```<?phpclass Member { /* * @Member class: This is the base account ty

1. ```
2. <?php
3.  
4. class Member {
5.     /*
6.     * @Member class: This is the base account type and very other account type should inherit from this
7.     * @author: Al Nmeri
8.     * ==== @constructor ====
9.     * @param: a unique username to init user for db indexing.
10.     * @returns: attaches user info to properties
11.     **/
12.     public $name;
13.     public $pagename;
14.     public $can_comment;
15.     public $profile_pic;
16.     public $username;
17.     public $bio;
18.     public $account_type;
19.  
20.     public function __construct($name) {
21.         $this->name = str_replace('_', ' ', ucwords(strtolower($name)));
22.         $this->pagename = "http://site.com/". strtolower(str_replace('_', '.', $name)) . '/';
23.         $this->can_comment = true;
24.         $this->profile_pic = "http://site.com/user.png";
25.         $this->username = $name;
26.         $this->bio = "";
27.         $this->account_type = 'member';
28.         }
29.  
30.     /*
31.     * @param: PDO conn object
32.     * @returns: returns true on successful insert of all user properties into db
33.     **/
34.     public function activate (PDO $conn) {
35.  
36.     $active = $conn->prepare("INSERT INTO user_info (name, username, pagename, can_comment, profile_pic, bio, account_type) VALUES (:name, :username, :pagename, :can_comment, :profile_pic, :bio, :account_type)");
37.    
38.     $active->execute((array) $this);
39.     return true;
40.     }
41.  
42.     /*
43.     * @description: For settings page. To fetch all alterable user properties
44.     * @param: PDO conn object
45.     * @param: joiner: the variable that join the tables
46.     * @returns: returns an object containing current user properties for sitewide usage
47.     **/
48.  
49.     public static function fetch_me (PDO $conn, $joiner) {
50.        
51.         $prep = $conn->prepare("SELECT users.username, users.email, users.password, user_info.name, user_info.profile_pic, user_info.bio, user_info.pagename FROM users INNER JOIN user_info ON users.username=user_info.username WHERE users.username=?"); //ON is the joiner between the tables like WHERE is for values
52.  
53.         $prep->execute([filter_var($joiner, FILTER_SANITIZE_STRING)]);
54.  
55.         return $prep->fetch(PDO::FETCH_OBJ);
56.     }
57.  
58.     /*
59.     * @param: $old_pass: old password
60.     * @param: $new_pass: new password;
61.     * @param: $conn: PDO connection
62.     * @description: changes user password
63.     * @returns: false on wrong password or failure
64.     **/
65.     public static function change_password($old_pass, $new_pass, $conn) {
66.             $new_pass = password_hash($new_pass, PASSWORD_BCRYPT);
67.             $sess = $_SESSION['username'];
68.            
69.             if (password_verify($old_pass, SELF::fetch_me($conn, $sess)->password)) {
70.             $change_pass_query = $conn->prepare("UPDATE users SET password=? WHERE username=?")->execute([$new_pass, $sess]);
71.         }
72.         else return false;
73.     }
74.    
75.     /*
76.     * @param: $pass: user password
77.     * @param: $new_email: $email to change to
78.     * @param: $conn: PDO connection
79.     * @description: changes user email
80.     * @returns: false on wrong password or failure
81.     **/
82.     public static function change_email($pass, $new_email, $conn) {
83.         $sess = $_SESSION['username'];
84.         $new_email = filter_var($new_email, FILTER_SANITIZE_EMAIL);
85.  
86.         if (password_verify($pass, SELF::fetch_me($conn, $sess)->password)) {
87.             //test if email is already in use by someone else
88.  
89.             $email_in_use = $conn->prepare("SELECT COUNT(*) FROM users WHERE email=?")->execute([$new_email]);
90.  
91.             if ($email_in_use->fetchColumn() == "1") {
92.                 return "<span style='color: red; padding-left:5%;' id='errorText'> sorry. email in use by another user </span>";
93.             }
94.             //else update db with new email
95.  
96.             else {
97.                 $change_email_query = $conn->prepare("UPDATE users SET email=? WHERE username= ?")->execute([$new_pass, $sess]);
98.         }
99.     }
100.         else return "Changes not saved: wrong password.";
101.     }
102.    
103.     /*
104.     * @param: valid PDO connection
105.     * @param: Session variable
106.     * @description: updates user's last login
107.     * @return: null
108.     **/
109.     public static function set_last_login($conn, $sess) {
110.        
111.         $update = $conn->query("UPDATE users SET last_login=NOW() WHERE username=?")->execute([$sess]);
112.     }
113.    
114.     public function bio($bio, $conn) {
115.         $sess = $_SESSION['username'];
116.        
117.         $update = $conn->prepare("UPDATE user_info SET bio=? WHERE username=?")->execute([htmlspecialchars($bio), $sess]);
118.     }
119.    
120.     /*
121.     * @function: A one time function to check if user has changed default display picture and updates db if so
122.     * @param: valid PDO connection
123.     **/
124.     public static function change_picture($conn){
125.         $sess = $_SESSION['username'];
126.  
127.         // Check if user has previously uploaded profile picture
128.         if (SELF::fetch_me($conn, $sess)->profile_pic == "../user.png") {
129.             $new_image_link = $_SERVER["DOCUMENT_ROOT"].'/a/profile_images/'. SELF::fetch_me($conn, $sess)->username. '.png';
130.  
131.             $dp = $conn->prepare("UPDATE user_info SET profile_pic=?")->execute([$new_image_link]);
132.         }
133.     }
134.  
135.     /*@function: In case of upgrade, use overloading to add new features **/
136.     public function __set ($name, $method){
137.         return $this->name = $method;
138.     }
139. }
140.  
141. ?>
142. ```