/** * sign in * @param string $username * @param string $password * @return boolean */ public function signIn($username, $password) { $pdo = MySQLUtil::getConnection(); // hash the password $password = DBUtils::hashPassword($password); $tsql = "SELECT ur.name AS user_role, u.* FROM users AS u"; $tsql .= " INNER JOIN user_roles AS ur ON (ur.id = u.user_role_id)"; $tsql .= " WHERE u.username = :username AND u.password = :pass"; $stmt = $pdo->prepare($tsql); $stmt->bindParam(':username', $username, PDO::PARAM_STR); $stmt->bindParam(':pass', $password, PDO::PARAM_STR); $stmt->execute(); $result = $stmt->fetch(PDO::FETCH_OBJ); if ($result) { AmfphpAuthentication::addRole($result->user_role); unset($result->password); return $result; } else { return false; } }
/** * function to update an existing AMFPHP authentication user * @param string $firstName * @param string $lastName * @param string $userName * @param string $password * @param int $userRoleId * @param int $id * @return type * @throws Exception */ public function updateUser($firstName, $lastName, $userName, $password, $userRoleId, $id) { try { $pdo = MySQLUtil::getConnection(); // hash the password $password = DBUtils::hashPassword($password); $tsql = "UPDATE users SET first_name = :firstName, last_name = :lastName, username = :username, password = :password, user_role_id = :userRoleId WHERE id = :userId"; $stmt = $pdo->prepare($tsql); $stmt->bindParam(':firstName', $firstName, PDO::PARAM_STR); $stmt->bindParam(':lastName', $lastName, PDO::PARAM_STR); $stmt->bindParam(':username', $userName, PDO::PARAM_STR); $stmt->bindParam(':password', $password, PDO::PARAM_STR); $stmt->bindParam(':userRoleId', $userRoleId, PDO::PARAM_INT); $stmt->bindParam(':userId', $id, PDO::PARAM_INT); return $stmt->execute(); } catch (PDOException $e) { $error = date("Y-m-d g:i:s a T") . "\tUserService::updateUser\tError: (" . $e->getCode . ") " . $e->getMessage; throw new Exception($error); } }