Try: ca/tecreations/ViewFile.php
<?php
class User extends MySQL {
function __construct() {
global $DB_HOST, $DB_USER, $DB_PASS, $DB_NAME;
parent::__construct($DB_HOST,$DB_USER,$DB_PASS,$DB_NAME);
//$this->setDebug($debug);
}
function create($email, $pass) {
$result = false;
$hash = $this->hashPass($pass);
$sql = "REPLACE INTO users (email, pass,token) VALUES ('$email', '$hash','" . $this->getRandomString(8). "')";
$result = $this->issue($sql);
return $result;
}
function getRandomString($length = 8) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
function getToken($email) {
$sql = "SELECT token FROM users WHERE email='$email'";
$result = $this->select($sql);
if ($result['count'] == 1) {
return $result['rows']['token'];
}
return "";
}
function eraseToken($email) {
$sql = "UPDATE users SET token='' WHERE email='$email'";
$this->issue($sql);
}
function confirmEmail($email) {
$sql = "UPDATE users SET confirmed='Y' WHERE email='$email'";
$this->issue($sql);
}
function isEmailConfirmed($email = "") {
$sql = "SELECT confirmed FROM users WHERE email='$email'";
$result = $this->select($sql);
if ($result['count'] == 1) {
if ($result['rows']['confirmed'] == "Y") return true;
}
return false;
}
function userExists($email) {
$sql = "SELECT email FROM users WHERE email='$email'";
$result = $this->select($sql);
//print_r($result);
if ($result['count'] == 1) {
if ($result['rows']['email'] === $email) return true;
}
return false;
}
function changePass($email, $pass) {
global $USERS;
$result = false;
$hash = $this->hashPass($pass);
$sql = "UPDATE $USERS SET pass='$hash' WHERE email='$email'";
$result = $this->issue($sql);
return $result;
}
function attempt($email) {
global $USERS;
$this->setDebug();
$sql = "SELECT attempts FROM $USERS WHERE email = '$email'";
$result = $this->select($sql);
if ($result['count'] == 1) {
$attempts = $result['rows']['attempts'];
$sql = "UPDATE $USERS SET attempts=" . (--$attempts) . " WHERE email='$email'";
$this->issue($sql);
if ($attempts == 0) $this->lock($email);
$this->issue("UPDATE $USERS SET ip='" . $_SERVER['REMOTE_ADDR'] . "' WHERE email='$email'");
} else die("Failure in User.php::attempt: count: " . $result['count']);
}
function triesLeft($email) {
GLOBAL $USERS;
$sql = "SELECT attempts FROM $USERS WHERE email='$email'";
$result = $this->select($sql);
if ($result['count'] == 1) {
return $result['rows']['attempts'];
} else return 0;
}
function login($uid) {
global $USERS;
if (!$this->issue("UPDATE $USERS SET attempts='5', last=NOW(), ip='" .
$_SERVER['REMOTE_ADDR'] . "' WHERE uid='$uid'")) {
die("Unable to \$user->login($uid)");
}
}
function isLocked($email) {
GLOBAL $USERS;
$result = $this->select("SELECT locked FROM $USERS WHERE email='$email'");
if ($result['count'] == 1) {
return $result['rows']['locked'];
}
}
function lock($email) {
GLOBAL $USERS;
$this->issue("UPDATE $USERS SET locked='1' WHERE email='$email'");
}
function unlock($email) {
GLOBAL $USERS;
$this->issue("UPDATE $USERS SET locked='0' WHERE email='$email'");
}
function getEmail($uid = "") {
global $USERS;
if ($uid != "") {
$result = $this->select("SELECT email FROM $USERS WHERE uid='$uid'");
if ($result['count'] == 1) {
return $result['rows']['email'];
}
}
}
function getLevel($uid = "") {
global $USERS;
if ($uid != "") {
$result = $this->select("SELECT level FROM $USERS WHERE uid='$uid'");
if ($result['count'] == 1) {
return $result['rows']['level'];
}
}
}
public function getPass($email) {
$sql = "SELECT pass FROM users WHERE email='$email' LIMIT 1";
$result = $this->select($sql);
if ($result['count'] == 1) {
return $result['rows']['pass'];
}
}
public function getUID($email) {
$sql = "SELECT uid FROM users WHERE email='$email' LIMIT 1";
$result = $this->select($sql);
if ($result['count'] == 1) {
return $result['rows']['uid'];
}
}
function exists($email) {
$result = false;
$sql = "SELECT email FROM users WHERE email='$email' LIMIT 1";
$result = $this->select($sql);
if ($result['count'] == 1) {
return true;
}
return false;
}
function hashPass($pass) {
$hash = password_hash($pass,PASSWORD_DEFAULT,array('cost' => 16));
return $hash;
}
function makeAdmin($email = "") {
global $USERS;
if ($email != "") {
return $this->issue("UPDATE $USERS SET level='9' WHERE email='$email'");
}
}
function deleteById($uid = "") {
global $USERS;
$email = $this->getEmail($uid);
return $this->deleteUser($email);
}
function deleteUser($email = "") {
global $USERS, $QA;
if ($email != "") {
$uid = $this->getUID($email);
$this->issue("DELETE FROM $USERS WHERE uid='$uid'");
$this->issue("DELETE FROM $QA WHERE uid='$uid'");
}
}
}
$user = new User();