API tools faq
paste
Guest User

Untitled

a guest
Apr 22nd, 2018
88
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 14.90 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. require_once("db_config.php");
  3. class User {
  4. protected $db;
  5. public $id = null;
  6. private static $instance = null;
  7.  
  8. /**
  9. * Create an Instace of the User Class and Return it.
  10. * @return User
  11. */
  12. public static function getInstance(){
  13. if(self::$instance == null){
  14. self::$instance = new User();
  15. }
  16. return self::$instance;
  17. }
  18.  
  19. /**
  20. * Get the Currrent User Session and return the User Data.
  21. * @return array|bool Array of the User Data or false if none exists.
  22. */
  23. public static function getUser($i = null){
  24. // If Given a User Session, Check and Use it.
  25. if($i !== null && $i instanceof User){
  26. $use = $i;
  27. }
  28. else{
  29. $use = self::getInstance();
  30. }
  31.  
  32. // If the Session is Valid, Pull the User Data otherwise return false.
  33. if(isset($_SESSION['uid'])){
  34. return $use->get_user_by_id($_SESSION['uid']);
  35. }
  36. else {
  37. return false;
  38. }
  39. }
  40.  
  41. /**
  42. * Override the current Value of the Instance.
  43. */
  44. public static function setInstance($i){
  45. self::$instance = $i;
  46. }
  47.  
  48. /**
  49. * Check the Instance Var in the Class.
  50. * @return bool If Instance is defined.
  51. */
  52. public static function hasInstance(){
  53. if(isset(self::$instance) && self::$instance !== null){
  54. return true;
  55. }
  56. return false;
  57. }
  58.  
  59. /**
  60. * Update User Account Details
  61. * @return bool If the Update was Good.
  62. */
  63. public static function updateUser($uid, $fname, $lname, $username, $email, $password) {
  64. $i = self::getInstance();
  65. return $i->update_user($uid, $fname, $lname, $username, $email, $password);
  66. }
  67.  
  68. /**
  69. * Update User Account Profile Details
  70. * @return bool If the Update was Good.
  71. */
  72. public static function updateProfile($uid, $fname, $lname, $email, $address, $zipcode, $city, $phone) {
  73. $i = self::getInstance();
  74. return $i->update_profile($uid, $fname, $lname, $email, $address, $zipcode, $city, $phone);
  75. }
  76.  
  77. public static function has_session(){
  78. if(session_status() == PHP_SESSION_NONE){
  79. session_start();
  80. }
  81. if( !isset($_SESSION['login']) || !isset($_SESSION['uid']) ){
  82. return false;
  83. }
  84. return true;
  85. }
  86.  
  87. public function __construct(){
  88. if (session_status() == PHP_SESSION_NONE) {
  89. session_start();
  90. }
  91.  
  92. if(!class_exists("DB_con")){
  93. throw new Exception('DB_con Class does NOT Exist! Please Load the Class to Operate!');
  94. }
  95. $this->db = new DB_con();
  96. $this->db = $this->db->ret_obj();
  97. }
  98.  
  99. protected function cleanMyStuff(&$in = ""){
  100. $in = mysqli_real_escape_string($this->db, $in);
  101. }
  102.  
  103. /**
  104. * For Registration, Create new User
  105. * @return bool If the User was Created
  106. */
  107. public function reg_user($fname, $lname, $username, $email, $password){
  108. $this->cleanMyStuff($fname);
  109. $this->cleanMyStuff($lname);
  110. $this->cleanMyStuff($username);
  111. $this->cleanMyStuff($email);
  112. $this->cleanMyStuff($password);
  113.  
  114. $password = sha1($password);
  115. // Check if the Username or Email is already in use by another User.
  116. $query = "SELECT * FROM `users` WHERE `uname`='$username' OR `uemail`='$email'";
  117. $result = $this->db->query($query) or die($this->db->error);
  118. $count_row = $result->num_rows;
  119.  
  120. // If the Username & the Email are not used already then register the account.
  121. if($count_row == 0){
  122. $query = "INSERT INTO `users` SET `fname` = '$fname', `lname` = '$lname', `uname` = '$username', `upass` = '$password', `uemail` = '$email'";
  123. $result = $this->db->query($query) or die($this->db->error);
  124. return true;
  125. } else {
  126. return false;
  127. }
  128. }
  129.  
  130. /**
  131. * For Admins, Update the User Account
  132. * @see reg_user
  133. * @return bool If the User was Updated
  134. */
  135. public function update_profile($uid, $fname, $lname, $email, $address, $zipcode, $city, $phone){
  136. $this->cleanMyStuff($uid);
  137. $this->cleanMyStuff($fname);
  138. $this->cleanMyStuff($lname);
  139. $this->cleanMyStuff($email);
  140. $this->cleanMyStuff($address);
  141. $this->cleanMyStuff($zipcode);
  142. $this->cleanMyStuff($city);
  143. $this->cleanMyStuff($phone);
  144.  
  145. $password = sha1($password);
  146. // Check if the UID is registerd.
  147. $query = "SELECT * FROM `users` WHERE `uid`='$uid'";
  148. $result = $this->db->query($query) or die($this->db->error);
  149. $count_row = $result->num_rows;
  150.  
  151. // If the Username & the Email are not used already then register the account.
  152. if($count_row !== 0){
  153. $query = "UPDATE `users` SET `fname` = '$fname', `lname` = '$lname', `uname` = '$username', `upass` = '$password', `uemail` = '$email' WHERE `uid` ='$uid'";
  154. $result = $this->db->query($query) or die($this->db->error);
  155. return true;
  156. } else {
  157. return false;
  158. }
  159. }
  160.  
  161. /**
  162. * For Users, Update Profile
  163. * @see reg_user
  164. * @return bool If the User was Updated
  165. */
  166. public function update_user($uid, $fname, $lname, $username, $email){
  167. $this->cleanMyStuff($uid);
  168. $this->cleanMyStuff($fname);
  169. $this->cleanMyStuff($lname);
  170. $this->cleanMyStuff($username);
  171. $this->cleanMyStuff($email);
  172.  
  173. // Check if the UID is registerd.
  174. $query = "SELECT * FROM `users` WHERE `uid`='$uid'";
  175. $result = $this->db->query($query) or die($this->db->error);
  176. $count_row = $result->num_rows;
  177.  
  178. // If the Username & the Email are not used already then register the account.
  179. if($count_row !== 0){
  180. $query = "UPDATE `users` SET `fname` = '$fname', `lname` = '$lname', `uname` = '$username', `uemail` = '$email' WHERE `uid` ='$uid'";
  181. $result = $this->db->query($query) or die($this->db->error);
  182. return true;
  183. } else {
  184. return false;
  185. }
  186. }
  187.  
  188. /**
  189. * For Users, Update Password
  190. * @see reg_user
  191. * @return bool If the User was Updated
  192. */
  193. public function update_password($uid, $password){
  194. $this->cleanMyStuff($password);
  195.  
  196. $password = sha1($password);
  197. // Check if the UID is registerd.
  198. $query = "SELECT * FROM `users` WHERE `uid`='$uid'";
  199. $result = $this->db->query($query) or die($this->db->error);
  200. $count_row = $result->num_rows;
  201.  
  202. // If the Username & the Email are not used already then register the account.
  203. if($count_row !== 0){
  204. $query = "UPDATE `users` SET `upass` = '".$password."' WHERE `uid` ='$uid'";
  205. $result = $this->db->query($query) or die($this->db->error);
  206. return true;
  207. } else {
  208. return false;
  209. }
  210. }
  211.  
  212. /**
  213. * For Users, Check if Passwords Match
  214. * @return bool If the Password Matched
  215. */
  216. public function match_password($uid, $password){
  217. $this->cleanMyStuff($uid);
  218. $this->cleanMyStuff($username);
  219. $this->cleanMyStuff($password);
  220.  
  221. $password = sha1($password);
  222. // Check if the UID is registerd.
  223. $query = "SELECT * FROM `users` WHERE `uid`='$uid'";
  224. $result = $this->db->query($query) or die($this->db->error);
  225. $count_row = $result->num_rows;
  226.  
  227. // If the Username & the Email are not used already then register the account.
  228. if($count_row !== 0){
  229. $query = "SELECT `uid` FROM `users` WHERE `uid`='$uid' AND `upass`='$password'";
  230. $result = $this->db->query($query) or die($this->db->error);
  231. return true;
  232. } else {
  233. return false;
  234. }
  235. }
  236.  
  237.  
  238. /**
  239. * For Login Processes, Create the Session and store it.
  240. * @return bool If User can Login
  241. */
  242. public function check_login($emailusername, $password){
  243. $this->cleanMyStuff($emailusername);
  244. $this->cleanMyStuff($password);
  245. $password = sha1($password);
  246.  
  247. $query = "SELECT `uid` FROM `users` WHERE `uemail`='$emailusername' OR `uname`='$emailusername' AND `upass`='$password'";
  248. $result = $this->db->query($query) or die($this->db->error);
  249. $user_data = $result->fetch_array(MYSQLI_ASSOC);
  250. $count_row = $result->num_rows;
  251.  
  252. if ($count_row == 1) {
  253. unset($_SESSION['permissions']);
  254. $_SESSION['login'] = true; // this login var will use for the session thing
  255. $_SESSION['uid'] = $user_data['uid'];
  256. return true;
  257. }
  258. else{
  259. return false;
  260. }
  261. }
  262.  
  263. /**
  264. * Return the Current Status of the User's Profile
  265. * @see fetch_role
  266. * @return string User Highest Role
  267. */
  268. public function get_status($uid){
  269. $this->cleanMyStuff($uid);
  270. $query = "SELECT * FROM `roles` INNER JOIN `roles_and_permissions` ON
  271. `roles_and_permissions`.`permission_id` = `roles`.`role_id` WHERE
  272. `uid` = ".$uid." ORDER BY `roles`.`order` DESC LIMIT 0 , 30";
  273. $result = $this->db->query($query) or die($this->db->error);
  274. $user_data = $result->fetch_array(MYSQLI_ASSOC);
  275. if ($user_data) {
  276. $role = $user_data['role_name'];
  277. } else {
  278. $role = 'NONE';
  279. }
  280. return $role;
  281. }
  282.  
  283. /**
  284. * Apply the User Roles based on input from the form. Auto: Add, Remove.
  285. * @return bool true
  286. */
  287. public function update_roles($uid, $roles) {
  288.  
  289. $user_roles = $this->fetch_roles_order($uid); // Get all User Roles.
  290. //$user_roles = array_column($user_roles, "role_id"); // PHP new than 5.5
  291. $user_roles = array_map(function($item) {
  292. return $item["role_id"];
  293. }, $user_roles);
  294.  
  295. $all_roles = $this->fetch_all_roles();
  296. $all_roles = array_map(function($item) {
  297. return $item["role_id"];
  298. }, $all_roles);
  299.  
  300. // Loop through all of the Role IDs passed in
  301. foreach($roles as $index => $roleId){
  302. if(in_array($roleId, $user_roles)){
  303. // Already in the User's Account.
  304. continue;
  305. }
  306. else {
  307. // Role is not not in the User's Account.
  308. $this->add_role($uid, $roleId);
  309. }
  310. }
  311.  
  312. $remove = array_diff($all_roles, $roles);
  313. foreach($remove as $index => $roleId){
  314. $this->remove_role($uid, $roleId);
  315. }
  316.  
  317. //exit();
  318. return true;
  319. }
  320.  
  321. /**
  322. * Gets the Primary Role of the User's Account
  323. * @return string User Highest Role (In Upper Format)
  324. */
  325. public function fetch_role($uid) {
  326. $this->cleanMyStuff($udi);
  327. // User Session Exists
  328. $query = "SELECT * FROM `roles` INNER JOIN `roles_and_permissions` ON
  329. `roles_and_permissions`.`permission_id` = `roles`.`role_id` WHERE
  330. `uid` = ".$uid." ORDER BY `roles`.`order` DESC LIMIT 0 , 30";
  331. $result = $this->db->query($query) or die($this->db->error);
  332. $user_data = $result->fetch_array(MYSQLI_ASSOC);
  333. if(!empty($user_data)){
  334. return strtoupper($user_data['role_name']);
  335. } else {
  336. return "NONE";
  337. }
  338. }
  339.  
  340. /**
  341. * Get All of the Roles the User has Assigned to them.
  342. * @return array Role List
  343. */
  344. public function fetch_roles($uid) {
  345. $user_data = array();
  346. $query = "SELECT * FROM `roles` INNER JOIN `roles_and_permissions` ON
  347. `roles_and_permissions`.`permission_id` = `roles`.`role_id` WHERE
  348. `uid` = ".$uid." ORDER BY `roles`.`order` DESC LIMIT 0 , 30";
  349. // User Session Exists
  350. $result = $this->db->query($query) or die($this->db->error);
  351. while($tmp = $result->fetch_array(MYSQLI_ASSOC)){
  352. $user_data[] = strtoupper($tmp['role_name']);
  353. }
  354. // RUN THE MYSQL QUERY TO FETCH THE USER, SAVE INTO $row
  355. if(!empty($user_data)){
  356. return $user_data;
  357. } else {
  358. return array();
  359. }
  360. }
  361.  
  362. /**
  363. * Get all of the Roles that are for the User raw from the DB.
  364. * @return array Role List
  365. */
  366. public function fetch_roles_order($uid) {
  367. $user_data = array();
  368. $query = "SELECT * FROM `roles_and_permissions` INNER JOIN `roles` ON
  369. `roles_and_permissions`.`permission_id` = `roles`.`role_id` WHERE
  370. `roles_and_permissions`.`uid` = ".$uid." ORDER BY `roles`.`order` DESC LIMIT 0 , 30";
  371. $result = $this->db->query($query) or die($this->db->error);
  372. while($tmp = $result->fetch_array(MYSQLI_ASSOC)){
  373. $user_data[] = $tmp;
  374. }
  375. return $user_data;
  376. }
  377.  
  378. /**
  379. * Get All of the Users in the Database.
  380. * @return array $users
  381. */
  382. public function fetch_all_users() {
  383. $users = array();
  384. $query = "SELECT * FROM `users`WHERE `uid` != 0 ORDER BY `uid` DESC LIMIT 0 , 30";
  385. // User Session Exists
  386. $result = $this->db->query($query) or die($this->db->error);
  387. while($tmp = $result->fetch_array(MYSQLI_ASSOC)){
  388. unset($tmp['upass']); // Make it safe
  389. $users[] = $tmp;
  390. }
  391. return $users;
  392. }
  393.  
  394. /**
  395. * Get All of the Roles in the Database.
  396. * @return array $all_roles
  397. */
  398. public function fetch_all_roles() {
  399. $all_roles = array();
  400. $query = "SELECT * FROM `roles` ORDER BY `order` DESC LIMIT 0 , 30";
  401. // User Session Exists
  402. $result = $this->db->query($query) or die($this->db->error);
  403. while($tmp = $result->fetch_array(MYSQLI_ASSOC)){
  404. unset($tmp['upass']); // Make it safe
  405. $all_roles[] = $tmp;
  406. }
  407. return $all_roles;
  408. }
  409.  
  410.  
  411. /**
  412. * Get All of the Users in the Database THAT HAVE ROLES.
  413. * @return array $user_data
  414. */
  415. public function fetch_all_users_wr() {
  416. $user_data = array();
  417. $query = "SELECT * FROM `users` INNER JOIN `roles_and_permissions` ON
  418. `roles_and_permissions`.`uid` = `users`.`uid` WHERE
  419. `users`.`uid` != 0 ORDER BY `roles`.`order` DESC LIMIT 0 , 30";
  420. // User Session Exists
  421. $result = $this->db->query($query) or die($this->db->error);
  422. while($tmp = $result->fetch_array(MYSQLI_ASSOC)){
  423. $user_data[] = $tmprole_name;
  424. }
  425. return $user_data;
  426. }
  427.  
  428. /**
  429. * Check to See if the User has a Specific Role
  430. * @return bool in_array
  431. */
  432. public function has_role($uid, $roleIn = NULL){
  433. if($roleIn == NULL || $uid == "") { return false; }
  434. if(is_array($roleIn)){
  435. $rolesGet = $this->fetch_roles($uid);
  436. foreach($roleIn as $r){
  437. if(in_array($r, $rolesGet)) {
  438. return true;
  439. }
  440. }
  441. return false;
  442. }
  443. else{
  444. $rolesGet = $this->fetch_roles($uid);
  445. return in_array($roleIn, $rolesGet);
  446. }
  447. }
  448.  
  449. /**
  450. * Add a Role Property to the User's Account.
  451. * @return bool True
  452. */
  453. public function add_role($uid, $roleId) {
  454. $user_data = array();
  455. $query = "INSERT INTO `login_profile`.`roles_and_permissions` (`uid`, `permission_id`) VALUES ('".$uid."', '".$roleId."');";
  456. $result = $this->db->query($query) or die($this->db->error);
  457. return true;
  458. }
  459.  
  460. /**
  461. * Remove a Role Property to the User's Account.
  462. * @return bool True
  463. */
  464. public function remove_role($uid, $roleId) {
  465. $user_data = array();
  466. $query = "DELETE FROM `login_profile`.`roles_and_permissions` WHERE `uid` = '".$uid."' AND `permission_id` = '".$roleId."'";
  467. $result = $this->db->query($query) or die($this->db->error);
  468. return true;
  469. }
  470.  
  471. /**
  472. * Get the User By Id.
  473. * @return array MySQL Profile
  474. */
  475. public function get_user_by_id($id){
  476. $query = "SELECT * FROM `users` WHERE `uid` = " . (int) $id . " LIMIT 1";
  477. $result = $this->db->query($query) or die($this->db->error);
  478. return $result->fetch_assoc();
  479. }
  480.  
  481. /**
  482. * Connect to the Database and Delete the User Matching the UID.
  483. * @return bool True
  484. */
  485. public function delete_user($uid){
  486. $queryUser = "DELETE FROM `users` WHERE `uid` = '".$uid."'";
  487. $result = $this->db->query($queryUser) or die($this->db->error);
  488.  
  489. $queryPerms = "DELETE FROM `roles_and_permissions` WHERE `uid` = '".$uid."'";
  490. $result = $this->db->query($queryPerms) or die($this->db->error);
  491. return true;
  492. }
  493.  
  494. /**
  495. * Starting the Session
  496. * @return bool false
  497. * @return string User Login
  498. */
  499. public function get_session(){
  500. if(isset($_SESSION['login'])){
  501. return $_SESSION['login'];
  502. }
  503. else {
  504. return false;
  505. }
  506. }
  507.  
  508. /**
  509. * Gets the Session uid
  510. * @return String The User's Session Id.
  511. */
  512. public function get_uid(){
  513. if(isset($_SESSION['uid'])){
  514. return $_SESSION['uid'];
  515. }
  516. else {
  517. return false;
  518. }
  519. }
  520.  
  521. /**
  522. * Do a Cleanup of the Session
  523. */
  524. public function user_logout() {
  525. $_SESSION['login'] = FALSE;
  526. unset($_SESSION['man_redirect']);
  527. unset($_SESSION);
  528. session_destroy();
  529. }
  530. }
  531.  
  532.  
  533. function clean($in = ""){
  534. global $mysqli;
  535. return mysqli_real_escape_string($mysqli, $in);
  536. }
  537. function c($in = ""){ return clean($in); }
  538.  
  539. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!