Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $database = new database;
- ob_start();
- session_start();
- class database {
- private $pdo;
- public function __construct() {
- // Connection information
- $host = 'localhost';
- $dbname = 'proeven';
- $user = 'root';
- $pass = '';
- // Attempt DB connection
- try
- {
- $this->pdo = new PDO("mysql:host=$host;dbname=$dbname", $user, $pass);
- $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- //echo 'Successfully connected to the database!';
- }
- catch(PDOException $e)
- {
- echo $e->getMessage();
- }
- }
- //When you login the CMS, it checks for you'r CMS id.
- //if all is right, you will be logged in.
- function cms_login() {
- $sql = "SELECT * FROM users WHERE username = :username AND (cms_id = '1' OR cms_id = '2')";
- $sth = $this->pdo->prepare($sql);
- $sth->bindParam(':username', $_POST['username'], PDO::PARAM_STR);
- $sth->execute();
- if (($row = $sth->fetchObject())) {
- if ($_POST['password'] == $row->password) {
- $_SESSION['cms_login'] = '1';
- $_SESSION['user_id'] = $row->user_id;
- $_SESSION['username'] = $row->username;
- header('Location: index.php');
- }
- /*If the password/email_adres is inccorect. it gives you a warning message*/
- else { ?>
- Username or password is incorrect!
- <?php }
- } else { ?>
- Username or password is incorrect!
- <?php }
- }
- //When loggin in to the forum, it just checks wheter you'r username and password are correct.
- //no need for other checks.
- function forum_login() {
- $sql = "SELECT * FROM users WHERE username = :username";
- $sth = $this->pdo->prepare($sql);
- $sth->bindParam(':username', $_POST['username'], PDO::PARAM_STR);
- $sth->execute();
- if (($row = $sth->fetchObject())) {
- if ($_POST['password'] == $row->password) {
- $_SESSION['forum_login'] = '1';
- $_SESSION['user_id'] = $row->user_id;
- $_SESSION['user_rank'] = $row->cms_id;
- $_SESSION['username'] = $row->username;
- header('Location: ../index.php');
- }
- /*If the password/email_adres is inccorect. it gives you a warning message*/
- else { ?>
- Username or password is incorrect!
- <?php }
- } else { ?>
- Username or password is incorrect!
- <?php }
- }
- //When making a new thread, everything will be inserted inside here.
- function new_thread($user_id, $user_name, $thread_name, $category, $message, $thread_date) {
- $sql = "INSERT INTO threads "
- . "(thread_id, user_id, user_name, category, thread_title, thread_message, thread_time)"
- . "VALUES (thread_id, :user_id, :user_name, :category, :thread_title, :thread_message, :thread_time) ";
- $sth = $this->pdo->prepare($sql);
- $sth->bindParam(':user_id', $_POST['user_id'], PDO::PARAM_STR);
- $sth->bindParam(':user_name', $_POST['user_name'], PDO::PARAM_STR);
- $sth->bindParam(':category', $_POST['thread_category'], PDO::PARAM_STR);
- $sth->bindParam(':thread_title', $_POST['thread_name'], PDO::PARAM_STR);
- $sth->bindParam(':thread_message', $message, PDO::PARAM_STR);
- $sth->bindParam(':thread_time', $_POST['date'], PDO::PARAM_STR);
- $sth->execute();
- $get_insert_id = $this->pdo->lastInsertId();
- header('Location: thread.php?thread_id=' . $get_insert_id);
- }
- }
- if(isset($_POST['add_new_thread'])){
- $user_id = $_POST['user_id'];
- $thread_date = $_POST['date'];
- $user_name = $_POST['user_name'];
- $thread_name = $_POST['thread_name'];
- $show_category = $_POST['thread_category'];
- $message_raw = $_POST['thread_message'];
- $message = str_replace($replace, $search, $message_raw);
- $database->add_user_post($user_id, $user_name, $thread_name, $category, $message, $thread_date);
- unset($_POST['add_new_thread']);
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement