Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- namespace Auth;
- use Connect\ConnectDB;
- class User
- {
- private $id;
- private $username;
- private $db;
- private $user_id;
- private $db_host = "localhost";
- private $db_name = "u0003130_jew";
- private $db_user = "root";
- private $db_pass = "";
- private $is_authorized = false;
- public function __construct($username = null, $password = null)
- {
- $this->username = $username;
- $this->connectDb($this->db_name, $this->db_user, $this->db_pass, $this->db_host);
- }
- public function __destruct()
- {
- $this->db = null;
- }
- public static function isAuthorized()
- {
- if (!empty($_SESSION["user_id"])) {
- return (bool) $_SESSION["user_id"];
- }
- return false;
- }
- public function passwordHash($password, $iterations = 10)
- {
- $options = [
- 'cost' => $iterations,
- ];
- return password_hash($password,PASSWORD_BCRYPT ,$options);
- }
- public function verify($password, $hash){
- return password_verify($password, $hash);
- }
- public function authorize($username, $password, $remember=false)
- {
- $query = "select id, username,password from users where
- username = :username limit 1";
- $sth = $this->db->prepare($query);
- $sth->execute(
- array(
- ":username" => $username
- )
- );
- $this->user = $sth->fetch();
- if(!$this->user){
- $this->is_authorized = false;
- return false;
- }
- if(!$this->verify($password,$this->user['password'])){
- $this->is_authorized = false;
- return false;
- }
- $this->is_authorized = true;
- $this->user_id = $this->user['id'];
- $this->saveSession($remember);
- return true;
- }
- public function logout()
- {
- if (!empty($_SESSION["user_id"])) {
- unset($_SESSION["user_id"]);
- setcookie("sid","");
- }
- }
- public function saveSession($remember = false, $http_only = true, $days = 7)
- {
- $_SESSION["user_id"] = $this->user_id;
- if ($remember) {
- // Save session id in cookies
- $sid = session_id();
- $expire = time() + $days * 24 * 3600;
- $domain = ""; // default domain
- $secure = false;
- $path = "/";
- $cookie = setcookie("sid", $sid, $expire, $path, $domain, $secure, $http_only);
- }
- }
- public function create($username, $password) {
- $query = "insert into users (username, password)
- values (:username, :password)";
- $hash = $this->passwordHash($password);
- $sth = $this->db->prepare($query);
- try {
- $this->db->beginTransaction();
- $result = $sth->execute(
- array(
- ':username' => $username,
- ':password' => $hash
- )
- );
- $this->db->commit();
- } catch (\PDOException $e) {
- $this->db->rollback();
- echo "Database error: " . $e->getMessage();
- die();
- }
- if (!$result) {
- $info = $sth->errorInfo();
- printf("Database error %d %s", $info[1], $info[2]);
- die();
- }
- return $result;
- }
- public function connectdb($db_name, $db_user, $db_pass, $db_host)
- {
- try {
- $this->db = new \pdo("mysql:host=$db_host;dbname=$db_name;charset=utf-8", $db_user, $db_pass);
- } catch (\pdoexception $e) {
- echo "database error: " . $e->getmessage();
- die();
- }
- return $this;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement