Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once( "ESLogger.class.php" );
- require_once( "User.class.php" );
- class Users {
- // Database information
- private $_link;
- private $_database_host;
- private $_database_name;
- private $_database_password;
- private $_database_user;
- private $_logger;
- public function __construct() {
- $this->_logger = new ESLogger( PATH_TO_LOG_FILE );
- $this->_database_host = DATABASE_HOST;
- $this->_database_name = DATABASE_NAME;
- $this->_database_user = DATABASE_USER;
- $this->_database_password = DATABASE_PASSWORD;
- $this->_logger->log( "Created Users instance.", LOG_LEVELS::VERBOSE );
- $this->_logger->log( "Stored database info.", LOG_LEVELS::WARNING );
- }
- public function addUser( $email, $password, $first_name, $last_name,
- $addr="NULL", $city="NULL", $zip_code="NULL", $phone_number="NULL" ) {
- //$error = NULL;
- // Check if email exists
- $mysql_result = $this->_queryDatabase( "SELECT email FROM users WHERE email = '$email'" );
- $matched_emails = mysql_fetch_assoc($mysql_result);
- if ( $matched_emails )
- {
- $matches = count($matched_emails);
- if ( $matches > 0 )
- {
- // No matches expected, this means trouble
- $log_message = "Found " . $matches . " emails matching " . $email;
- $this->_logger->log($log_message);
- return FALSE;
- }
- }
- $this->_logger->log("Adding user to database.", LOG_LEVELS::WARNING );
- $sql = "INSERT INTO users ( email, password, first_name, last_name, address, city, zip_code,
- phone_number ) values ( '$email', '$password', '$first_name', '$last_name',
- '$addr', '$city', '$zip_code', '$phone_number' );";
- $this->_logger->log("SQL Statement used: " . $sql, LOG_LEVELS::VERBOSE );
- if ( !$this->_queryDatabase( $sql ) ) {
- return FALSE;
- }
- $this->_logger->log("Creating user object.", LOG_LEVELS::WARNING );
- $new_user = new User();
- $new_user->first_name = $first_name;
- $new_user->last_name = $last_name;
- $new_user->email = $email;
- $new_user->password = $password;
- return $new_user;
- }
- public function validateUser( $email, $password ) {
- $this->_logger->log("Searching for matching credentials.", LOG_LEVELS::WARNING);
- $sql = "SELECT * FROM users WHERE email='$email' AND password='$password'";
- $this->_logger->log("SQL Statement used: " . $sql, LOG_LEVELS::VERBOSE );
- $mysql_result = $this->_queryDatabase( $sql );
- $count = 0;
- if ( $mysql_result ) {
- while ( $results[] = mysql_fetch_array($mysql_result) ) {
- $count = $count + 1;
- }
- $this->_logger->log("Found " . $count . " row(s).");
- if ( 1 != $count ) {
- $this->_logger->log("Did not find an exact match for user, assuming invalid credentials.");
- return false;
- } else {
- $iter = 0;
- $args = "";
- $this->_logger->log("Found single result, calling it a match.");
- $numCol = count($results[0])/2;
- $this->_logger->log("Count returned: " . $numCol, LOG_LEVELS::BROWSER);
- while ( $iter <= $numCol ) {
- $args .= $results[0][$iter];
- // This whole if statement is to check if the value is the last to be used and prevent it
- // from being followed by a space and comma.
- $iter += 1;
- if (!($iter == ($numCol - 1)) || !($iter == $numCol)) {
- if ($iter == $numCol) {
- pass;
- } else {
- $args .= ", ";
- }
- }
- }
- }
- $this->_logger->log("Creating a user with these arguments: " . $args);
- $user = new User( $args );
- return $user;
- }
- }
- private function _queryDatabase($sql) {
- if ( !$this->_link ) {
- // !!WARNING: REMOVE THIS FROM PRODUCTION CODE!!
- if ( LOG_LEVELS::BROWSER == LOG_LEVEL ) {
- $message = "host - " . $this->_database_host . " | user - " . $this->_database_user . " | password - " . $this->_database_password;
- $this->_logger->log($message);
- }
- if ( $this->_link = mysql_connect($this->_database_host, $this->_database_user,
- $this->_database_password) ) {
- mysql_select_db($this->_database_name, $this->_link);
- $this->_logger->log( "Connected to database." );
- } else {
- $this->_logger->log( "Failed to connect to databse." );
- }
- }
- $this->_results = mysql_query($sql, $this->_link);
- if ( $this->_results ) {
- $this->_logger->log( "Got results." );
- return $this->_results;
- }
- $message = "SQL query failed: " . mysql_error();
- $this->_logger->log( $message );
- return false;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement