<?php require_once $_SERVER['DOCUMENT_ROOT']."/assets/config/db.php"; fu

1. <?php
2.  
3. require_once $_SERVER['DOCUMENT_ROOT']."/assets/config/db.php";
4.  
5. function validateAndRegisterUser($username, $password, $passwordRepeat, $email, $firstName, $lastName) {
6. $errors = validateUser($username, $password, $passwordRepeat, $email, $firstName, $lastName);
7.  
8. if(count($errors) > 0) {
9. return $errors;
10. }
11.  
12. registeruser($username, $password, $email, $firstName, $lastName);
13. }
14.  
15. function validateUser($username, $password, $passwordRepeat, $email, $firstName, $lastName) {
16. global $PDO;
17.  
18. $errors = array();
19.  
20. //check in the database if user exist or email is taken
21. $stmt = $PDO->prepare("SELECT username,email FROM login WHERE username=:username OR email=:email");
22. $stmt->execute(array(':username'=>$username, ':email'=>$email));
23.  
24. $row = $stmt->fetch(PDO::FETCH_ASSOC);
25.  
26. //is username taken?
27. if($row['username'] == $username) {
28. array_push($errors, "Användarnamnet är upptaget.");
29. }
30.  
31. //is email already taken
32. if($row['email'] == $email) {
33. array_push($errors, "Denna E-mailen finns redan registrerad hos oss.");
34. }
35.  
36. //validate email
37. if(!filter_var($email, FILTER_VALIDATE_EMAIL)) {
38. array_push($errors, "Vänligen fyll i en giltig E-mail.");
39. }
40.  
41. //validate that passwords match
42. if($password != $passwordRepeat) {
43. array_push($errors, "Lösenorden matchar inte.");
44. }
45.  
46. //is the password long enough? lets say at least 6 characters
47. if(strlen($password) <= 5) {
48. array_push($errors, "Lösenordet måste vara minst 6 tecken långt.");
49. }
50.  
51. return $errors;
52. }
53.  
54. function registerUser($username, $password, $email, $firstName, $lastName) {
55. global $PDO;
56.  
57. $sql = "INSERT INTO login(email, password, firstname, lastname, username) VALUES (:email, :password, :firstname, :lastname, :username)";
58. $stmt = $PDO->prepare($sql);
59.  
60. $encryptedPassword = password_hash($password, PASSWORD_BCRYPT);
61.  
62. $stmt->bindParam(':email', $email, PDO::PARAM_STR);
63. $stmt->bindParam(':password', $encryptedPassword, PDO::PARAM_STR);
64. $stmt->bindParam(':firstname', $firstName, PDO::PARAM_STR);
65. $stmt->bindParam(':lastname', $lastName, PDO::PARAM_STR);
66. $stmt->bindParam(':username', $username, PDO::PARAM_STR);
67.  
68. $success = $stmt->execute();
69. }
70. function loginUser($username, $password) {
71. global $PDO;
72.  
73. $stmt = $PDO->prepare("SELECT * FROM login WHERE username=:username LIMIT 1");
74.  
75. $stmt->bindParam(':username', $username);
76. $stmt->execute();
77.  
78. $userRow = $stmt->fetch(PDO::FETCH_ASSOC);
79. echo $password;
80.  
81. if($stmt->rowCount() > 0) {
82. if(password_verify($password, $userRow['password'])) {
83. $_SESSION['user_session'] = $userRow['id'];
84. return true;
85. } else {
86. return false;
87. }
88. }
89. }
90. function userLoggedIn() {
91. if(isset($_SESSION['user_session'])) {
92. return true;
93. }
94. }
95. function getLoggedInUsername() {
96. global $PDO;
97.  
98. if(!isset($_SESSION['user_session'])) {
99. return false;
100. }
101.  
102. $stmt = $PDO->prepare("SELECT * FROM login WHERE id=:id LIMIT 1");
103.  
104. $stmt->bindParam(':id', $_SESSION['user_session']);
105. $stmt->execute();
106.  
107. $userRow = $stmt->fetch(PDO::FETCH_ASSOC);
108.  
109. if($stmt->rowCount() > 0) {
110. return $userRow['username'];
111. }
112. }
113. function logoutUser() {
114. unset($_SESSION['user_session']);
115. }
116. ?>