API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 1st, 2022
35
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 16.77 KB | None | 0 0
raw download clone embed print report
  1. <?php if (!defined('IN_SITE')) { echo "Zugriff verweigert!"; die(); }
  2. class DB {
  3.     private static $_db_username        = "*******";
  4.     private static $_db_password        = "**********";
  5.     private static $_db_host                = "localhost";
  6.     private static $_db_name                = "programmingnow";
  7.     private static $_db;
  8.  
  9.     function __construct() {
  10.         try {
  11.             self::$_db = new PDO("mysql:host=" . self::$_db_host . ";dbname=" . self::$_db_name,  self::$_db_username , self::$_db_password);
  12.         } catch(PDOException $e) {
  13.             echo "Datenbankverbindung gescheitert!";
  14.             die();
  15.         }
  16.     }
  17.  
  18.     function isUserLoggedIn() {
  19.         $stmt = self::$_db->prepare("SELECT User_ID FROM users WHERE Session=:sid");
  20.         $sid = session_id();
  21.         $stmt->bindParam(":sid", $sid);
  22.         $stmt->execute();
  23.  
  24.         if($stmt->rowCount() === 1) {
  25.             return true;
  26.         } else {
  27.             return false;
  28.         }
  29.     }
  30.  
  31.     function isAdminLoggedIn() {
  32.         $stmt = self::$_db->prepare("SELECT User_ID FROM users WHERE Session=:sid AND admin_rechte=:admin_rechte");
  33.         $sid = session_id();
  34.         $admin_rechte = 'Ja';
  35.         $stmt->bindParam(":sid", $sid);
  36.         $stmt->bindParam(":admin_rechte", $admin_rechte);
  37.         $stmt->execute();
  38.  
  39.         if($stmt->rowCount() === 1) {
  40.             return true;
  41.         } else {
  42.             return false;
  43.         }
  44.     }
  45.  
  46.     function login($benutzername, $pw) {
  47.         $stmt = self::$_db->prepare("SELECT User_ID FROM users WHERE Benutzername=:benutzername AND Passwort=:pw");
  48.         $stmt->bindParam(":benutzername", $benutzername);
  49.         $stmt->bindParam(":pw", $pw);
  50.         $stmt->execute();
  51.  
  52.         if($stmt->rowCount() === 1) {
  53.             $stmt = self::$_db->prepare("Update users SET Session=:sid WHERE Benutzername=:benutzername AND Passwort=:pw");
  54.             $stmt_on_off = self::$_db->prepare("Update users SET status='Online' WHERE Session=:sid");
  55.             $sid = session_id();
  56.             $stmt->bindParam(":sid", $sid);
  57.             $stmt_on_off->bindParam(":sid", $sid);
  58.             $stmt->bindParam(":benutzername", $benutzername);
  59.             $stmt->bindParam(":pw", $pw);
  60.             $stmt->execute();
  61.             $stmt_on_off->execute();
  62.            
  63.        
  64.  
  65.             return true;
  66.         } else {
  67.             return false;
  68.         }
  69.     }
  70.  
  71.     function admin_login($benutzername, $pw) {
  72.         $stmt = self::$_db->prepare("SELECT User_ID FROM users WHERE Benutzername=:benutzername AND Passwort=:pw AND admin_rechte=:admin_rechte");
  73.         $stmt->bindParam(":benutzername", $benutzername);
  74.         $stmt->bindParam(":pw", $pw);
  75.         $admin_rechte = "Ja";
  76.         $stmt->bindParam(":admin_rechte", $admin_rechte);
  77.         $stmt->execute();
  78.  
  79.         if($stmt->rowCount() === 1) {
  80.             $stmt = self::$_db->prepare("Update users SET Session=:sid WHERE Benutzername=:benutzername AND Passwort=:pw");
  81.             $stmt_on_off = self::$_db->prepare("Update users SET status='Online' WHERE Session=:sid");
  82.             $sid = session_id();
  83.             $stmt->bindParam(":sid", $sid);
  84.             $stmt_on_off->bindParam(":sid", $sid);
  85.             $stmt->bindParam(":benutzername", $benutzername);
  86.             $stmt->bindParam(":pw", $pw);
  87.             $stmt->execute();
  88.             $stmt_on_off->execute();
  89.             return true;
  90.         } else {
  91.             return false;
  92.         }
  93.     }
  94.  
  95.     function logout() {
  96.         $stmt = self::$_db->prepare("Update users SET Session='' WHERE Session=:sid");
  97.         $stmt_on_off = self::$_db->prepare("Update users SET status='Offline' WHERE Session=:sid");
  98.         $sid = session_id();
  99.         $stmt->bindParam(":sid", $sid);
  100.         $stmt_on_off->bindParam(":sid", $sid);
  101.         $stmt_on_off->execute();
  102.         $stmt->execute();
  103.     }
  104.  
  105.     function isListenModeOn() {
  106.         $stmt = self::$_db->prepare("SELECT listen_mode FROM users WHERE user_group=:user_group AND listen_mode=:listen_mode_modus");
  107.         $user_group = self::getUserGroup();
  108.         $listen_mode_modus = "On";
  109.         $stmt->bindParam(":user_group", $user_group);
  110.         $stmt->bindParam(":listen_mode_modus", $listen_mode_modus);
  111.         $stmt->execute();
  112.  
  113.         if($stmt->rowCount() === 1) {
  114.             return true;
  115.         } else {
  116.             return false;
  117.         }
  118.     }
  119.  
  120.  
  121.     function getAllEntries($sort = "DESC") {
  122.         if($sort != "ASC" && $sort != "DESC") {
  123.             return -1;
  124.         }
  125.  
  126.         $stmt = self::$_db->prepare("SELECT eintraege.Eintrag_ID, eintraege.Headline, eintraege.Datum, eintraege.Eintrag, users.Vorname, users.Nachname FROM eintraege INNER JOIN users ON eintraege.Autor = users.User_ID ORDER BY Datum " . $sort);
  127.         $stmt->execute();
  128.  
  129.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  130.     }
  131.  
  132.     function getAllUsers($sort = "ASC") {
  133.         if($sort != "ASC" && $sort != "DESC") {
  134.             return -1;
  135.         }
  136.  
  137.         $stmt = self::$_db->prepare("SELECT benutzername, user_role, user_group, user_institution, vorname, nachname, status FROM users ORDER BY nachname ASC");
  138.         $stmt->execute();
  139.  
  140.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  141.     }
  142.  
  143.     function getAllGroups($sort = "ASC") {
  144.         if($sort != "ASC" && $sort != "DESC") {
  145.             return -1;
  146.         }
  147.  
  148.         $stmt = self::$_db->prepare("SELECT * FROM groups ORDER BY group_id ASC");
  149.         $stmt->execute();
  150.  
  151.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  152.     }
  153.  
  154.     function getAllUsersFromGroup($selected_group) {
  155.         if($selected_group == 'Lehrer') {
  156.             $stmt = self::$_db->prepare("SELECT * FROM tasks WHERE user_role=:lehrer_user_role ORDER BY nachname ASC");
  157.             $lehrer_user_role = 'Lehrer';
  158.             $stmt->BindParam(":lehrer_user_role", $lehrer_user_role);
  159.             $stmt->execute();
  160.         }
  161.        
  162.         else{
  163.             $stmt = self::$_db->prepare("SELECT * FROM users WHERE user_group=:selected_group ORDER BY nachname ASC");
  164.             $stmt->BindParam(":selected_group", $selected_group);
  165.             $stmt->execute();
  166.         }
  167.  
  168.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  169.     }
  170.  
  171.     function getAllUsersFromTaskGroup($selected_group) {
  172.             $stmt = self::$_db->prepare("SELECT * FROM tasks WHERE task_for_group=:selected_group ORDER BY task_id ASC");
  173.             $stmt->BindParam(":selected_group", $selected_group);
  174.             $stmt->execute();
  175.        
  176.  
  177.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  178.     }
  179.  
  180.     function getAllShares() {
  181.         $stmt = self::$_db->prepare("SELECT * FROM shares ORDER BY share_id ASC");
  182.         $stmt->execute();
  183.  
  184.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  185.     }
  186.  
  187.     function getAllSharesFromGroup($selected_user_group) {            
  188.             $stmt = self::$_db->prepare("SELECT * FROM shares WHERE share_creator_group=:selected_group ORDER BY share_id ASC");
  189.             $stmt->BindParam(":selected_group", $selected_user_group);
  190.             $stmt->execute();
  191.        
  192.  
  193.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  194.     }
  195.  
  196.     function getAllLogs() {
  197.         $stmt = self::$_db->prepare("SELECT * FROM logs ORDER BY timestamp DESC");
  198.         $stmt->execute();
  199.  
  200.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  201.     }
  202.  
  203.     function deleteAllLogs() {
  204.         $tablename = 'logs';
  205.         $stmt = self::$_db->prepare("TRUNCATE TABLE $tablename;");
  206.         if($stmt->execute()) {
  207.             return true;
  208.         } else {
  209.             return false;
  210.         }
  211.     }
  212.  
  213.     function getAllTasks($sort = "ASC") {
  214.         if($sort != "ASC" && $sort != "DESC") {
  215.             return -1;
  216.         }
  217.  
  218.         $stmt = self::$_db->prepare("SELECT * FROM tasks ORDER BY task_id ASC");
  219.         $stmt->execute();
  220.  
  221.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  222.     }
  223.  
  224.     function getAllTasksFromGroup($selected_user_group) {
  225.        
  226.             $stmt = self::$_db->prepare("SELECT * FROM tasks WHERE task_for_group=:benutzername ORDER BY task_id ASC");
  227.             $stmt->BindParam(":benutzername", $selected_user_group);
  228.             $stmt->execute();
  229.        
  230.  
  231.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  232.     }
  233.  
  234.     function getAllTasksFromUser($selected_user) {
  235.             $stmt = self::$_db->prepare("SELECT * FROM tasks WHERE task_for_user_benutzername=:selected_user ORDER BY task_id ASC");
  236.            
  237.             $stmt->BindParam(":selected_user", $selected_user);
  238.             $stmt->execute();
  239.        
  240.  
  241.         return $stmt->fetchAll(PDO::FETCH_ASSOC);
  242.     }
  243.  
  244.     function createNewGroup($group_name, $group_details, $group_institution) {
  245.         $stmt = self::$_db->prepare("INSERT INTO groups (group_name, group_details, group_institution) VALUES(:group_name, :group_details, :group_institution)");
  246.         $stmt->bindParam(":group_name", $group_name);
  247.         $stmt->bindParam(":group_details", $group_details);
  248.         $stmt->bindParam(":group_institution", $group_institution);
  249.         if($stmt->execute()) {
  250.             return true;
  251.         } else {
  252.             return false;
  253.         }
  254.     }
  255.  
  256.     function createNewUser($user_vorname, $user_nachname, $user_institution, $user_group, $user_role, $admin_rights, $user_password) {
  257.         $stmt = self::$_db->prepare("INSERT INTO users (benutzername, vorname, nachname, user_role, user_group, user_institution, admin_rechte, passwort, status, listen_mode) VALUES(:benutzername, :vorname, :nachname, :user_role, :user_group, :user_institution, :admin_rechte, :passwort, :status, :listen_mode)");
  258.         $secured_pw = sha1($user_password);
  259.         $nickname_first_word = $user_vorname;
  260.         $nickname_first_letter = $nickname_first_word[0];
  261.         $secured_benutzername = $nickname_first_letter . $user_nachname;
  262.         $status = 'Offline';
  263.         $listen_mode_modus_off = 'Off';
  264.         $stmt->bindParam(":vorname", $user_vorname);
  265.         $stmt->bindParam(":nachname", $user_nachname);
  266.         $stmt->bindParam(":user_role", $user_role);
  267.         $stmt->bindParam(":user_group", $user_group);
  268.         $stmt->bindParam(":user_institution", $user_institution);
  269.         $stmt->bindParam(":admin_rechte", $admin_rights);
  270.         $stmt->bindParam(":passwort", $secured_pw);
  271.         $stmt->bindParam(":benutzername", $secured_benutzername);
  272.         $stmt->bindParam(":status", $status);
  273.         $stmt->bindParam(":listen_mode", $listen_mode_modus_off);
  274.         if($stmt->execute()) {
  275.             return true;
  276.         } else {
  277.             return false;
  278.         }
  279.     }
  280.  
  281.     function updateUser($user_vorname, $user_nachname, $user_institution, $user_group, $user_role, $admin_rights, $user_password, $user_benutzername) {
  282.         $stmt = self::$_db->prepare("Update users SET
  283.                 vorname=:vorname,
  284.                 nachname=:nachname,
  285.                user_role=:user_role,
  286.                user_group=:user_group,
  287.                user_institution=:user_insCXtitution,
  288.                admin_rechte=:admin_rechte,
  289.                 WHERE benutzername=:benutzername");
  290.         $stmt->bindParam(":vorname", $user_vorname);
  291.         $stmt->bindParam(":nachname", $user_nachname);
  292.         $stmt->bindParam(":user_role", $user_role);
  293.         $stmt->bindParam(":user_group", $user_group);
  294.         $stmt->bindParam(":user_institution", $user_institution);
  295.         $stmt->bindParam(":admin_rechte", $admin_rights);
  296.         $stmt->bindParam(":benutzername", $user_benutzername);
  297.         if($stmt->execute()) {
  298.             return true;
  299.         } else {
  300.             return false;
  301.         }
  302.     }
  303.  
  304.     function getUserData($user_benutzername) {
  305.         $stmt = self::$_db->prepare("SELECT * FROM users WHERE Benutzername=:username");
  306.         $the_user_one = $user_benutzername;
  307.         $stmt->bindParam(":username", $the_user_one);
  308.         $stmt->execute();
  309.  
  310.         return $stmt->fetch(PDO::FETCH_ASSOC);
  311.     }
  312.  
  313.     function groupAddMembers($user_for_add, $group_for_add) {      
  314.          foreach ($user_for_add as $added_user)
  315.             $stmt = self::$_db->prepare("INSERT INTO users (user_group) VALUES(:user_group) WHERE benutzername=:benutzername");
  316.             $stmt->bindParam(":user_group", $group_for_add);
  317.             $stmt->bindParam(":benutzername", $added_user);
  318.             if($stmt->execute()) {
  319.                 return true;
  320.             } else {
  321.                 return false;
  322.             }
  323.        
  324.     }
  325.  
  326.    
  327.     function createNewNews($titel, $news) {
  328.         $stmt = self::$_db->prepare("INSERT INTO eintraege (Autor, Headline, Eintrag) VALUES(:autor, :titel, :news)");
  329.         $autorID = self::getUserID();
  330.         $stmt->bindParam(":autor", $autorID);
  331.         $stmt->bindParam(":titel", $titel);
  332.         $stmt->bindParam(":news", $news);
  333.  
  334.         if($stmt->execute()) {
  335.             return true;
  336.         } else {
  337.             return false;
  338.         }
  339.     }
  340.  
  341.     function getUserID() {
  342.         $stmt = self::$_db->prepare("SELECT User_ID FROM users WHERE Session=:sid");
  343.         $sid = session_id();
  344.         $stmt->bindParam(":sid", $sid);
  345.         $stmt->execute();
  346.  
  347.         return $stmt->fetch(PDO::FETCH_OBJ)->User_ID;
  348.     }
  349.  
  350.     function getUserName() {
  351.         $stmt = self::$_db->prepare("SELECT Vorname, Nachname FROM users WHERE Session=:sid");
  352.         $sid = session_id();
  353.         $stmt->bindParam(":sid", $sid);
  354.         $stmt->execute();
  355.  
  356.         $user = $stmt->fetch(PDO::FETCH_OBJ);
  357.  
  358.         return $user->Vorname . " " . $user->Nachname;
  359.     }
  360.  
  361.     function getUserRole() {
  362.         $stmt = self::$_db->prepare("SELECT user_role FROM users WHERE Session=:sid");
  363.         $sid = session_id();
  364.         $stmt->bindParam(":sid", $sid);
  365.         $stmt->execute();
  366.  
  367.         $user = $stmt->fetch(PDO::FETCH_OBJ);
  368.  
  369.         return $user->user_role;
  370.     }
  371.  
  372.     function getUserGroup() {
  373.         $stmt = self::$_db->prepare("SELECT user_group FROM users WHERE Session=:sid");
  374.         $sid = session_id();
  375.         $stmt->bindParam(":sid", $sid);
  376.         $stmt->execute();
  377.  
  378.         $user = $stmt->fetch(PDO::FETCH_OBJ);
  379.  
  380.         return $user->user_group;
  381.     }
  382.  
  383.     function getUserInstitution() {
  384.         $stmt = self::$_db->prepare("SELECT user_institution FROM users WHERE Session=:sid");
  385.         $sid = session_id();
  386.         $stmt->bindParam(":sid", $sid);
  387.         $stmt->execute();
  388.  
  389.         $user = $stmt->fetch(PDO::FETCH_OBJ);
  390.  
  391.         return $user->user_institution;
  392.     }
  393.  
  394.     function getUserStatus() {
  395.         $stmt = self::$_db->prepare("SELECT status FROM users WHERE Session=:sid");
  396.         $sid = session_id();
  397.         $stmt->bindParam(":sid", $sid);
  398.         $stmt->execute();
  399.  
  400.         $user = $stmt->fetch(PDO::FETCH_OBJ);
  401.  
  402.         return $user->status;
  403.     }
  404.  
  405.     function getUserNameByID($userID) {
  406.         $stmt = self::$_db->prepare("SELECT Vorname, Nachname FROM users WHERE User_ID=:userid");
  407.         $stmt->bindParam(":userid", $userID);
  408.  
  409.         if($stmt->execute()) {
  410.             if($stmt->rowCount() === 1) {
  411.                 $user = $stmt->fetch(PDO::FETCH_OBJ);
  412.                 return $user->Vorname . " " . $user->Nachname;
  413.             } else {
  414.                 return "";
  415.             }
  416.         } else {
  417.             return "";
  418.         }
  419.     }
  420.  
  421.     function getEntryByID($id) {
  422.         $stmt = self::$_db->prepare("SELECT eintraege.Eintrag_ID, eintraege.Headline, eintraege.Datum, eintraege.Eintrag, users.Vorname, users.Nachname FROM eintraege INNER JOIN users ON eintraege.Autor = users.User_ID WHERE Eintrag_ID=:id");
  423.         $stmt->bindParam(":id", $id);
  424.  
  425.         if($stmt->execute()) {
  426.             if($stmt->rowCount() === 1) {
  427.                 return $stmt->fetch(PDO::FETCH_OBJ);
  428.             } else {
  429.                 return false;
  430.             }
  431.         } else {
  432.             return false;
  433.         }
  434.     }
  435.  
  436.     function editEntry($titel, $news, $date, $id) {
  437.         $stmt = self::$_db->prepare("UPDATE eintraege SET
  438.                 Datum=:datum,
  439.                 Headline=:titel,
  440.                 Eintrag=:news
  441.                 WHERE Eintrag_ID=:id");
  442.  
  443.         $date = date('Y-m-d H:i:s', strtotime($date));
  444.  
  445.         $stmt->bindParam(":id", $id);
  446.         $stmt->bindParam(":datum", $date);
  447.         $stmt->bindParam(":news", $news);
  448.         $stmt->bindParam(":titel", $titel);
  449.  
  450.         if($stmt->execute()) {
  451.             return true;
  452.         } else {
  453.             return false;
  454.         }
  455.     }
  456.  
  457.     function deleteEntry($id) {
  458.         $stmt = self::$_db->prepare("DELETE FROM eintraege WHERE Eintrag_ID=:id");
  459.         $stmt->bindParam(":id", $id);
  460.  
  461.         if($stmt->execute()) {
  462.             return true;
  463.         } else {
  464.             return false;
  465.         }
  466.     }
  467.  
  468.     function deleteUser($user_benutzername) {
  469.         $stmt = self::$_db->prepare("DELETE FROM users WHERE benutzername=:benutzername");
  470.         $stmt->bindParam(":benutzername", $user_benutzername);
  471.  
  472.         if($stmt->execute()) {
  473.             return true;
  474.         } else {
  475.             return false;
  476.         }
  477.     }
  478. }
  479. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!