-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDB_Functions.php
158 lines (129 loc) · 4.24 KB
/
DB_Functions.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
<?php
class DB_Functions
{
public $conn;
// constructor
function __construct()
{
require_once 'DB_Connect.php';
// connecting to database
$db = new Db_Connect();
$this->conn = $db->connect();
}
// destructor
function __destruct()
{
}
/*
* Storing new user
* returns user details
*/
public function storeUser($nome, $cognome, $email, $password)
{
$db_password = password_hash($password, PASSWORD_BCRYPT); // encrypted password
$codice = substr(md5(uniqid("")),8,6);
$data = date("Y-m-d");
// prepare and execute statement to insert new user in DB
$stmt = $this->conn->prepare("INSERT INTO utenti(email, password, codice_conferma, data_registrazione, verificato) VALUES(?, ?, ?, ?, 0)");
$stmt->bind_param("ssss", $email, $db_password, $codice, $data);
$result = $stmt->execute();
$stmt->close();
// check for successful store
if ($result)
{
$stmt = $this->conn->prepare("SELECT * FROM utenti WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
}
else
return false;
}
/*
* Get user by email and password
*/
public function getUserByEmailAndPassword($email, $password)
{
// Prepare statement
$stmt = $this->conn->prepare("SELECT * FROM utenti WHERE email = ?");
$stmt->bind_param("s", $email);
// Try to execute prepered statement
if ($stmt->execute())
{
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
// verifying user password
$db_password = $user['password'];
// check for password equality
if (password_verify($password, $db_password))
{
// user authentication details are correct
return $user;
}
}
else
return NULL;
}
/*
* Check if email is already in use by another user
*/
public function emailAlreadyUsed($email)
{
$stmt = $this->conn->prepare("SELECT email from utenti WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->store_result();
$num_rows = $stmt->num_rows;
$stmt->close();
return ($num_rows > 0); // return true if email exist, false otherwise
}
public function accountVerification($email, $codice)
{
// Prepare statement
$stmt = $this->conn->prepare("SELECT * FROM utenti WHERE email = ? AND codice_conferma = ?");
$stmt->bind_param("ss", $email, $codice);
// Try to execute prepered statement
if ($stmt->execute())
{
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
// get verified variable from db
$verificato = $user['verificato'];
// check if it's already verified
if (!$verificato)
{
// Prepare statement
$stmt = $this->conn->prepare("UPDATE utenti SET verificato = 1 WHERE id_utente = ?");
$stmt->bind_param("i", $user["id_utente"]);
// Try to execute prepered statement
if ($stmt->execute())
return 0;
else
return 1;
}
else
return 2;
}
else
return 1;
}
public function cambiaPassword($email, $password)
{
$db_password = password_hash($password, PASSWORD_BCRYPT); // encrypted password
// Prepare statement
$stmt = $this->conn->prepare("UPDATE utenti SET password = ? WHERE email = ?");
$stmt->bind_param("ss", $db_password, $email);
// Try to execute prepered statement
if ($stmt->execute())
{
$result = $stmt->affected_rows;
$stmt->close();
return $result > 0;
}
else
return null;
}
}
?>