function __construct($username, $password, $tenantID) { if (strlen($username) == 0 || strlen($password) == 0) { throw new Exception("Invalid username or password."); } $userDetails = User::getUserDetails($username); if ($userDetails["active"] == 0) { throw new Exception("This user account is inactive. Please check your email for activation instructions."); } else { $saltedPassword = Utility::saltAndHash($password, $userDetails["password"]); //echo 'salted:' . $saltedPassword; //echo Utility::saltAndHash($password); $query = 'call validateUser(' . Database::queryString($username); $query .= ',' . Database::queryString($saltedPassword); $query .= ',' . Database::queryNumber($tenantID) . ');'; $result = Database::executeQuery($query); if (!$result) { throw new Exception('Unable to validate that username/password combination.'); } else { $userid = 0; while ($o = mysqli_fetch_object($result)) { $userid = $o->userid; $name = $o->name; } if ($userid > 0) { $this->id = $userid; $this->name = $name; } else { throw new Exception("Unable to validate that username/password combination."); } } } }
function saveUserInfo($inputArr) { try { global $db; foreach ($inputArr as $key => $key_value) { $keyArr[$key] = $key_value; } $userObj = new User($db); $r_user = $userObj->getUserDetails($keyArr['mobile_num']); if (is_array($r_user) && sizeof($r_user) > 0) { $user_id = $r_user[0]['user_id']; } else { $i_user = $userObj->insertUserDetails($keyArr); $user_id = $db->lastInsertId(); } $keyArr['parentId'] = $user_id; $pregObj = new PreDetails($db); $row_child = $pregObj->insertPregDetails($keyArr); if ($row_child > 0) { $arr = array('status' => $row_child); } else { $arr = array('status' => 0); } return $arr; } catch (Exception $e) { echo 'Caught exception: Please try after sometime.\\n'; } }
/** * @param User $model * @return UserDto */ public static function toDto(User $model) { /** @var UserDetails $details */ $details = $model->getUserDetails(); /** @var UserBlob[] $blobs */ $blobs = $model->getUserBlobs(); /** @var UserDto $userDto */ $userDto = new UserDto($model->getAttributes()); $userDto->description = $details ? $details->description : ''; $userDto->blobs = array(); foreach ($blobs as $blob) { $userDto->blobs[] = $blob->blob_b64; } return $userDto; }
function _addNews() { $user = new User(getdbh()); $userDetails = $user->getUserDetails($_SESSION['uid']); $noutate = new Noutati(getdbh()); $autor = $userDetails[0]['NUME'] . " " . $userDetails[0]['PRENUME']; if ($noutate->addNews($autor, $_POST['noutate'])) { $data['msg'][] = 'Noutatea a fost adaugata cu success'; $data['redirect'][] = 'news/showNews'; View::do_dump(VIEW_PATH . 'layout.php', $data); } else { $data['msg'][] = 'Noutatea nu a fost adaugata'; $data['redirect'][] = 'news/showNews'; View::do_dump(VIEW_PATH . 'layout.php', $data); } }
function getUserDetails($inputArr) { try { global $db; //server side validation foreach ($inputArr as $key => $key_value) { $keyArr[$key] = $key_value; } //print_r($keyArr); $docObj = new User($db); $r_user = $docObj->getUserDetails($keyArr['mobile']); if (is_array($r_user) && sizeof($r_user) > 0) { $arr = array('status' => "1", 'data' => $r_user); } else { $arr = array('status' => "0"); } return $arr; } catch (Exception $e) { echo 'Caught exception: ', $e->getMessage(), "\n"; } }
private function validatePassword($password, $username, $userid) { // returns true if password if correct for specified user $userDetails = User::getUserDetails($username); if ($password != "reset") { $saltedPassword = Utility::saltAndHash($password, $userDetails["password"]); } else { $saltedPassword = '******'; } $query = 'call validateUser(' . Database::queryString($username); $query .= ',' . Database::queryString($saltedPassword); $query .= ',' . Database::queryNumber($this->tenantid) . ');'; $result = Database::executeQuery($query); if (!$result) { Utility::debug('User ' . $name . ' failed password validation.', 9); return false; } else { $matchedid = 0; while ($o = mysqli_fetch_object($result)) { $matchedid = $o->userid; } Utility::debug($matchedid . '- ' . $userid, 9); return $userid == $matchedid; } }
<?php session_start(); $sessiondata = $_SESSION['email']; include 'db/db.php'; $query = "select TypeOfUser from userdetail where UserName = '******'"; $sql = mysql_query($query) or die(mysql_error()); $result = mysql_fetch_row($sql); $user = $result[0]; include 'classes/User.php'; $us = new User(); $prepared_by = $us->getUserDetails(); function subval_sort($a, $subkey) { foreach ($a as $k => $v) { $b[$k] = strtolower($v[$subkey]); } asort($b); foreach ($b as $key => $val) { $c[] = $a[$key]; } return $c; } $paramAdd = serialize($_REQUEST['paramAdd']); $paramCom = serialize($_REQUEST['paramComments']); $paramCom = preg_replace("@matchResult.*?\\}\\}@", "", $paramCom); $us->storeAddress($_SESSION['searchId'], $paramAdd, $paramCom); if ($user == 2) { $address = isset($_SESSION['search']['address']) ? $_SESSION['search']['address'] : "3101 West End Ave, Nashvelle TN 37203"; $bedrooms = isset($_SESSION['search']['bedrooms']) ? $_SESSION['search']['bedrooms'] : "3"; $bathrooms = isset($_SESSION['search']['bathrooms']) ? $_SESSION['search']['bathrooms'] : "4";
<?php include_once 'Item.php'; include_once 'User.php'; $item = new Item(); $user = new User(); if (isset($_POST['email'])) { $email = trim($_POST['email']); $old_password = $_POST['op']; $new_password = $_POST['np']; $len_email = strlen($email); $len_op = strlen($old_password); $len_np = strlen($new_password); if ($len_email == 0 || $len_op === 0 || $len_np === 0) { header('Location: profile.php'); } else { $row = $user->getUserDetails($email, $old_password); $details = $row->fetch_array(MYSQLI_ASSOC); if ($email === $details['email'] && $old_password === $details['password']) { $user->updatePassword($email, $old_password, $new_password); header('Location: login.php'); } else { header('Location: profile.php'); } } }
function _adminUsers() { isUserLoggedIn(); switch ($_POST['actiune']) { case 'edit': reset($_POST); $key = key($_POST); $user_id = explode("_", $key); $user = new User(getDbh()); $user_details = $user->getUserDetails($user_id[1]); $grupa = new Grupa(getdbh()); $groupsDetails = $grupa->fetchAll(); $result['grupa'] = $groupsDetails; $result['user'] = $user_details; $result['ID'] = $user_id[1]; $data['msg'][] = View::do_fetch(VIEW_PATH . 'modifica_user.tpl.php', $result); View::do_dump(VIEW_PATH . 'layout.php', $data); break; case 'delete': reset($_POST); $key = key($_POST); $user_id = explode("_", $key); $user = new User(getDbh()); if ($user->deleteUser($user_id[1]) == true) { $data['msg'][] = " Userul a fost sters cu success"; $data['redirect'][] = 'administrare/show_users'; View::do_dump(VIEW_PATH . 'layout.php', $data); } else { $data['msg'][] = " Userul nu a fost sters"; $data['redirect'][] = 'administrare/show_users'; View::do_dump(VIEW_PATH . 'layout.php', $data); } break; case 'delete_all': $sterse = 0; $nesterse = 0; $user = new User(getDbh()); foreach ($_POST as $key) { if ($key == 'delete_all') { continue; } else { $user_id = explode("_", $key); if ($user->deleteUser($user_id[1]) == true) { $sterse++; } else { $nesterse++; } } } if ($sterse > 0) { $data['msg'][] = $sterse . "useri au fost stersi cu success"; $data['redirect'][] = 'administrare/show_users'; View::do_dump(VIEW_PATH . 'layout.php', $data); } else { $data['msg'][] = $nesterse . "useri nu au fost stersi"; $data['redirect'][] = 'administrare/show_users'; View::do_dump(VIEW_PATH . 'layout.php', $data); } break; default: //echo "wrong action" break; } }