<?php
/**
* Description of User
*
* @author sublime holdings
* @web www.sublime.lk
*/
class User {
public $id;
public $name;
public $email;
public $createdAt;
public $isActive;
public $authToken;
public $lastLogin;
public $username;
public $resetCode;
private $password;
public function __construct($id) {
if ($id) {
$query = "SELECT `id`,`name`,`email`,`createdAt`,`isActive`,`authToken`,`lastLogin`,`username`,`resetcode` FROM `user` WHERE `id`=" . $id;
$db = new Database();
$result = mysql_fetch_array($db->readQuery($query));
$this->id = $result['id'];
$this->name = $result['name'];
$this->email = $result['email'];
$this->createdAt = $result['createdAt'];
$this->isActive = $result['isActive'];
$this->lastLogin = $result['lastLogin'];
$this->username = $result['username'];
$this->authToken = $result['authToken'];
$this->resetCode = $result['resetcode'];
return $result;
}
}
public function create($name, $email, $username, $passwor) {
$enPass = md5($passwor);
date_default_timezone_set('Asia/Colombo');
$createdAt = date('Y-m-d H:i:s');
$query = "INSERT INTO `user` (name, email, createdAt, isActive, username, password) VALUES ('" . $name . "', '" . $email . "', '" . $createdAt . "', '" . 1 . "', '" . $username . "', '" . $enPass . "')";
$db = new Database();
$result = $db->readQuery($query);
if ($result) {
$last_id = mysql_insert_id();
return $this->__construct($last_id);
} else {
return FALSE;
}
}
public function login($username, $password) {
$enPass = md5($password);
$query = "SELECT `id`,`name`,`email`,`createdAt`,`isActive`,`lastLogin`,`username` FROM `user` WHERE `username`= '" . $username . "' AND `password`= '" . $enPass . "'";
$db = new Database();
$result = mysql_fetch_array($db->readQuery($query));
if (!$result) {
return FALSE;
} else {
$this->id = $result['id'];
$this->setAuthToken($result['id']);
$this->setLastLogin($this->id);
$user = $this->__construct($this->id);
$this->setUserSession($user);
return $user;
}
}
public function checkOldPass($id, $password) {
$enPass = md5($password);
$query = "SELECT `id` FROM `user` WHERE `id`= '" . $id . "' AND `password`= '" . $enPass . "'";
$db = new Database();
$result = mysql_fetch_array($db->readQuery($query));
if (!$result) {
return FALSE;
} else {
return TRUE;
}
}
public function changePassword($id, $password) {
$enPass = md5($password);
$query = "UPDATE `user` SET "
. "`password` ='" . $enPass . "' "
. "WHERE `id` = '" . $id . "'";
$db = new Database();
$result = $db->readQuery($query);
if ($result) {
return TRUE;
} else {
return FALSE;
}
}
public function authenticate() {
if (!isset($_SESSION)) {
session_start();
}
$id = NULL;
$authToken = NULL;
if (isset($_SESSION["id"])) {
$id = $_SESSION["id"];
}
if (isset($_SESSION["authToken"])) {
$authToken = $_SESSION["authToken"];
}
$query = "SELECT `id` FROM `user` WHERE `id`= '" . $id . "' AND `authToken`= '" . $authToken . "'";
$db = new Database();
$result = mysql_fetch_array($db->readQuery($query));
if (!$result) {
return FALSE;
} else {
return TRUE;
}
}
public function logOut() {
if (!isset($_SESSION)) {
session_start();
}
unset($_SESSION["id"]);
unset($_SESSION["name"]);
unset($_SESSION["email"]);
unset($_SESSION["isActive"]);
unset($_SESSION["authToken"]);
unset($_SESSION["lastLogin"]);
unset($_SESSION["username"]);
return TRUE;
}
public function update() {
$query = "UPDATE `user` SET "
. "`name` ='" . $this->name . "', "
. "`username` ='" . $this->username . "', "
. "`email` ='" . $this->email . "', "
. "`isActive` ='" . $this->isActive . "' "
. "WHERE `id` = '" . $this->id . "'";
$db = new Database();
$result = $db->readQuery($query);
if ($result) {
return $this->__construct($this->id);
} else {
return FALSE;
}
}
private function setUserSession($user) {
if (!isset($_SESSION)) {
session_start();
}
$_SESSION["id"] = $user['id'];
$_SESSION["name"] = $user['name'];
$_SESSION["email"] = $user['email'];
$_SESSION["isActive"] = $user['isActive'];
$_SESSION["authToken"] = $user['authToken'];
$_SESSION["lastLogin"] = $user['lastLogin'];
$_SESSION["username"] = $user['username'];
}
private function setAuthToken($id) {
$authToken = md5(uniqid(rand(), true));
$query = "UPDATE `user` SET `authToken` ='" . $authToken . "' WHERE `id`='" . $id . "'";
$db = new Database();
if ($db->readQuery($query)) {
return $authToken;
} else {
return FALSE;
}
}
private function setLastLogin($id) {
date_default_timezone_set('Asia/Colombo');
$now = date('Y-m-d H:i:s');
$query = "UPDATE `user` SET `lastLogin` ='" . $now . "' WHERE `id`='" . $id . "'";
$db = new Database();
if ($db->readQuery($query)) {
return TRUE;
} else {
return FALSE;
}
}
public function checkEmail($email) {
$query = "SELECT `email`,`username` FROM `user` WHERE `email`= '" . $email . "'";
$db = new Database();
$result = mysql_fetch_array($db->readQuery($query));
if (!$result) {
return FALSE;
} else {
return $result;
}
}
public function GenarateCode($email) {
$rand = rand(10000, 99999);
$query = "UPDATE `user` SET "
. "`resetcode` ='" . $rand . "' "
. "WHERE `email` = '" . $email . "'";
$db = new Database();
$result = $db->readQuery($query);
if ($result) {
return TRUE;
} else {
return FALSE;
}
}
public function SelectForgetUser($email) {
if ($email) {
$query = "SELECT `email`,`username`,`resetcode` FROM `user` WHERE `email`= '" . $email . "'";
$db = new Database();
$result = mysql_fetch_array($db->readQuery($query));
$this->username = $result['username'];
$this->email = $result['email'];
$this->restCode = $result['resetcode'];
return $result;
}
}
public function SelectResetCode($code) {
$query = "SELECT `id` FROM `user` WHERE `resetcode`= '" . $code . "'";
$db = new Database();
$result = mysql_fetch_array($db->readQuery($query));
if (!$result) {
return FALSE;
} else {
return TRUE;
}
}
public function updatePassword($password,$code) {
$enPass = md5($password);
$query = "UPDATE `user` SET "
. "`password` ='" . $enPass . "' "
. "WHERE `resetcode` = '" . $code . "'";
$db = new Database();
$result = $db->readQuery($query);
if ($result) {
return TRUE;
} else {
return FALSE;
}
}
}
|