Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class User extends Model
- {
- public function Login($Username, $Password, $Remember = null)
- {
- if (empty($Username) || strlen($Username) == 0)
- echo 'Intet brugernavn indtastet';
- elseif (empty($Password) || strlen($Password) == 0)
- echo 'Intet kodeord indtastet';
- else
- {
- // Check if the username exists in the database
- $SqlString = sprintf("SELECT `UserId`, `Username`, `Password` FROM `users` WHERE `Username` = '%s'", mysql_real_escape_string($Username));
- $Result = $this->Database->Query($SqlString);
- if ($Result->NumRows() == 0)
- echo 'Forkert brugernavn';
- else
- {
- // Check if the password matches
- $SqlString .= sprintf(" AND `Password` = '%s'", mysql_real_escape_string($Password));
- $Result = $this->Database->Query($SqlString);
- if ($Result->NumRows() == 0)
- echo 'Forkert kodeord';
- else
- {
- $User = $Result->Fetch();
- // Update LastLogin
- $SqlString = sprintf("UPDATE `users` SET `LastLogin` = '%s' WHERE `UserId` = '%s'", time(), $User['UserId']);
- $this->Database->Query($SqlString);
- Session::Set('UserId', $User['UserId']);
- if (is_null($Remember))
- {
- $CookieData = $User['UserId'] . '|' . $User['Username'] . '|' . $User['Password'];
- Cookie::Set('DODSDK_KAGE', $CookieData);
- }
- if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest')
- echo 'Success';
- else
- {
- header('Location: ' . $_SERVER['REQUEST_URI']);
- exit;
- }
- }
- }
- }
- }
- public function Logout()
- {
- Session::Destroy();
- Cookie::Delete('DODSDK_KAGE');
- echo 'Success';
- }
- public function Create($Username, $Password, $PasswordAgain)
- {
- if (empty($Username) || strlen($Username) == 0)
- echo 'Intet brugernavn valgt!';
- elseif (empty($Password) || strlen($Password) == 0)
- echo 'Intet kodeord valgt!';
- elseif (empty($PasswordAgain) || strlen($PasswordAgain) == 0)
- echo 'Du skal indtaste kodeordet 2 gange!';
- elseif ($Password != $PasswordAgain)
- echo 'De 2 indtastede kodeord var ikke ens!';
- else
- {
- $SqlString = sprintf("SELECT `Username` FROM `users` WHERE `Username` = '%s'", mysql_real_escape_string($Username));
- $Result = $this->Database->Query($SqlString);
- if ($Result->NumRows() != 0)
- echo 'Brugernavnet findes allerede i systemet!';
- else
- {
- $Password = md5($Password);
- $SqlString = sprintf("INSERT INTO `users` (`CreatedDate`, `Username`, `Password`) VALUES('%s', '%s', '%s')", time(), mysql_real_escape_string($Username), mysql_real_escape_string($Password));
- $Result = $this->Database->Query($SqlString);
- $LastUserId = $Result->InsertId();
- $SqlString = sprintf("INSERT INTO `users_roles` (`UserId`, `RoleId`) VALUES('%s', '%s')", $LastUserId, 6);
- $this->Database->Query($SqlString);
- echo 'Success'; // Return ajax 'call'
- }
- }
- }
- public function Delete($UserId)
- {
- $SqlString = sprintf("DELETE FROM `users` WHERE `UserId` = '%s'", $UserId);
- $this->Database->Query($SqlString);
- $SqlString = sprintf("DELETE FROM `users_roles` WHERE `UserId` = '%s'", $UserId);
- $this->Database->Query($SqlString);
- }
- public function GetById($UserId)
- {
- $SqlString = sprintf("SELECT `UserId`, `Username`, `Password` FROM `users` WHERE `UserId` = '%s'", $UserId);
- $Result = $this->Database->Query($SqlString);
- return $Result->Fetch();
- }
- public function GetAll()
- {
- $SqlString = "SELECT `UserId`, `Username`, `FirstName`, `SurName` FROM `users` ORDER BY `Username` ASC";
- $Result = $this->Database->Query($SqlString);
- return $Result->FetchAll();
- }
- public function GetAllByCreatedDate()
- {
- $SqlString = "SELECT `UserId`, `Username`, `FirstName`, `SurName` FROM `users` ORDER BY `CreatedDate` DESC LIMIT 5";
- $Result = $this->Database->Query($SqlString);
- return $Result->FetchAll();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement