API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 21st, 2017
143
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.12 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. class User {
  3.     public $user_id;
  4.     public $email;
  5.     public $user_info;
  6.     public static function login($email, $password, $is_hash = false){
  7.         $query = "SELECT * FROM `users` WHERE `email` = '".Database::escape($email)."' AND `password_hash` = '".(($is_hash)?Database::escape($password):Database::escape(sha1($password)))."'";
  8.         Database::query($query);
  9.         $user = Database::fetchAssoc();
  10.         if($user){
  11.             return new User($user);
  12.         }else{
  13.             return false;
  14.         }
  15.     }
  16.     protected function __construct($user_info){
  17.         $this->user_id = (int) $user_info['user_id'];
  18.         $this->email = $user_info['email'];
  19.         $this->user_info = $user_info;
  20.     }
  21.     public static function getUser($user_id){
  22.         $user_id = (int) $user_id;
  23.         $query = "SELECT * FROM `users` WHERE `user_id` = $user_id";
  24.         Database::query($query);
  25.         $user = Database::fetchAssoc();
  26.         if($user){
  27.             return new User($user);
  28.         }else{
  29.             return false;
  30.         }
  31.     }
  32.     public function deleteUser(){
  33.         $query = "DELETE FROM `users` WHERE `user_id` = $this->user_id";
  34.         Database::query($query);
  35.         // Script should then kill the user variable.
  36.     }
  37.     public function editUser($params){
  38.         $updates = array();
  39.         if(isset($params['first_name'])) $updates[] = "`u_first_name` = '".Database::escape($params['first_name'])."'";
  40.         if(isset($params['last_name'])) $updates[] = "`u_last_name` = '".Database::escape($params['last_name'])."'";
  41.         if(isset($params['email'])) $updates[] = "`email` = '".Database::escape($params['email'])."'";
  42.         if(isset($params['phone'])) $updates[] = "`phone` = '".Database::escape($params['phone'])."'";
  43.         if(isset($params['password'])) $updates[] = "`password_hash` = '".Database::escape(sha1($params['password']))."'";
  44.         if(isset($params['active'])) $updates[] = "`active` = ".((int) (bool) $params['active']);
  45.         if(isset($params['subscription'])) $updates[] = "`subscription` = ".((int) $params['subscription']);
  46.         if(isset($params['expires'])) $updates[] = "`expires` = ".((int) $params['expires']);
  47.         if(isset($params['paypal_email'])) $updates[] = "`paypal_email` = '".Database::escape($params['paypal_email'])."'";
  48.         if(isset($params['paypal_transaction_id'])) $updates[] = "`paypal_transaction_id` = '".Database::escape($params['paypal_transaction_id'])."'";
  49.         if($updates){
  50.             $query = "UPDATE `users` SET ".implode(', ', $updates)." WHERE `user_id` = $this->user_id";
  51.         }
  52.         Database::query($query);
  53.         return true;
  54.     }
  55.     public static function createUser($params, $make_session_this_user = true){
  56.         global $user;
  57.         $ownerFn = empty($params['ownerFn'])?'DEFAULT':"'".Database::escape($params['ownerFn'])."'";
  58.         $ownerLn = empty($params['ownerLn'])?'DEFAULT':"'".Database::escape($params['ownerLn'])."'";
  59.         $ownerEmail = empty($params['creatorEmail'])?'DEFAULT':"'".Database::escape($params['creatorEmail'])."'";
  60.         $ownerPhone = empty($params['ownerPhone'])?'DEFAULT':"'".Database::escape($params['ownerPhone'])."'";
  61.         $ownerPassword = "'".sha1($params['password'])."'";
  62.  
  63.         //Check to make sure user doesnt exist, if it does update.
  64.         $query = "SELECT * FROM `users` WHERE `email` = $ownerEmail";
  65.         Database::query($query);
  66.         if($row = Database::fetchAssoc()){
  67.             if($ownerPassword == $row['password_hash']){
  68.                 $query = "UPDATE `users` SET `u_first_name` = '$ownerFn', `u_last_name` = '$ownerLn', `phone` = '$ownerPhone'";
  69.                 Database::query($query);
  70.                 $user_id = $row['id'];
  71.             }else
  72.                 return false;
  73.         }else{
  74.             $query = "INSERT INTO `users`
  75.                 (`u_first_name`, `u_last_name`, `email`, `phone`, `password_hash`)
  76.                 VALUES
  77.                 ($ownerFn, $ownerLn, $ownerEmail, $ownerPhone, $ownerPassword)";
  78.             Database::query($query);
  79.             $user_id = Database::getInsertId();
  80.         }
  81.         $user = self::login($params['creatorEmail'], $params['password'], false);
  82.         return (int) $user_id;
  83.     }
  84.     public static function userEmailExists($email){
  85.         $email = Database::escape($email);
  86.         $query = "SELECT * FROM `users` WHERE `email` = '$email'";
  87.         return (bool) Database::fetchAssoc();
  88.     }
  89.     public static function checkLogin(){
  90.         global $user;
  91.         if(!$user){
  92.             $_SESSION['form_errors'][] = 'You must login to view this page';
  93.             header('Location: index.php?view=login');
  94.             exit;
  95.         }
  96.     }
  97. }
  98. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!