Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class Usercontrol{
- // handles DB access and modifies the user database based on the user model
- // TODO: separate class for db access ?
- private $dsn = 'mysql:dbname=praktikum;host=127.0.0.1';
- private $user = 'root';
- private $password = 'test123';
- private $connection;
- public function __construct(){
- $this->dsn = 'mysql:dbname=praktikum;host=127.0.0.1';
- $this->user = 'root';
- $this->password = 'test123';
- $this->connection = new PDO($this->dsn, $this->user);
- }
- private function change_db($dbname, $user){
- $this->dsn = 'mysql:$dbname=praktikum;host=127.0.0.1';
- $this->connection.close();
- $this->connection = new PDO($this->dsn, $this->user);
- }
- public function createNewUser($mail, $nick, $password){
- try
- {
- //TODO: check for existing user!
- // SELECT COUNT(nick) AS number FROM user WHERE nick="Flo"
- /** $san_mail = filter_var($mail, FILTER_SANITIZE_SPECIAL_CHARS);
- $san_nick = filter_var($nick, FILTER_SANITIZE_SPECIAL_CHARS);
- $san_password = filter_var($password, FILTER_SANITIZE_SPECIAL_CHARS);
- try
- {
- $statement = $this->conenction->prepare("SELECT COUNT(nick) AS number FROM user WHERE nick="Flo"");
- }
- //$statement = $this->conenction->prepare("SELECT COUNT(nick) AS number FROM user WHERE nick="Flo"");
- **/
- $statement = $this->connection->prepare("INSERT INTO USER (email, nick, password) VALUES (?, ?, ?)");
- $statement->execute(array($mail, $nick, $password));
- }
- catch (Exception $e){
- echo "<br>ERROR: $e</br>";
- }
- }
- public function getUserInfo($mail, $password){
- //TODO: print error message if password is wrong
- $this->connection = new PDO($this->dsn, $this->user);
- $san_mail = filter_var($mail, FILTER_SANITIZE_SPECIAL_CHARS);
- $san_password = filter_var($password, FILTER_SANITIZE_SPECIAL_CHARS);
- try{
- $statement = $this->connection->prepare('SELECT * FROM user WHERE email="' . $san_mail . '" AND password="' . $san_password .'"');
- echo "<br> san_email: $san_mail<br> san_passwd: $san_password <br>";
- $statement->execute();
- $result = $statement->fetchAll();
- }
- catch(Exception $e){
- echo "<div><b>ERROR<b> in getUserInfo (user.control) -> $e </div>";
- return $e;
- }
- return $result;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement