fritter/class.user.php at master · peterdestasio/fritter · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
class USER
{
    private $db;

    function __construct($DB_con)
    {
      $this->db = $DB_con;
    }

    public function register($uname,$umail,$upass,$fname,$lname,$birthday,$city,$credit_card,$ccv)
    {
       try
       {
           $new_password = md5($upass);

           $stmt = $this->db->prepare("INSERT INTO users(user_name,user_email,user_pass,first_name,last_name,birthday,city,credit_card,ccv)
                                                       VALUES(:uname, :umail, :upass, :fname, :lname, :birthday, :city, :creditcard, :ccv)");

           $stmt->bindparam(":uname", $uname);
           $stmt->bindparam(":umail", $umail);
           $stmt->bindparam(":upass", $new_password);
           $stmt->bindparam(":fname", $fname);
           $stmt->bindparam(":lname", $lname);
           $stmt->bindparam(":birthday", $birthday);
           $stmt->bindparam(":city", $city);
           $stmt->bindparam(":creditcard", $credit_card);
           $stmt->bindparam(":ccv", $ccv);

           $stmt->execute();

           return $stmt;
       }
       catch(PDOException $e)
       {
           echo $e->getMessage();
       }
    }

    public function login($uname,$umail,$upass)
    {
       try
       {
          $stmt = $this->db->prepare("SELECT * FROM users WHERE user_name=:uname OR user_email=:umail LIMIT 1");
          $stmt->execute(array(':uname'=>$uname, ':umail'=>$umail));
          $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
          if($stmt->rowCount() > 0)
          {

              $mdpass = md5($upass);
              if($mdpass==$userRow['user_pass'])
             {

                $_SESSION['user_session'] = $userRow['user_id'];

                return true;
             }
             else
             {

                return false;
             }
          }
       }
       catch(PDOException $e)
       {
           echo $e->getMessage();
       }
   }

   public function is_loggedin()
   {
      if(isset($_SESSION['user_session']))
      {
         return true;
      }
   }

   public function redirect($url)
   {
       header("Location: $url");
   }

   public function logout()
   {
        session_destroy();
        unset($_SESSION['user_session']);
        return true;
   }
}
?>