shopping-list/php/classes.user.php

<?php
  Class user {
    public $uid, $username, $email, $last_login;
    private $salt;

    function get_info($session_id) {
      include $_SESSION["docroot"].'/php/connect.php';
      $query = "SELECT uid, username, email, last_login, salt FROM `users` WHERE `uid` = (SELECT user FROM `sessions` WHERE `session_id` = \"$session_id\")";
      $result = $mysqli->query($query);
      $user = $result->fetch_assoc();
      $this->uid = $user["uid"];
      $this->username = $user["username"];
      $this->email = $user["email"];
      $this->last_login = $user["last_login"];
      $this->salt = $user["salt"];
      $mysqli->close();
    }

    function change_password($current, $new){
      include $_SESSION["docroot"].'/php/hash.php';
      include $_SESSION["docroot"].'/php/connect.php';
      $current_pwhash = hash_password($current, $this->salt);
      $query = "SELECT `uid` FROM `users` WHERE `uid` = $this->uid AND `password` = '$current_pwhash'";
      $result = $mysqli->query($query);
      if($result->num_rows===1){
        $new_pwdhash = hash_password($new, $this->salt);
        $mysqli->query("UPDATE `users` SET `password` = '$new_pwdhash' WHERE `users`.`uid` = $this->uid;");
        $mysqli->close();
        print_r("0");
      }
      else{
        print_r("1");
      }
    }

    function new($uname, $password){
      session_start();
      include $_SESSION["docroot"].'/php/connect.php';
      include $_SESSION["docroot"].'/php/hash.php';

      $query = "SELECT `uid` FROM `users` WHERE `username` = '$uname'";
      $result = $mysqli->query($query);
      if($result->num_rows==0){
        $salt = create_salt();
        $passhash = hash_password($password, $salt);
        $query = "INSERT INTO `users` (`username`, `password`, `salt`, `last_login`) VALUES ('$uname', '$passhash', '$salt', CURRENT_TIMESTAMP);";
        $result = $mysqli->query($query);
        unset($salt);
        unset($password);
        print_r(0);
      }
      else{print_r(1);}
      $mysqli->close();
    }
  }
?>
implemented user class 2018-11-09 13:21:34 +01:00			`<?php`
			`Class user {`
			`public $uid, $username, $email, $last_login;`
Added Password Change and implemented user change in php class 2018-11-09 15:16:36 +01:00			`private $salt;`

			`function get_info($session_id) {`
implemented user class 2018-11-09 13:21:34 +01:00			`include $_SESSION["docroot"].'/php/connect.php';`
Added Password Change and implemented user change in php class 2018-11-09 15:16:36 +01:00			$query = "SELECT uid, username, email, last_login, salt FROM `users` WHERE `uid` = (SELECT user FROM `sessions` WHERE `session_id` = \"$session_id\")";
implemented user class 2018-11-09 13:21:34 +01:00			`$result = $mysqli->query($query);`
			`$user = $result->fetch_assoc();`
			`$this->uid = $user["uid"];`
			`$this->username = $user["username"];`
			`$this->email = $user["email"];`
			`$this->last_login = $user["last_login"];`
Added Password Change and implemented user change in php class 2018-11-09 15:16:36 +01:00			`$this->salt = $user["salt"];`
			`$mysqli->close();`
			`}`

			`function change_password($current, $new){`
			`include $_SESSION["docroot"].'/php/hash.php';`
			`include $_SESSION["docroot"].'/php/connect.php';`
			`$current_pwhash = hash_password($current, $this->salt);`
			$query = "SELECT `uid` FROM `users` WHERE `uid` = $this->uid AND `password` = '$current_pwhash'";
			`$result = $mysqli->query($query);`
			`if($result->num_rows===1){`
			`$new_pwdhash = hash_password($new, $this->salt);`
			$mysqli->query("UPDATE `users` SET `password` = '$new_pwdhash' WHERE `users`.`uid` = $this->uid;");
			`$mysqli->close();`
			`print_r("0");`
			`}`
			`else{`
			`print_r("1");`
			`}`
implemented user class 2018-11-09 13:21:34 +01:00			`}`
installation add user via class 2018-11-09 15:58:00 +01:00
			`function new($uname, $password){`
			`session_start();`
			`include $_SESSION["docroot"].'/php/connect.php';`
			`include $_SESSION["docroot"].'/php/hash.php';`

			$query = "SELECT `uid` FROM `users` WHERE `username` = '$uname'";
			`$result = $mysqli->query($query);`
			`if($result->num_rows==0){`
			`$salt = create_salt();`
			`$passhash = hash_password($password, $salt);`
			$query = "INSERT INTO `users` (`username`, `password`, `salt`, `last_login`) VALUES ('$uname', '$passhash', '$salt', CURRENT_TIMESTAMP);";
			`$result = $mysqli->query($query);`
			`unset($salt);`
			`unset($password);`
			`print_r(0);`
			`}`
			`else{print_r(1);}`
			`$mysqli->close();`
			`}`
implemented user class 2018-11-09 13:21:34 +01:00			`}`
			`?>`