Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /**
- * Klasse für den Datenzugriff
- */
- class Model{
- public function init() {
- return new DatabaseManager('localhost','root','mysql','yumenet');
- }
- public function login(){
- if(isset($_POST['username'], $_POST['password'])) {
- if (empty($_POST['username']) && empty($_POST['password'])) {
- echo '<div id="alert">Bitte fülle alle Felder aus!</div>';
- } else {
- $username = $_POST['username'];
- $password = $_POST['password'];
- $db = self::init()->getOut("SELECT * FROM yume_users WHERE username = '" . htmlspecialchars($username) . "' AND password = '".htmlspecialchars(sha1($password))."'");
- $db->execute();
- $output = $db->fetchObject();
- if (htmlspecialchars($output->username) == $username && htmlspecialchars($output->password) == sha1($password)) {
- $_SESSION['username'] = htmlspecialchars($output->username);
- $_SESSION['password'] = htmlspecialchars($output->password);
- $_SESSION['token'] = rand(1000, 20);
- header('Location: ./dashboard');
- } else {
- echo '<div id="alert">Benutzername oder Passwort falsch</div>';
- }
- }
- }
- }
- public function register(){
- if(isset($_POST['re_username'], $_POST['re_password'], $_POST['re_password2'], $_POST['re_email'])) {
- if (empty($_POST['re_username']) && empty($_POST['re_password']) && empty($_POST['re_password2']) && empty($_POST['re_email'])) {
- echo '<div id="alert">Bitte fülle alle Felder aus!</div>';
- } else {
- $username = $_POST['re_username'];
- $password = $_POST['re_password'];
- $db = self::init()->getOut("SELECT * FROM yume_users WHERE username = '" . htmlspecialchars($username). "'");
- $db->execute();
- $output = $db->rowCount();
- if($output > 0 ){
- echo '<div class="error">Benutzername ist bereits vergeben!</div>';
- } else {
- $db = self::init()->getOut("INSERT INTO yume_users (username, password, avatar) VALUES ('".htmlspecialchars($username)."', '".htmlspecialchars(sha1($password))."', 'yume-32')");
- $db->execute();
- $_SESSION['username'] = htmlspecialchars($username);
- $_SESSION['token'] = rand(1000, 20);
- header('Location: /dashboard');
- }
- }
- }
- }
- public function session_controller(){
- if(isset ($_SESSION['username'])){
- $_SESSION['username'] == $_SESSION['username'];
- } else {
- $_SESSION['username'] == 'Gast';
- }
- }
- public function userData($query){
- $db = self::init()->getOut("SELECT * FROM yume_users WHERE username = '".$_SESSION['username']."'");
- $db->execute();
- $abfrage = $db->fetchObject();
- return $abfrage->$query;
- }
- public function upload() {
- if ($_FILES["upfile"]["size"] >= '10000000' ) {
- exit('Die Datei konnte nicht hochgeladen werden, da sie größer als 10 MB ist. ');
- } else {
- $dname = explode(".", $_FILES["upfile"]["name"]);
- $ext = $dname[count($dname) - 1];
- $newname = 'yume-';
- $rand = rand(1000, 400);
- $pic_type = array('jpg', 'png');
- /* Temporäre Datei kopieren + Datenbank Eintrag */
- if ($_FILES["upfile"]["size"] > 0 && $ext === $pic_type) {
- copy($_FILES["upfile"]["tmp_name"], "./App/uploads/" . $newname . $rand . ".jpg");
- header('Location: /dashboard');
- if ($_SESSION['username'] === 'Gast') {
- $up = self::init()->getOut("INSERT INTO yume_uploads (yume_pic, yume_user, yume_date, yume_verify, yume_hastag) VALUES ('" . $newname . $rand . "', '" . $_SESSION['username'] . "', '" . date("d.m.y") . "', '0', '" . $_POST['hashtag'] . "')");
- $up->execute();
- } else {
- $up = self::init()->getOut("INSERT INTO yume_uploads (yume_pic, yume_user, yume_date, yume_verify, yume_hashtag) VALUES ('" . $newname . $rand . "', '" . $_SESSION['username'] . "', '" . date("d.m.y") . "', '1', '" . $_POST['hashtag'] . "')");
- $up->execute();
- }
- } else
- echo "";
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
