shopping-list/public_html/php/classes.user.php

120 lines
4.3 KiB
PHP
Raw Permalink Normal View History

2018-11-09 13:21:34 +01:00
<?php
Class user {
2019-05-19 18:37:00 +02:00
public $uid, $username, $email, $theme, $last_login;
private $salt;
function get_info($session_id) {
2018-11-09 13:21:34 +01:00
include $_SESSION["docroot"].'/php/connect.php';
2019-05-22 10:38:07 +02:00
$selectQuery = $mysqli->prepare("SELECT uid, username, email, theme, last_login, salt FROM `users` WHERE `uid` = (SELECT user FROM `sessions` WHERE `session_id` = ?);");
$selectQuery->bind_param("s", $session_id);
$selectQuery->execute();
$result = $selectQuery->get_result();
2018-11-09 13:21:34 +01:00
$user = $result->fetch_assoc();
$this->uid = $user["uid"];
$this->username = $user["username"];
$this->email = $user["email"];
2019-05-19 18:37:00 +02:00
$this->theme = $user["theme"];
2018-11-09 13:21:34 +01:00
$this->last_login = $user["last_login"];
$this->salt = $user["salt"];
$mysqli->close();
}
function change_password($current, $new){
include $_SESSION["docroot"].'/php/hash.php';
include $_SESSION["docroot"].'/php/connect.php';
$current_pwhash = hash_password($current, $this->salt);
2019-05-22 10:38:07 +02:00
$selectQuery = $mysqli->prepare("SELECT `uid` FROM `users` WHERE `uid` = ? AND `password` = ?;");
$selectQuery->bind_param("ss", $this->uid, $current_pwhash);
$selectQuery->execute();
$result = $selectQuery->get_result();
if($result->num_rows===1){
$new_pwdhash = hash_password($new, $this->salt);
2019-05-22 10:38:07 +02:00
$updateQuery = $mysqli->prepare("UPDATE `users` SET `password` = ? WHERE `users`.`uid` = ?;");
$updateQuery->bind_param("ss", $new_pwdhash, $this->uid);
$updateQuery->execute();
$mysqli->close();
print_r("0");
}
else{
print_r("1");
}
2018-11-09 13:21:34 +01:00
}
2018-11-09 15:58:00 +01:00
function change_mail($mailaddress){
include $_SESSION["docroot"].'/php/connect.php';
$this->mail = $mailaddress;
2019-05-22 10:38:07 +02:00
$updateQuery = $mysqli->prepare("UPDATE `users` SET `email` = ? WHERE `users`.`uid` = ?;");
$updateQuery->bind_param("ss", $mailaddress, $this->uid);
$updateQuery->execute();
$mysqli->close();
}
function change_username($newname){
include $_SESSION["docroot"].'/php/connect.php';
$this->username = $newname;
2019-05-22 10:38:07 +02:00
$selectQuery = $mysqli->prepare("SELECT * FROM `users` WHERE `username` = ?;");
$selectQuery->bind_param("s", $this->username);
$selectQuery->execute();
$result = $selectQuery->get_result();
if($result->num_rows==0){
2019-05-22 10:38:07 +02:00
$updateQuery = $mysqli->prepare("UPDATE `users` SET `username` = ? WHERE `users`.`uid` = ?;");
$updateQuery->bind_param("ss", $newname, $this->uid);
$updateQuery->execute();
print_r("0");
}
else{
print_r("1");
}
$mysqli->close();
}
2019-05-19 18:37:00 +02:00
function change_theme($theme){
include $_SESSION["docroot"].'/php/connect.php';
2019-05-22 10:38:07 +02:00
$updateQuery = $mysqli->prepare("UPDATE `users` SET `theme` = ? WHERE `users`.`uid` = ?;");
$updateQuery->bind_param("ss", $theme, $this->uid);
$updateQuery->execute();
2019-05-19 18:37:00 +02:00
if($result){
print_r("0");
}
else{
print_r("1");
}
}
2018-11-09 15:58:00 +01:00
function new($uname, $password){
include $_SESSION["docroot"].'/php/connect.php';
include $_SESSION["docroot"].'/php/hash.php';
2022-02-03 21:35:18 +01:00
2019-05-22 10:38:07 +02:00
$selectQuery = $mysqli->prepare("SELECT `uid` FROM `users` WHERE `username` = ?;");
$selectQuery->bind_param("s", $uname);
$selectQuery->execute();
$result = $selectQuery->get_result();
2018-11-09 15:58:00 +01:00
if($result->num_rows==0){
$salt = create_salt();
$passhash = hash_password($password, $salt);
2019-05-22 10:38:07 +02:00
$insertQuery = $mysqli->prepare("INSERT INTO `users` (`username`, `password`, `salt`, `last_login`) VALUES (?, ?, ?, CURRENT_TIMESTAMP);");
$insertQuery->bind_param("sss", $uname, $passhash, $salt);
$insertQuery->execute();
$result = $insertQuery->get_result();
2018-11-09 15:58:00 +01:00
unset($salt);
unset($password);
2022-02-03 21:35:18 +01:00
$selectQuery = $mysqli->prepare("SELECT count(*) AS \"count\" FROM `users`;");
$selectQuery->execute();
$result = $selectQuery->get_result();
if($result["count"] === 1){
$CONFIG["first_launch"] = false;
file_put_contents(
$_SESSION["docroot"].'/config/config.php',
'<?php '."\r\n".'$CONFIG = '.var_export($CONFIG, true).";\n\r?>"
);
}
2018-11-09 15:58:00 +01:00
print_r(0);
}
else{print_r(1);}
$mysqli->close();
}
2018-11-09 13:21:34 +01:00
}
?>