php/connect.php' ;
2019-05-22 10:38:07 +02:00
$selectQuery = $mysqli -> prepare ( " SELECT uid, username, email, theme, last_login, salt FROM `users` WHERE `uid` = (SELECT user FROM `sessions` WHERE `session_id` = ?); " );
$selectQuery -> bind_param ( " s " , $session_id );
$selectQuery -> execute ();
$result = $selectQuery -> get_result ();
2018-11-09 13:21:34 +01:00
$user = $result -> fetch_assoc ();
$this -> uid = $user [ " uid " ];
$this -> username = $user [ " username " ];
$this -> email = $user [ " email " ];
2019-05-19 18:37:00 +02:00
$this -> theme = $user [ " theme " ];
2018-11-09 13:21:34 +01:00
$this -> last_login = $user [ " last_login " ];
2018-11-09 15:16:36 +01:00
$this -> salt = $user [ " salt " ];
$mysqli -> close ();
}
function change_password ( $current , $new ){
include $_SESSION [ " docroot " ] . '/php/hash.php' ;
include $_SESSION [ " docroot " ] . '/php/connect.php' ;
$current_pwhash = hash_password ( $current , $this -> salt );
2019-05-22 10:38:07 +02:00
$selectQuery = $mysqli -> prepare ( " SELECT `uid` FROM `users` WHERE `uid` = ? AND `password` = ?; " );
$selectQuery -> bind_param ( " ss " , $this -> uid , $current_pwhash );
$selectQuery -> execute ();
$result = $selectQuery -> get_result ();
2018-11-09 15:16:36 +01:00
if ( $result -> num_rows === 1 ){
$new_pwdhash = hash_password ( $new , $this -> salt );
2019-05-22 10:38:07 +02:00
$updateQuery = $mysqli -> prepare ( " UPDATE `users` SET `password` = ? WHERE `users`.`uid` = ?; " );
$updateQuery -> bind_param ( " ss " , $new_pwdhash , $this -> uid );
$updateQuery -> execute ();
2018-11-09 15:16:36 +01:00
$mysqli -> close ();
print_r ( " 0 " );
}
else {
print_r ( " 1 " );
}
2018-11-09 13:21:34 +01:00
}
2018-11-09 15:58:00 +01:00
2019-05-21 10:28:07 +02:00
function change_mail ( $mailaddress ){
include $_SESSION [ " docroot " ] . '/php/connect.php' ;
$this -> mail = $mailaddress ;
2019-05-22 10:38:07 +02:00
$updateQuery = $mysqli -> prepare ( " UPDATE `users` SET `email` = ? WHERE `users`.`uid` = ?; " );
$updateQuery -> bind_param ( " ss " , $mailaddress , $this -> uid );
$updateQuery -> execute ();
2019-05-21 10:28:07 +02:00
$mysqli -> close ();
}
function change_username ( $newname ){
include $_SESSION [ " docroot " ] . '/php/connect.php' ;
$this -> username = $newname ;
2019-05-22 10:38:07 +02:00
$selectQuery = $mysqli -> prepare ( " SELECT * FROM `users` WHERE `username` = ?; " );
$selectQuery -> bind_param ( " s " , $this -> username );
$selectQuery -> execute ();
$result = $selectQuery -> get_result ();
2019-05-21 10:28:07 +02:00
if ( $result -> num_rows == 0 ){
2019-05-22 10:38:07 +02:00
$updateQuery = $mysqli -> prepare ( " UPDATE `users` SET `username` = ? WHERE `users`.`uid` = ?; " );
$updateQuery -> bind_param ( " ss " , $newname , $this -> uid );
$updateQuery -> execute ();
2019-05-21 10:28:07 +02:00
print_r ( " 0 " );
}
else {
print_r ( " 1 " );
}
$mysqli -> close ();
}
2019-05-19 18:37:00 +02:00
function change_theme ( $theme ){
include $_SESSION [ " docroot " ] . '/php/connect.php' ;
2019-05-22 10:38:07 +02:00
$updateQuery = $mysqli -> prepare ( " UPDATE `users` SET `theme` = ? WHERE `users`.`uid` = ?; " );
$updateQuery -> bind_param ( " ss " , $theme , $this -> uid );
$updateQuery -> execute ();
2019-05-19 18:37:00 +02:00
if ( $result ){
print_r ( " 0 " );
}
else {
print_r ( " 1 " );
}
}
2018-11-09 15:58:00 +01:00
function new ( $uname , $password ){
include $_SESSION [ " docroot " ] . '/php/connect.php' ;
include $_SESSION [ " docroot " ] . '/php/hash.php' ;
2022-02-03 21:35:18 +01:00
2019-05-22 10:38:07 +02:00
$selectQuery = $mysqli -> prepare ( " SELECT `uid` FROM `users` WHERE `username` = ?; " );
$selectQuery -> bind_param ( " s " , $uname );
$selectQuery -> execute ();
$result = $selectQuery -> get_result ();
2018-11-09 15:58:00 +01:00
if ( $result -> num_rows == 0 ){
$salt = create_salt ();
$passhash = hash_password ( $password , $salt );
2019-05-22 10:38:07 +02:00
$insertQuery = $mysqli -> prepare ( " INSERT INTO `users` (`username`, `password`, `salt`, `last_login`) VALUES (?, ?, ?, CURRENT_TIMESTAMP); " );
$insertQuery -> bind_param ( " sss " , $uname , $passhash , $salt );
$insertQuery -> execute ();
$result = $insertQuery -> get_result ();
2018-11-09 15:58:00 +01:00
unset ( $salt );
unset ( $password );
2022-02-03 21:35:18 +01:00
$selectQuery = $mysqli -> prepare ( " SELECT count(*) AS \" count \" FROM `users`; " );
$selectQuery -> execute ();
$result = $selectQuery -> get_result ();
if ( $result [ " count " ] === 1 ){
$CONFIG [ " first_launch " ] = false ;
file_put_contents (
$_SESSION [ " docroot " ] . '/config/config.php' ,
'<?php ' . " \r \n " . '$CONFIG = ' . var_export ( $CONFIG , true ) . " ; \n \r ?> "
);
}
2018-11-09 15:58:00 +01:00
print_r ( 0 );
}
else { print_r ( 1 );}
$mysqli -> close ();
}
2018-11-09 13:21:34 +01:00
}
?>