Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * @return mysqli
- */
- function dbConnect() {
- return mysqli_connect('local.dev', 'root', '123', 'test');
- }
- /**
- * @param string $error_text
- *
- * @return string
- */
- function showError($error_text) {
- return <<<HTML
- <p style="color: red; font-weight: bold">$error_text</p>
- HTML;
- }
- /**
- * Return User ID using given username and password.
- * @param string $username
- * @param string $password
- *
- * @return int
- */
- function getUserIdByUsernameAndPassword($username, $password) {
- $connection = dbConnect();
- // Filter vars
- $username = mysqli_real_escape_string($connection, $username);
- $password = mysqli_real_escape_string($connection, $password);
- // Create SQL query.
- $sql_query = <<<SQL
- SELECT user_id FROM users WHERE email = '$username' AND psword = '$password'
- SQL;
- // If it failed then something went wrong or user didn't exist
- $query = mysqli_query($connection, $sql_query);
- if (!$query) {
- return false;
- }
- $result = mysqli_fetch_assoc($query);
- return $result['user_id'];
- }
- /**
- * Get user by his/her id.
- * @param mysqli $connection
- * @param int $user_id
- *
- * @return array|bool|null
- */
- function getUserById($connection, $user_id) {
- // Filter var
- $user_id = intval($user_id);
- // Create SQL query.
- $sql_query = <<<SQL
- SELECT * FROM users WHERE user_id = '$user_id'
- SQL;
- $query = mysqli_query($connection, $sql_query);
- if (!$query) {
- return false;
- }
- return mysqli_fetch_assoc($query);
- }
- /**
- * Update users table. Set $field_name = $field_value for a given $user_id
- *
- * @param mysqli $connection
- * @param string $field_name Field name
- * @param string $field_value Field value
- * @param string $user_id User ID
- *
- * @return bool
- */
- function updateUserById($connection, $field_name, $field_value, $user_id) {
- // Filter values
- $field_value = mysqli_real_escape_string($connection, trim($field_value));
- $user_id = mysqli_real_escape_string($connection, trim($user_id));
- // Create SQL query
- $sql = "UPDATE users
- SET `$field_name` = '$field_value'
- WHERE user_id = '$user_id'";
- // Return result
- return mysqli_query($connection, $sql);
- }
- /**
- * Return auth form.
- * @return string
- */
- function getAuthorizationForm()
- {
- return <<<HTML
- <form method="post" action="">
- <p>
- <input type="text" name="username">
- </p>
- <p>
- <input type="password" name="psword">
- </p>
- <p>
- <input type="submit" name="Login">
- </p>
- </form>
- HTML;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement