Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class User {
- public $user_id;
- public $email;
- public $user_info;
- public static function login($email, $password, $is_hash = false){
- $query = "SELECT * FROM `users` WHERE `email` = '".Database::escape($email)."' AND `password_hash` = '".(($is_hash)?Database::escape($password):Database::escape(sha1($password)))."'";
- Database::query($query);
- $user = Database::fetchAssoc();
- if($user){
- return new User($user);
- }else{
- return false;
- }
- }
- protected function __construct($user_info){
- $this->user_id = (int) $user_info['user_id'];
- $this->email = $user_info['email'];
- $this->user_info = $user_info;
- }
- public static function getUser($user_id){
- $user_id = (int) $user_id;
- $query = "SELECT * FROM `users` WHERE `user_id` = $user_id";
- Database::query($query);
- $user = Database::fetchAssoc();
- if($user){
- return new User($user);
- }else{
- return false;
- }
- }
- public function deleteUser(){
- $query = "DELETE FROM `users` WHERE `user_id` = $this->user_id";
- Database::query($query);
- // Script should then kill the user variable.
- }
- public function editUser($params){
- $updates = array();
- if(isset($params['first_name'])) $updates[] = "`u_first_name` = '".Database::escape($params['first_name'])."'";
- if(isset($params['last_name'])) $updates[] = "`u_last_name` = '".Database::escape($params['last_name'])."'";
- if(isset($params['email'])) $updates[] = "`email` = '".Database::escape($params['email'])."'";
- if(isset($params['phone'])) $updates[] = "`phone` = '".Database::escape($params['phone'])."'";
- if(isset($params['password'])) $updates[] = "`password_hash` = '".Database::escape(sha1($params['password']))."'";
- if(isset($params['active'])) $updates[] = "`active` = ".((int) (bool) $params['active']);
- if(isset($params['subscription'])) $updates[] = "`subscription` = ".((int) $params['subscription']);
- if(isset($params['expires'])) $updates[] = "`expires` = ".((int) $params['expires']);
- if(isset($params['paypal_email'])) $updates[] = "`paypal_email` = '".Database::escape($params['paypal_email'])."'";
- if(isset($params['paypal_transaction_id'])) $updates[] = "`paypal_transaction_id` = '".Database::escape($params['paypal_transaction_id'])."'";
- if($updates){
- $query = "UPDATE `users` SET ".implode(', ', $updates)." WHERE `user_id` = $this->user_id";
- }
- Database::query($query);
- return true;
- }
- public static function createUser($params, $make_session_this_user = true){
- global $user;
- $ownerFn = empty($params['ownerFn'])?'DEFAULT':"'".Database::escape($params['ownerFn'])."'";
- $ownerLn = empty($params['ownerLn'])?'DEFAULT':"'".Database::escape($params['ownerLn'])."'";
- $ownerEmail = empty($params['creatorEmail'])?'DEFAULT':"'".Database::escape($params['creatorEmail'])."'";
- $ownerPhone = empty($params['ownerPhone'])?'DEFAULT':"'".Database::escape($params['ownerPhone'])."'";
- $ownerPassword = "'".sha1($params['password'])."'";
- //Check to make sure user doesnt exist, if it does update.
- $query = "SELECT * FROM `users` WHERE `email` = $ownerEmail";
- Database::query($query);
- if($row = Database::fetchAssoc()){
- if($ownerPassword == $row['password_hash']){
- $query = "UPDATE `users` SET `u_first_name` = '$ownerFn', `u_last_name` = '$ownerLn', `phone` = '$ownerPhone'";
- Database::query($query);
- $user_id = $row['id'];
- }else
- return false;
- }else{
- $query = "INSERT INTO `users`
- (`u_first_name`, `u_last_name`, `email`, `phone`, `password_hash`)
- VALUES
- ($ownerFn, $ownerLn, $ownerEmail, $ownerPhone, $ownerPassword)";
- Database::query($query);
- $user_id = Database::getInsertId();
- }
- $user = self::login($params['creatorEmail'], $params['password'], false);
- return (int) $user_id;
- }
- public static function userEmailExists($email){
- $email = Database::escape($email);
- $query = "SELECT * FROM `users` WHERE `email` = '$email'";
- return (bool) Database::fetchAssoc();
- }
- public static function checkLogin(){
- global $user;
- if(!$user){
- $_SESSION['form_errors'][] = 'You must login to view this page';
- header('Location: index.php?view=login');
- exit;
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement