-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCredentialsHandler.php
More file actions
113 lines (93 loc) · 2.69 KB
/
CredentialsHandler.php
File metadata and controls
113 lines (93 loc) · 2.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
/**
*
*/
class CredentialsHandler {
protected $db;
function __construct()
{
$this->db = $this->dbConnect();
}
private function dbConnect() {
try {
$db = new PDO('mysql:host=localhost;dbname='.DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $db;
} catch (PDOException $e) {
//echo $e->getMessage();
return $e->getMessage();
}
}
public function validate($email){
//echo "Validating <br>";
//SELECT hash from `users` WHERE email=$email
$sql = "SELECT `userID` FROM `users` WHERE `email` =". $this->db->quote($email);
//$sql = "SELECT * FROM users";
$result = $this->db->query($sql);
$data = $result->fetch(PDO::FETCH_ASSOC);
if ($data) {
return true;
}
return false;
}
// public function validate($email, $password){
// // echo "Validating <br>";
// //SELECT hash from `users` WHERE email=$email
// $sql = "SELECT hash FROM `users` WHERE `email` =". $this->db->quote($email);
// //$sql = "SELECT * FROM users";
// $result = $this->db->query($sql);
// $data = $result->fetch(PDO::FETCH_ASSOC);
// if ($data) {
// if($data['hash']){
// return password_verify($password, $data['hash']);
// }
// }
// return false;
// }
public function new($email, $name){
$email = $this->db->quote($email);
$name = $this->db->quote($name);
//$h = password_hash($password, PASSWORD_DEFAULT);
//$hash = $this->db->quote($h);
$sql = "INSERT INTO `users`(`email`, `name`) VALUES (". $email . "," . $name . ")";
//echo $sql;
try {
return $this->db->query($sql);
} catch (PDOException $e) {
return $e->getMessage();
}
}
// public function new($email, $name, $password){
// $email = $this->db->quote($email);
// $name = $this->db->quote($name);
// $h = password_hash($password, PASSWORD_DEFAULT);
// $hash = $this->db->quote($h);
// $sql = "INSERT INTO `users`(`email`, `name`, `hash`) VALUES (". $email . "," . $name . "," . $hash .")";
// try {
// return $this->db->query($sql);
// } catch (PDOException $e) {
// return $e->getMessage();
// }
// }
// update password for email
public function update($email, $password){
$email = $this->db->quote($email);
$h = password_hash($password, PASSWORD_DEFAULT);
$hash = $this->db->quote($h);
$sql = "UPDATE `users` SET `hash`=" . $hash . " WHERE `email`=" .$email;
try {
return $this->db->query($sql);
} catch (PDOException $e) {
return $e->getMessage();
}
}
// delete account
public function delete($email){
$sql = "DELETE FROM `users` WHERE `email`=" . $this->db->quote($email);
try {
return $this->db->query($sql);
} catch (PDOException $e) {
return $e->getMessage();
}
}
}