Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class Users {
- private $uid;
- private $fields;
- //
- public function __construct()
- {
- $this -> uid = null;
- $this -> fields = array(
- 'username' => '',
- 'password' => '',
- 'emailAddr' => '',
- 'isActivated'=> ''
- );
- }
- //
- public function __get($field)
- {
- if ($field == 'userID')
- {
- return $this -> uid;
- }
- else
- {
- return $this -> fields[$field];
- }
- }
- //
- public function __set($field, $value)
- {
- $this->fields[$field]=$value;
- }
- //
- static function validateUsername($username)
- {
- return preg_match('/^[A-Z0-9]{2,20}$/i', $username);
- }
- static function validatePassword($password, $repeatpassword)
- {
- if ($password==$repeatpassword)
- {
- return 1;
- }
- }
- static function validateEmail ($email)
- {
- return preg_match('/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/', $email);
- }
- public function getById($userID)
- {
- $users=new Users();
- mysql_real_escape_string($userID);
- $result = mysql_query("SELECT USERNAME, PASSWORD, EMAIL_ADDR, IS_ACTIVE FROM USERS WHERE USER_ID=$userID",$GLOBALS['DB'])
- or die(mysql_error());
- $row = mysql_fetch_array( $result );
- $this->fields['username']=$row['USERNAME'];
- $this->fields['password']=$row['PASSWORD'];
- $this->fields['email_addr']=$row['EMAIL_ADDR'];
- $this->fields['is_active']=$row['IS_ACTIVE'];
- return $users;
- }
- static function getByUsername($username)
- {
- $users=new Users();
- mysql_real_escape_string($username);
- $result = mysql_query("SELECT USER_ID, PASSWORD, EMAIL_ADDR, IS_ACTIVE FROM USERS WHERE USERNAME='$username'",$GLOBALS['DB'])
- or die(mysql_error());
- $row = mysql_fetch_array( $result );
- $this->uid=$row['USER_ID'];
- $this->fields['password']=$row['PASSWORD'];
- $this->fields['email_addr']=$row['EMAIL_ADDR'];
- $this->fields['is_active']=$row['IS_ACTIVE'];
- return $users;
- }
- public function save()
- {
- if ($this->uid)
- {
- $query = 'UPDATE USERS SET USERNAME ='.$this->fields['username']
- .'PASSWORD='.mysql_real_escape_string($this->fields['password'])
- .'EMAIL_ADDR='.mysql_real_escape_string($this->fields['email_addr'])
- .'IS_ACTIVE='.$this->fields['is_active'].'WHERE USER_ID='.$this->uid;
- return mysql_query($query,$GLOBALS['DB']);
- }
- else
- {
- $query = mysql_query("INSERT INTO USERS (USERNAME, PASSWORD, EMAIL_ADDR, IS_ACTIVE) VALUES ('"
- .$this->fields['username']."',"
- .$this->fields['password']."',"
- .$this->fields['emailAddr'], $GLOBALS['DB']);
- if (mysql_query($query, $GLOBALS['DB']))
- {
- $this-> uid = mysql_insert_id($GLOBALS['DB']);
- return true;
- }
- else
- {
- return false;
- }
- }
- }
- public function setInactive()
- {
- $this->fields['isActivated']=false;
- $this->save();
- $token = random_text(5);
- $query = 'INSERT INTO PENDING (USER_ID, TOKEN)VALUES ('
- .$this->uid.',"'.$token.'")';
- return (mysql_query($query, $GLOBALS['DB'])) ? $token : false;
- }
- public function setActive($token)
- {
- $query = 'SELECT TOKEN FROM PENDING WHERE USER_ID='.$this->uid.'AND TOKEN="'
- .$token.'"';
- mysql_real_escape_string($query,$GLOBALS['DB']);
- $result=mysql_query($query, $GLOBALS['DB']);
- if (!mysql_num_rows($result))
- {
- mysql_free_result($result);
- return false;
- }
- else
- {
- mysql_free_result($result);
- $query='DELETE FROM PENDING WHERE USER_ID='
- .$this->uid.'AND TOKEN="'
- .mysql_real_escape_string($token, $GLOBALS['DB'])
- .'"';
- if(!mysql_query($query,$GLOBALS['DB']))
- {
- return false;
- }
- else
- {
- $this->fields['isActivated']=true;
- return $this->save();
- }
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement