API tools faq
paste
Guest User

Untitled

a guest
Apr 5th, 2019
44
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.41 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. namespace Models\Database\User;
  4.  
  5. class UserContainer {
  6.  
  7.     private $dbConnection;
  8.  
  9.     public function __construct($connection) {
  10.         $this->dbConnection = $connection;
  11.     }
  12.  
  13.     public function registerUser() {
  14.       $validate = new \Controllers\ValidationController();
  15.         // Check connection
  16.         if ($this->dbConnection->connect_error) {
  17.             die("Connection failed: " . $this->dbConnection->connect_error);
  18.         }
  19.         $p1 = mysqli_real_escape_string($this->dbConnection, $_POST['Password']);
  20.         $p2 = mysqli_real_escape_string($this->dbConnection, $_POST['Password2']);
  21.  
  22.         if ($p1 == $p2) {
  23.             $name = (string)$validate->Sanitize_String($name);
  24.             $name = mysqli_real_escape_string($this->dbConnection, $_POST['Name']);
  25.             $surname =  (string)$validate->Sanitize_String($surname);
  26.             $surname = mysqli_real_escape_string($this->dbConnection, $_POST['Surname']);
  27.             $mail = $validate->Sanitize_Email($mail);
  28.             $mail = mysqli_real_escape_string($this->dbConnection, $_POST['Email']);
  29.             $pass = mysqli_real_escape_string($this->dbConnection, $_POST['Password']);
  30.  
  31.  
  32.             $password_hash = password_hash($pass, PASSWORD_BCRYPT, array('cost' => 12));
  33.  
  34.  
  35.             $sql = "INSERT INTO`ecomm_site`.`cus_customers` (`Name`, `Surname`, `Email Address`, `Password`) VALUES (\"" . $name . "\" , \"" . $surname . "\", \"" . $mail . "\", \"" . $password_hash . "\")";
  36.  
  37.             if ($result = $this->dbConnection->query($sql) === TRUE) {
  38.  
  39.                 $newUserQuery = $this->dbConnection->query('Select ID from cus_customers where Name like \'' . $name . '\' LIMIT 1;');
  40.  
  41.                 foreach ($newUserQuery as $user) {
  42.                     $_SESSION['user'] = $user['ID'];
  43.                 }
  44.             } else {
  45.                 return FALSE;
  46.             }
  47.             //$conn->close();
  48.             return TRUE;
  49.         } else {
  50.             include_once("Views/Errors/Errorpasswordmatch.php");
  51.         }
  52.     }
  53.  
  54.     public function loginSession($name, $pass) {
  55.         // Check connection
  56.         $validate = new \Controllers\ValidationController();
  57.         if ($this->dbConnection->connect_error) {
  58.             die("Connection failed: " . $this->dbConnection->connect_error);
  59.         }
  60. //            $name = $_POST['Username'];
  61. //            $pass = $_POST['Password'];
  62.               $name = (string)$validate->Sanitize_String($name);
  63.               $name = mysqli_real_escape_string($this->dbConnection,$name);
  64.  
  65. // select statatemt to check
  66.  
  67.  
  68.         $sql = "SELECT * FROM cus_customers WHERE Name = \"" . $name . "\" LIMIT 1";
  69.  
  70.         //$sql = "SELECT ID FROM cus_customers WHERE Name LIKE \"".$name. "\" AND Password LIKE \"".$pass."\" LIMIT 1";
  71.  
  72.         $result = $this->dbConnection->query($sql);
  73.  
  74.         if ($result->num_rows > 0) {
  75.             // output data of each row
  76.             while ($row = $result->fetch_assoc()) {
  77.                 if (password_verify($pass, $row["Password"])) {
  78.                     //Store variable as usual
  79.                     //$sessid = $row["ID"];
  80.                     $_SESSION['user'] = $row['ID'];
  81.                     //$_SESSION['user'] = $name;
  82.                 } else {
  83.                     return false;
  84.                 }
  85.             }
  86.  
  87.  
  88.             //session_regenerate_id(TRUE);
  89.             //$_SESSION['user'] = $_POST['Username'];
  90.         } else {
  91.             return FALSE;
  92.         }
  93. //               echo $sql;
  94.         //$conn->close();
  95.         return TRUE;
  96.     }
  97.  
  98.     public function getSessionUser() {
  99.         if ($this->dbConnection->connect_error) {
  100.             die("Connection failed: " . $this->dbConnection->connect_error);
  101.         }
  102.  
  103.         $sql = "SELECT * FROM cus_customers WHERE ID = \"" . $_SESSION['user'] . "\" LIMIT 1";
  104.  
  105.         $result = $this->dbConnection->query($sql);
  106.  
  107.         if ($result->num_rows > 0) {
  108.             // output data of each row
  109.             while ($row = $result->fetch_assoc()) {
  110.  
  111.                 $Username = $row['Name'];
  112.             }
  113.         } else {
  114.             return 'Account not found';
  115.         }
  116.         return $Username;
  117.     }
  118.  
  119.     public function logout() {
  120.         //$session->destroy(session_id());
  121.         session_destroy();
  122.         session_unset();
  123.  
  124.         echo '<script type="text/javascript">
  125.                window.location = "Home"
  126.            </script>';
  127.     }
  128.  
  129. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!