/**
* Register a new user if username doesn't already exist
*
* @param \model\RegisterUser $credential
* @param \model\IregisterListener $listener
* @return bool
*/
public function doRegister(\model\RegisterUser $credential, model\IregisterListener $listener)
{
$username = $credential->getUsername();
$records = new Db();
$records->query('SELECT username,password FROM users WHERE username = :username');
$records->bind(':username', $username);
$records->resultset();
if ($records->rowCount() > 0) {
$listener->userExist("RegisterModel::UserAlreadyExistException");
} else {
$password = password_hash($credential->getPassword(), PASSWORD_BCRYPT);
$records->query('INSERT INTO users (username, password) VALUES (:username, :password)');
$records->bind(':username', $username);
$records->bind(':password', $password);
$records->execute();
$_SESSION[self::$newUsername] = $username;
return true;
}
}
/**
* Register a new user
*
* @param \model\User $credential
* @param \model\IListener $listener
* @return bool
*/
public function doRegister(\model\User $credential, \model\IListener $listener)
{
$username = $credential->getUsername();
$records = new \Db();
$records->query('SELECT username,password FROM users WHERE username = :username');
$records->bind(':username', $username);
$records->resultset();
if ($records->rowCount() > 0) {
$listener->errorListener("Register::UserAlreadyExistException");
} else {
$password = password_hash($credential->getPassword(), PASSWORD_BCRYPT);
$records->query('INSERT INTO users (username, password) VALUES (:username, :password)');
$records->bind(':username', $username);
$records->bind(':password', $password);
$records->execute();
$this->sessionStorage->set(SessionStorage::$auth, $username);
return true;
}
}
static function query($sql)
{
self::$rowCount = 0;
try {
$args = self::funcArgsToArray(func_get_args());
self::$sth = self::dbh()->prepare($sql);
if (self::$sth->execute($args)) {
self::$rowCount = self::$sth->rowCount();
if (self::$sth->columnCount()) {
return self::$sth->fetchAll();
} else {
return true;
}
}
return false;
} catch (PDOException $e) {
error_log($sql);
error_log($e->getMessage());
die("Database error!");
}
}
$userId = e($_POST['userId']);
if (empty($userId)) {
$result["return"] = false;
$result["message"] = "Fill in all the fields.";
echo json_encode($result);
exit;
}
//check user account exits
if (!check_user($userId)) {
$result["return"] = false;
$result["message"] = "Invalid user.";
echo json_encode($result);
exit;
}
//count category
$salesmanCount = Db::rowCount("salesman", array("user_id" => $userId, "active" => "y"), array("=", "="));
if ($salesmanCount <= 0) {
$result["return"] = true;
$result["count"] = $salesmanCount;
$result["message"] = "No salesman added. ";
echo json_encode($result);
exit;
}
//fetch category list
$list = Db::fetch("salesman", array("user_id" => $userId, "active" => "y"), array("=", "="));
//create a new list
$newList = array();
foreach ($list as $key => $value) {
$newList[$key]["id"] = $value["id"];
$newList[$key]["name"] = $value["name"];
$newList[$key]["user_id"] = $value["user_id"];
$userId = e($_POST['userId']);
if (empty($userId)) {
$result["return"] = false;
$result["message"] = "Fill in all the fields.";
echo json_encode($result);
exit;
}
//check user account exits
if (!check_user($userId)) {
$result["return"] = false;
$result["message"] = "Invalid user.";
echo json_encode($result);
exit;
}
//count category
$categoryCount = Db::rowCount("category", array("user_id" => $userId, "active" => "y"), array("=", "="));
if ($categoryCount <= 0) {
$result["return"] = true;
$result["count"] = $categoryCount;
$result["message"] = "No category found";
echo json_encode($result);
exit;
}
//fetch category list
$list = Db::fetch("category", array("user_id" => $userId, "active" => "y"), array("=", "="));
//create a new list
$newList = array();
foreach ($list as $key => $value) {
$newList[$key]["id"] = $value["id"];
$newList[$key]["name"] = $value["name"];
$newList[$key]["user_id"] = $value["user_id"];
//check user is active or not
if (!check_user_active($userId)) {
$result["return"] = false;
$result["message"] = "Dear user! Please pay your bills to reactivate your account.";
echo json_encode($result);
exit;
}
//check categoryId is valid
if (!check_category_is_valid($categoryId, $userId)) {
$result["return"] = false;
$result["message"] = "Invalid category Id";
echo json_encode($result);
exit;
}
//count product
$count = Db::rowCount("product", array("user_id" => $userId, "category_id" => $categoryId, "active" => "y"), array("=", "=", "="));
if ($count <= 0) {
$result["return"] = true;
$result["message"] = "No product Added yet!";
$result["count"] = 0;
echo json_encode($result);
exit;
}
//fetch all the product
$product = Db::fetch("product", array("user_id" => $userId, "category_id" => $categoryId, "active" => "y"), array("=", "=", "="));
if (!Db::getError()) {
//create a new product array with only that fields which are required
$newProductArray = array();
foreach ($product as $key => $value) {
$newProductArray[$key]["productId"] = $value["id"];
$newProductArray[$key]["userId"] = $value["user_id"];
/******************************
Check if sales is from ListedProduct or NonListedProduct
************************************/
if (isset($_POST["salesType"]) && isset($_POST["productId"]) && isset($_POST["productCode"])) {
/*********************** Listed Product *****************/
$sales_type = e($_POST["salesType"]);
$product_id = e($_POST["productId"]);
$product_code = e($_POST["productCode"]);
//check product id is valid or not
if (!check_productId_is_valid($product_id, $user_id)) {
$result["message"] = "Invalid Product id";
$result["return"] = false;
json($result);
}
//check size is valid
$sizeCount = Db::rowCount("sq", array("user_id" => $user_id, "product_id" => $product_id, "size" => $size_stack), array("=", "=", "="));
if ($sizeCount <= 0) {
$result["message"] = "Invalid size `{$size_stack}` of product";
$result["return"] = false;
json($result);
}
//check quantity is not zero
if ($quantity_stack <= 0) {
$result["message"] = "Invalid quantity. Quantity cannot be zero";
$result["return"] = false;
json($result);
}
//check quantity is not zero
$quantityQuery = Db::query("SELECT quantity FROM `sq` WHERE user_id=? AND product_id=? AND size=?", array($user_id, $product_id, $size_stack));
//fetch quantity from the database
$quantityFetch = $quantityQuery->fetchAll(PDO::FETCH_ASSOC);
require_once "./core/init.php";
require_once "./class/password.php";
//Compact class to support password_hash in 5.5 lower
$result = array();
if (isset($_POST['email']) && isset($_POST['password'])) {
//escape value
$email = e($_POST["email"]);
$password = e($_POST['password']);
if (empty($email) || empty($password)) {
$result["message"] = "Fill in all the fields";
$result["return"] = false;
echo json_encode($result);
exit;
}
//check email is valid
$count = Db::rowCount("user", array("email" => $email), array("="));
//if one user exits
if ($count == 1) {
//fetch results and display
$detail = Db::fetch("user", array("email" => $email), array("="));
//store the hash password
$hash = $detail[0]["password"];
//check the hash match the password
if (password_verify($password, $hash)) {
if (db::getError() == true) {
$result["message"] = "Query failed";
$result["return"] = false;
} else {
$result["message"] = "success";
$result["return"] = true;
$result["user"] = $detail;
function check_sales_id_valid($sales_id, $user_id)
{
$co = Db::rowCount("sales", array("id" => $sales_id, "user_id" => $user_id, "active" => "y"), array("=", "=", "="));
return $co >= 1 ? true : false;
}
