class DB{ private $dbh; function __construct($host='localhost', $user='

1. class DB
2. {
3.     private $dbh;
4.    
5.     function __construct($host='localhost', $user='root', $password='', $dbname='ems')
6.     {
7.         $this->dbh = new mysqli( $host, $user, $password, $dbname);
8.     }
9.    
10.    
11.     function registerEmployee($name, $surname, $login, $password1, $password2, $email)
12.     {
13.         $name=htmlentities($name, ENT_QUOTES);
14.         $surname=htmlentities($surname, ENT_QUOTES);
15.         $login=htmlentities($login, ENT_QUOTES);
16.         $password1=htmlentities($password1, ENT_QUOTES);
17.         $password2=htmlentities($password2, ENT_QUOTES);
18.         $email=htmlentities($email, ENT_QUOTES);
19.        
20.         $stmt=$this->dbh->prepare('SELECT id FROM employee WHERE login=? OR email=?');
21.         $stmt->bind_param('ss', $login, $email);
22.         $stmt->execute();
23.         $stmt->bind_result($result);
24.         $stmt->fetch();
25.        
26.         $_SESSION['formerror']=0;
27.         $_SESSION['conflict']=0;
28.         $_SESSION['loginerror']=0;
29.         $_SESSION['passerror']=0;
30.        
31.         if(!$name || !$surname || !$login || !$password1 || !$password2 || !$email)  $_SESSION['formerror']=1;
32.         if($result)  $_SESSION['conflict']=1;
33.  
34.         if(strlen($login)<7)  $_SESSION['loginerror']=1;
35.         if((strlen($password1)>7||strlen($password2)>7)||($password1!=$password2))  $_SESSION['passerror']=1;
36.  
37.         if($_SESSION['formerror'] || $_SESSION['conflict'] || $_SESSION['loginerror'] || $_SESSION['passerror'])
38.         {
39.             return 0;
40.         }
41.         else
42.         {
43.             $stmt=0;
44.             $password=password_hash($password1, PASSWORD_DEFAULT);
45.            
46.             $stmt=$this->dbh->prepare("INSERT INTO employee VALUES (NULL, ?, ?, ?, ?, ?, NULL)");
47.             $stmt->bind_param('sssss', $name, $surname, $login, $password, $email);
48.             $stmt->execute();
49.        
50.             return 1;
51.         }
52.     }
53.        
54.        
55.     function addTask($from_place, $to_place, $from_time, $to_time, $km, $payment)
56.     {
57.         $stmt=$this->dbh->prepare('SELECT id FROM task WHERE from_place=? AND to_place=? AND from_time=? AND to_time=? AND km=? AND payment=?');
58.         $stmt->bind_param('ssssdd', $from_place, $to_place, $from_time, $to_time, $km, $payment);
59.         $stmt->execute();
60.         $stmt->bind_result($result);
61.         $stmt->fetch();
62.         if($result)
63.         {
64.             return 0;
65.         }
66.        
67.         $stmt=$this->dbh->prepare('INSERT INTO task VALUES(null, null, ?, ?, ?, ?, ?, ?, ?)');
68.         $stmt->bind_param('ssssdd', $from_place, $to_place, $from_time, $to_time, $km, $payment, 0);
69.         $stmt->execute();
70.            
71.         if($stmt)
72.         {
73.             return 1;
74.         }
75.         else
76.         {
77.             return 0;
78.         }
79.     }
80.    
81.    
82.     function setTaskPerformer($employee_id, $task_id)
83.     {
84.         $stmt=$this->dbh->prepare('UPDATE task SET performer=? WHERE id=?');
85.         $stmt->bind_param('ss', $employee_id, $task_id);
86.         $stmt->execute();
87.         $result=$stmt->affected_rows;
88.         if($result)
89.         {
90.             return 1;
91.         }
92.         else
93.         {
94.             return 0;
95.         }
96.     }
97.    
98.    
99.     function getTaskByID($task_id)
100.     {
101.         $stmt=$this->dbh->prepare('SELECT * FROM task WHERE id=?');
102.         $stmt->bind_param('s', $task_id);
103.         $stmt->execute();
104.         $result=$stmt->fetch_assoc();
105.     }
106.    
107.    
108.     function getTaskByPerformer($employee_id)
109.     {
110.         $stmt=$this->dbh->prepare('SELECT * FROM task WHERE performer=?');
111.         $stmt->bind_param('s', $employee_id);
112.         $stmt->execute();
113.         $result=$stmt->fetch_assoc();
114.     }
115.    
116.    
117.     function getEmployeeByID($employee_id)
118.     {
119.         $stmt=$this->dbh->prepare('SELECT id, name, surname, login, email, salary FROM task WHERE id=?');
120.         $stmt->bind_param('s', $employee_id);
121.         $stmt->execute();
122.         $result=$stmt->fetch_assoc();
123.     }
124.    
125.    
126.     function getTasks($count, $from=0)
127.     {
128.         $stmt=$this->dbh->prepare('SELECT * FROM task LIMIT ?, ?');
129.         $stmt->bind_param('s', $count);
130.         $stmt->execute();
131.         $result=$stmt->fetch_array(MYSQLI_ASSOC);
132.        
133.         return $result;
134.     }
135.    
136.    
137.     function getOrderedTasks($count, $from=0)
138.     {
139.         $stmt=$this->dbh->prepare('SELECT * FROM task WHERE performer !=null LIMIT ?, ?');
140.         $stmt->bind_param('ss', $from, $count);
141.         $stmt->execute();
142.         $result=$stmt->fetch_array(MYSQLI_ASSOC);
143.        
144.         return $result;
145.     }
146.     function getUnorderedTasks($count, $from=0)
147.     {
148.         $stmt=$this->dbh->prepare('SELECT * FROM task WHERE performer=null LIMIT ?, ?');
149.         $stmt->bind_param('ss', $from, $count);
150.         $stmt->execute();
151.         $result=$stmt->fetch_array(MYSQLI_ASSOC);
152.        
153.         return $result;
154.     }
155.     function getCompletedTasks($count)
156. }