<?php//Created by Thomas FARINEAU the 3 feb 2018 at 10:25 AM//Ctrlr == C

1. <?php
2. //Created by Thomas FARINEAU the 3 feb 2018 at 10:25 AM
3.  
4.  
5. //Ctrlr == Controller
6. class AccountCtrlr
7. {
8.  
9. function register()
10. {
11. //INCLUDE DB
12. global $db;
13. //DEFINE 3 SALT FOR PROTECTION
14. define('PRE_SALT', 'rthrthtrh');
15. define('SUF_SALT', 'hrthrthh');
16. define('NEW_SALT', 'rhhtrrtthr');
17. //VARIABLE FOR POST
18. $username = htmlspecialchars($_POST['username'], ENT_QUOTES);
19. $email = htmlspecialchars($_POST['email'], ENT_QUOTES);
20. $password = hash('sha256', PRE_SALT.$_POST['password'].SUF_SALT.NEW_SALT);
21. $session = md5(rand());
22. //VERIFY USERNAME EXIST
23. $reqUserVerify = $db->prepare('SELECT * FROM users WHERE username=:username');
24. $reqUserVerify->execute(array(
25. 'username' => $username
26. ));
27. $userVerify = $reqUserVerify->rowCount();
28. //VERIFY EMAIL EXIST
29. $reqEmailVerify = $db->prepare('SELECT * FROM users WHERE email=:email');
30. $reqEmailVerify->execute(array(
31. 'email' => $email
32. ));
33. $emailVerify = $reqEmailVerify->rowCount();
34. //IF DONT EXIST USER
35. if ($userVerify == "0"):
36. //IF DONT EXIST EMAIL
37. if ($emailVerify == "0"):
38. //ADD IN DB
39. $regUser = $db->prepare('INSERT INTO users SET username=:username, email=:email, password=:password, session=:session');
40. $regUser->execute(array(
41. 'username' => $username,
42. 'email' => $email,
43. 'password' => $password,
44. 'session' => $session
45. ));
46. $_SESSION['isSuccessRegister'] = true;
47. echo "success";
48. else:
49. echo "email";
50. endif;
51. else:
52. echo "username";
53. endif;
54. }
55.  
56. function login()
57. {
58. //INCLUDE DB
59. global $db;
60. //DEFINE 3 SALT FOR PROTECTION
61. define('PRE_SALT', 'rthrthtrh');
62. define('SUF_SALT', 'hrthrthh');
63. define('NEW_SALT', 'rhhtrrtthr');
64. //VARIABLE FOR POST
65. $username = htmlspecialchars($_POST['username_log'], ENT_QUOTES);
66. $password = hash('sha256', PRE_SALT.$_POST['password_log'].SUF_SALT.NEW_SALT);
67. $session = md5(rand());
68. //VERIFY USERNAME EXIST
69. $reqUserVerify = $db->prepare('SELECT * FROM users WHERE username=:username');
70. $reqUserVerify->execute(array(
71. 'username' => $username
72. ));
73. $userVerify = $reqUserVerify->rowCount();
74. //IF USER EXIST
75. if($userVerify != "0"):
76. //VERIFY USERNAME AND PASS MATCH
77. $reqUserValidPass = $db->prepare('SELECT * FROM users WHERE username=:username AND password=:password');
78. $reqUserValidPass->execute(array(
79. 'username' => $username,
80. 'password' => $password
81. ));
82. $userValidPass = $reqUserValidPass->rowCount();
83. //IF SESSION EXIST
84. if($userValidPass != "0"):
85. $userFetch = $reqUserValidPass->fetch();
86. $logUser = $db->prepare('UPDATE users SET session=:session WHERE id=:id');
87. $logUser->execute(array(
88. 'session' => $session,
89. 'id' => $userFetch['id']
90. ));
91. $_SESSION['session'] = $session;
92. echo "success";
93. else:
94. echo "session";
95. endif;
96. else:
97. echo "username";
98. endif;
99. }
100.  
101. function userLogout()
102. {
103. global $isConnected;
104. if ($isConnected)
105. session_destroy();
106. }
107.  
108. function isConnected()
109. {
110. if(!empty($_SESSION['session']))
111. return true;
112. }
113.  
114. function getUser()
115. {
116. global $db;
117. $getUserInfo = $db->prepare('SELECT * FROM users WHERE session=:session');
118. $getUserInfo->execute(array(
119. 'session' => $_SESSION['session']
120. ));
121. $getUser = $getUserInfo->fetch();
122. return $getUser;
123. }
124.  
125. function getRank($rid)
126. {
127. global $db;
128. $getRankInfo = $db->prepare('SELECT * FROM ranks WHERE rid=:rid');
129. $getRankInfo->execute(array(
130. 'rid' => $rid
131. ));
132. $getRank = $getRankInfo->fetch();
133. return $getRank;
134. }
135.  
136. }
137. ?>