public function generateSession($user_id)
{
$auth_key = hash('sha512', (string) rand());
while (Database::checkExists($auth_key, 'token', 'Session')) {
$auth_key = hash('sha512', (string) rand());
}
Database::insert('INSERT INTO Session (user_id,token) VALUES(?,?)', [$user_id, $auth_key]);
$_SESSION['auth_token'] = $auth_key;
}
public function processSignup(Request $request, Session $session)
{
if ($session->userIsLoggedIn()) {
return $this->redirectTo('/dashboard');
}
if (isset($request->post['email']) && isset($request->post['password']) && (isset($request->post['buyer_account']) || isset($request->post['seller_account'])) && ($request->post['buyer_account'] == 1 || $request->post['seller_account'] == 1)) {
if (Database::checkExists($request->post['email'], 'email', 'User')) {
return View::renderView('login', ['signup_errors' => 'Email already exists']);
}
Database::insert('INSERT INTO User (email,password) VALUES (?,?)', [$request->post['email'], password_hash($request->post['password'], PASSWORD_DEFAULT)]);
$user_id = Database::lastID();
if ($request->post['buyer_account'] == 1) {
Database::insert('INSERT INTO UserRole (user_id, role_id) VALUES (?,?)', [$user_id, Role::buyer()]);
}
if ($request->post['seller_account'] == 1) {
Database::insert('INSERT INTO UserRole (user_id, role_id) VALUES (?,?)', [$user_id, Role::seller()]);
}
$session->generateSession($user_id);
return $this->redirectTo('/dashboard');
}
return View::renderView('login', ['signup_errors' => 'You must complete the signup form']);
}
public static function existsForAuctionID($auction_id)
{
return Database::checkExists($auction_id, 'auction_id', 'BuyerFeedback');
}
