class.user.php

1. <?php
2.  
3. require_once 'dbconfig.php';
4. const PATH_PHOTOS = '/var/www/html/sbdev2/php/site3/upload/';
5. global $_FILES;
6.  
7. class USER
8. {
9.  
10. private $conn;
11.  
12. public function __construct()
13. {
14. $database = new Database();
15. $db = $database->dbConnection();
16. $this->conn = $db;
17. }
18.  
19. public function runQuery($sql)
20. {
21. $stmt = $this->conn->prepare($sql);
22. return $stmt;
23. }
24.  
25. public function lasdID()
26. {
27. $stmt = $this->conn->lastInsertId();
28. return $stmt;
29. }
30.  
31. public function register($uname, $email, $upass, $code, $phone, $street_address, $street_address_2, $city, $state, $zip_code, $country , $portfolio)
32. {
33. try {
34. // $password = md5($upass);
35. $password = $_POST["upass"];
36. // $hash = password_hash($upass, PASSWORD_DEFAULT);
37. $password = password_hash('upass', PASSWORD_DEFAULT);
38. $stmt = $this->conn->prepare("INSERT INTO tbl_users(userName,userEmail,userPass, tokenCode, phone, street_address, street_address_2 , city , state , zip_code , country , portfolio)
39. VALUES(:user_name, :user_mail, :user_pass, :active_code, :phone , :street_address, :street_address_2 , :city , :state , :zip_code , :country, :portfolio) ;");
40. $stmt->execute(array(
41. ":user_name" => $uname,
42. ":user_mail" => $email,
43. ":user_pass" => $password,
44. ":active_code" => $code,
45. ":phone" => $phone,
46. ":street_address" => $street_address,
47. ":street_address_2" => $street_address_2,
48. ":city" => $city,
49. ":state" => $state,
50. ":zip_code" => $zip_code,
51. ":country" => $country,
52. ":portfolio" => $portfolio
53. ));
54. return $stmt;
55. } catch (PDOException $ex) {
56. echo $ex->getMessage();
57. }
58. }
59.  
60. /* php */
61.  
62. public function update($uname, $email, $phone, $street_address, $street_address_2, $city, $state, $zip_code, $country, $sold_by,
63. $portfolio, $paypal_email_id, $account_holder_name, $account_number, $branch_name, $bank_name, $ifsc_code)
64. {
65. try {
66. $stmt = $this->conn->prepare('UPDATE tbl_users SET userName = ?, userEmail = ?, phone = ?, street_address = ? , street_address_2 = ?
67. , city = ? , state = ? , zip_code = ? , country = ? , sold_by = ? , portfolio = ? , paypal_email_id = ? , account_holder_name = ? ,
68. account_number = ?, branch_name = ? , bank_name =? , ifsc_code =? WHERE userID = ? ');
69. return $stmt->execute(array($uname, $email, $phone, $street_address, $street_address_2, $city, $state, $zip_code, $country, $sold_by,
70. $portfolio, $paypal_email_id, $account_holder_name, $account_number, $branch_name, $bank_name, $ifsc_code, $_SESSION['userSession']));
71. } catch (PDOException $e) {
72. echo '<p class="bg-danger">' . $e->getMessage() . '</p>';
73. }
74. }
75.  
76. /*php end */
77.  
78.  
79. const PATH_PHOTOS = '/var/www/html/sbdev2/php/site3/upload/';
80. const BASE_URL = 'http://sbdev2.kidsdial.com:81/php/site3/';
81.  
82. public function add_photo($file)
83. {
84. $ext = pathinfo($file['name'], PATHINFO_EXTENSION);
85. $file['new_name'] = uniqid(rand(), true) . ".$ext";
86. if (!$this->_upload_file($file))
87. return false;
88. return $this->_remove_previous_photo()->_add_file_to_db(self::PATH_PHOTOS . basename($file['new_name']));
89. }
90.  
91. protected function _remove_previous_photo()
92. {
93. $photo = $this->get_photo();
94. if ($photo)
95. unlink($photo);
96. return $this;
97. }
98.  
99. public function get_photo()
100. {
101. global $_SESSION;
102. $stmt = $this->conn->prepare('SELECT photo FROM tbl_users WHERE userID = ? ');
103. $stmt->execute(array($_SESSION['userSession']));
104. $result = $stmt->fetch();
105. return reset($result);
106. }
107.  
108. public function get_photo_url()
109. {
110. $pathInfo = pathinfo($this->get_photo());
111. $last_dir = end(explode(DIRECTORY_SEPARATOR, $pathInfo['dirname']));
112. return self::BASE_URL . "$last_dir/" . basename($this->get_photo());
113. }
114.  
115. protected function _upload_file($file)
116. {
117. $uploadfile = self::PATH_PHOTOS . $file['new_name'];
118. return move_uploaded_file($file['tmp_name'], $uploadfile);
119. }
120.  
121. protected function _add_file_to_db($file_path)
122. {
123. try {
124. $stmt = $this->conn->prepare('UPDATE tbl_users SET photo = ? WHERE userID = ? ');
125. return $stmt->execute(array($file_path, $_SESSION['userSession']));
126. } catch (PDOException $e) {
127. echo '<p class="bg-danger">' . $e->getMessage() . '</p>';
128. }
129. }
130.  
131.  
132. public function login($email, $upass)
133. {
134. try {
135. $stmt = $this->conn->prepare("SELECT * FROM tbl_users WHERE userEmail=:email_id");
136. $stmt->execute(array(":email_id" => $email));
137. $userRow = $stmt->fetch(PDO::FETCH_ASSOC);
138. $password = password_hash('upass', PASSWORD_DEFAULT);
139.  
140. if ( $stmt->rowCount() == 1 )
141. {
142. if ( $userRow[ 'userStatus' ] == "Y" )
143. {
144. // if( password_verify( $userRow[ 'upass' ], $_POST[ "userPass" ] ) )
145. // if( password_verify( $userRow[ 'userPass' ], $_POST[ "upass" ] ) )
146. if( password_verify( $_POST[ "upass" ] , $userRow[ 'userPass' ] ) )
147. {
148. if( password_needs_rehash( 'PASSWORD', PASSWORD_DEFAULT ) )
149. {
150. $new_pass = password_hash('upass', PASSWORD_DEFAULT);
151. // Update database
152. }
153. $_SESSION[ 'userSession' ] = $userRow[ 'userID' ];
154. return true;
155. }
156. else
157. {
158. header( "Location: index.php?error" );
159. exit;
160. }
161. }
162. else
163. {
164. header( "Location: index.php?inactive" );
165. exit;
166. }
167. }
168. else
169. {
170. header( "Location: index.php?error" );
171. exit;
172. }
173. }
174. catch ( PDOException $ex )
175. {
176. echo $ex->getMessage();
177. }
178. }
179.  
180. /*
181. public function checkCredentials($email, $upass)
182. {
183. $user = $this->getUserByUsername($email);
184. if (!$email) {
185. // No user found with provided username
186. return false;
187. }
188. if (!upass_verify($upass, $email['upass'])) {
189. // Password does not match
190. return false;
191. }
192.  
193. if (upass_needs_rehash($email['upass'], PASSWORD_DEFAULT)) {
194. // This password was hashed using an older algorithm, update with new hash.
195. $this->updatePassword($email['id'], $upass);
196. }
197. // The password is no longer needed from the user data
198. unset($email['upass']);
199. return $email;
200. }
201. */
202.  
203. public function is_logged_in()
204. {
205. if (isset($_SESSION['userSession'])) {
206. return true;
207. }
208. }
209.  
210. public function redirect($url)
211. {
212. header("Location: $url");
213. }
214.  
215. public function logout()
216. {
217. session_destroy();
218. $_SESSION['userSession'] = false;
219. }
220.  
221. function send_mail($email, $message, $subject)
222. {
223. require_once('mailer/class.phpmailer.php');
224. $mail = new PHPMailer();
225. $mail->IsSMTP();
226. $mail->SMTPDebug = 0;
227. $mail->SMTPAuth = true;
228. $mail->SMTPSecure = "ssl";
229. $mail->Host = "smtp.gmail.com";
230. $mail->Port = 465;
231. $mail->AddAddress($email);
232. $mail->Username = "kidsdial5@gmail.com";
233. $mail->Password = "5dialkids";
234. $mail->SetFrom('kidsdial5@gmail.com', 'stylebaby1');
235. $mail->AddReplyTo("kidsdial5@gmail.com", "stylebaby2");
236. $mail->Subject = $subject;
237. $mail->MsgHTML($message);
238. $mail->Send();
239. }
240. }