public function create($login, $password) { $user = new User(); $set = $user->setLogin($login); if ($set === true) { $set = $user->setPassword($password); if ($set === true) { $login = mysqli_real_escape_string($this->database, $user->getLogin()); $password = mysqli_real_escape_string($this->database, $user->getHash()); $query = "INSERT INTO user (login, password) VALUES ('" . $login . "', '" . $password . "')"; $result = mysqli_query($this->database, $query); if ($result) { $id = mysqli_insert_id($this->database); if ($id) { return $this->findById($id); } else { return "Erreur serveur."; } } else { return mysqli_error(); } } else { return $set; } } else { return $set; } }
public function update(User $user) { $id = $user->getId(); $login = mysqli_real_escape_string($this->db, $user->getLogin()); $password = mysqli_real_escape_string($this->db, $user->getHash()); $email = mysqli_real_escape_string($this->db, $user->getEmail()); $avatar = mysqli_real_escape_string($this->db, $user->getAvatar()); /*/!\*/ $query = "UPDATE user SET login='******', password='******', email='" . $email . "', avatar='" . $avatar . "' WHERE id='" . $id . "'"; $res = mysqli_query($this->db, $query); if ($res) { return $this->findById($id); } else { return "Internal Server Error"; } }
public function update(User $user) { $id = $user->getId(); // $login = mysqli_real_escape_string($this->db, $user->getLogin()); $login = $this->db->quote($user->getLogin()); // $password = mysqli_real_escape_string($this->db, $user->getHash()); $password = $this->db->quote($user->getHash()); // $email = mysqli_real_escape_string($this->db, $user->getEmail()); $email = $this->db->quote($user->getEmail()); // $name = mysqli_real_escape_string($this->db, $user->getName()); $name = $this->db->quote($user->getName()); // $surname = mysqli_real_escape_string($this->db, $user->getSurname()); $surname = $this->db->quote($user->getSurname()); $date_birth = $user->getDateBirth(); $query = "UPDATE user SET login="******", password="******", email=" . $email . ", name=" . $name . ", surname=" . $surname . ", date_birth=" . $date_birth . " WHERE id=" . $id . ""; // $res = mysqli_query($this->db, $query); $res = $this->db->exec($query); if ($res) { return $this->findById($id); } else { return "Internal Server Error"; } }
/** * Test #17. * The findByHash function returns an object populated with previous * values if a hash for a previous instance is given. * @depends testUpdate * @depends testHashGetInstance */ public function testHashOldInstance() { global $testUserId1; // create the object and save it $object = new User($testUserId1); $object->setName('Test User'); $object->setExternalType('externaltype'); $object->setExternalId('externalid'); $object->setAccess('access'); $object->setEmail('*****@*****.**'); $object->setNotification('Y'); $object->setTempCode('tempcode'); $object->setDeleted('Y'); $this->assertTrue($object->save()); $this->assertEquals(1, $this->countTestRows()); $old_hash = $object->getHash(); // change values and update the object $object->setName('Test User 2'); $object->setExternalType('externaltype 2'); $object->setExternalId('externalid 2'); $object->setAccess('access 2'); $object->setEmail('*****@*****.**'); $object->setNotification('N'); $object->setTempCode('tempcode 2'); $object->setDeleted('N'); $this->assertTrue($object->save()); $this->assertEquals(2, $this->countTestRows()); $new_hash = $object->getHash(); // read the object from the database and confirm that the old // values are returned $object = User::findByHash($old_hash); $this->assertNotNull($object); $this->assertEquals($testUserId1, $object->getUserId()); $this->assertEquals('Test User', $object->getName()); $this->assertEquals('externaltype', $object->getExternalType()); $this->assertEquals('externalid', $object->getExternalId()); $this->assertEquals('access', $object->getAccess()); $this->assertEquals('*****@*****.**', $object->getEmail()); $this->assertEquals('Y', $object->getNotification()); $this->assertEquals('tempcode', $object->getTempCode()); $this->assertEquals('Y', $object->getDeleted()); $this->assertEquals($old_hash, $object->getHash()); // read the new object from the database and confirm that the new // values are returned $object = User::findByHash($new_hash); $this->assertNotNull($object); $this->assertEquals($testUserId1, $object->getUserId()); $this->assertEquals('Test User 2', $object->getName()); $this->assertEquals('externaltype 2', $object->getExternalType()); $this->assertEquals('externalid 2', $object->getExternalId()); $this->assertEquals('access 2', $object->getAccess()); $this->assertEquals('*****@*****.**', $object->getEmail()); $this->assertEquals('N', $object->getNotification()); $this->assertEquals('tempcode 2', $object->getTempCode()); $this->assertEquals('N', $object->getDeleted()); $this->assertEquals($new_hash, $object->getHash()); }
/** * Test #13. SYNCH request write new object. */ public function testSynchPut() { global $testUserId1; global $synchAuthToken; $this->assertEquals(0, $this->countTestRows()); $data = array('userId' => $testUserId1, 'created' => '2015-10-01', 'updated' => '2015-10-02', 'name' => 'Test User', 'externalType' => 'externaltype', 'externalId' => 'externalid', 'access' => 'Y', 'email' => '*****@*****.**', 'notification' => 'Y', 'tempCode' => 'tempcode', 'deleted' => 'Y', 'hash' => 'forced hash'); $result = putApi('synchUser.php', $data, $synchAuthToken); $this->assertEquals(RESPONSE_SUCCESS, $result['resultCode']); $this->assertEquals(1, $this->countTestRows()); $object = new User($testUserId1); $this->assertEquals('2015-10-01 00:00:00.000000', $object->getCreated()); $this->assertEquals('2015-10-02 00:00:00.000000', $object->getUpdated()); $this->assertEquals("Test User", $object->getName()); $this->assertEquals("externaltype", $object->getExternalType()); $this->assertEquals("externalid", $object->getExternalId()); $this->assertEquals("Y", $object->getAccess()); $this->assertEquals("*****@*****.**", $object->getEmail()); $this->assertEquals("Y", $object->getNotification()); $this->assertEquals("tempcode", $object->getTempCode()); $this->assertEquals("Y", $object->getDeleted()); $this->assertEquals('forced hash', $object->getHash()); }
public function testGetSetHash() { $user = new User(); $user->setHash('ec457d0a974c48d5685a7efa03d137dc8bbde7e3'); $this->assertEquals('ec457d0a974c48d5685a7efa03d137dc8bbde7e3', $user->getHash()); }
require_once '../classes/session.php'; require_once '../classes/user.php'; header('Content-type: text/html; charset=utf-8'); if (isset($_POST['password'])) { $password = $_POST['password']; if ($password == '') { unset($password); } } if (isset($_POST['name'])) { $name = $_POST['name']; if ($name == '') { unset($name); } } if (empty($password) or empty($name)) { exit("You entered no all info!"); } $name = stripslashes($name); $name = htmlspecialchars($name); $password = stripslashes($password); $password = htmlspecialchars($password); $name = trim($name); $password = trim($password); if (User::update_user($_SESSION['login_user'], $_SESSION['hash_user'], $name, $password)) { $_SESSION['hash_user'] = User::getHash($login); header("Location: ../index.php"); } else { exit("Saving failed."); }
public function update(User $user) { $id = intval($user->getId()); $email = $this->db->quote($user->getEmail()); $name = $this->db->quote($user->getName()); $surname = $this->db->quote($user->getSurname()); $hash = $user->getHash(); $status = intval($user->getStatus()); $dateConnection = date('Y-m-d H:i:s', $user->getDateConnection()); $query = ' UPDATE user SET email = ' . $email . ', name = ' . $name . ', surname = ' . $surname . ', `hash` = "' . $hash . '", `status` = ' . $status . ', date_connection = "' . $dateConnection . '" WHERE id = ' . $id; $res = $this->db->exec($query); if ($res) { return $this->readById($id); } else { throw new Exception('Database error'); } }
/** * @param User $user * @return array * @throws Exception */ public function update(User $user) { $id = $user->getId(); $lastName = $this->db->quote($user->getLastName()); $firstName = $this->db->quote($user->getFirstName()); $password = $this->db->quote($user->getHash()); $email = $this->db->quote($user->getEmail()); $query = " UPDATE user\n SET l_name = " . $lastName . ", f_name = " . $firstName . ", password = "******", email = " . $email . "\n WHERE id = " . $id; $data = $this->db->exec($query); if ($data) { $id = $this->db->lastInsert(); if ($id) { try { return $this->findById($id); } catch (Exception $e) { $errors[] = $e->getMessage(); return $errors; } } else { throw new Exception("Last id error"); } } else { throw new Exception("Db error"); } }