/**
* sign in
* @param string $username
* @param string $password
* @return boolean
*/
public function signIn($username, $password)
{
$pdo = MySQLUtil::getConnection();
// hash the password
$password = DBUtils::hashPassword($password);
$tsql = "SELECT ur.name AS user_role, u.* FROM users AS u";
$tsql .= " INNER JOIN user_roles AS ur ON (ur.id = u.user_role_id)";
$tsql .= " WHERE u.username = :username AND u.password = :pass";
$stmt = $pdo->prepare($tsql);
$stmt->bindParam(':username', $username, PDO::PARAM_STR);
$stmt->bindParam(':pass', $password, PDO::PARAM_STR);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_OBJ);
if ($result) {
AmfphpAuthentication::addRole($result->user_role);
unset($result->password);
return $result;
} else {
return false;
}
}
/**
* function to update an existing AMFPHP authentication user
* @param string $firstName
* @param string $lastName
* @param string $userName
* @param string $password
* @param int $userRoleId
* @param int $id
* @return type
* @throws Exception
*/
public function updateUser($firstName, $lastName, $userName, $password, $userRoleId, $id)
{
try {
$pdo = MySQLUtil::getConnection();
// hash the password
$password = DBUtils::hashPassword($password);
$tsql = "UPDATE users SET first_name = :firstName, last_name = :lastName, username = :username, password = :password, user_role_id = :userRoleId WHERE id = :userId";
$stmt = $pdo->prepare($tsql);
$stmt->bindParam(':firstName', $firstName, PDO::PARAM_STR);
$stmt->bindParam(':lastName', $lastName, PDO::PARAM_STR);
$stmt->bindParam(':username', $userName, PDO::PARAM_STR);
$stmt->bindParam(':password', $password, PDO::PARAM_STR);
$stmt->bindParam(':userRoleId', $userRoleId, PDO::PARAM_INT);
$stmt->bindParam(':userId', $id, PDO::PARAM_INT);
return $stmt->execute();
} catch (PDOException $e) {
$error = date("Y-m-d g:i:s a T") . "\tUserService::updateUser\tError: (" . $e->getCode . ") " . $e->getMessage;
throw new Exception($error);
}
}
