function login_user($name, $password)
{
global $model, $s;
$password = md5($password);
$result = $model['user']['login']($name, $password);
if ($result) {
$user = mysqli_fetch_assoc($result);
$s['user'] = $user;
add_flash('info', "You're now logged in");
go_home();
} else {
add_flash('danger', "Wrong credentials");
}
}
<?php
$add_model = function (&$model) use($conn) {
$user = array();
mysqli_query($conn, "CREATE TABLE IF NOT EXISTS users(\n id INT PRIMARY KEY AUTO_INCREMENT,\n name VARCHAR(20) UNIQUE,\n password VARCHAR(40),\n email VARCHAR(40),\n email_hash VARCHAR(40)\n )");
$user['create'] = function ($user) use($conn) {
$name = $user['name'];
$password = md5($user['password']);
$email = strtolower($user['email']);
$email_hash = md5($email);
mysqli_query($conn, "INSERT INTO users(name, password, email, email_hash)\n VALUES('{$name}', '{$password}', '{$email}', '{$email_hash}')");
add_flash('success', "User created");
};
$user['login'] = function ($name, $password) use($conn) {
$result = mysqli_query($conn, "SELECT * FROM users WHERE name='{$name}' AND password='******'");
return mysqli_num_rows($result) ? $result : False;
};
$user['by_name'] = function ($name) use($conn) {
$result = mysqli_query($conn, "SELECT * FROM users WHERE name='{$name}'");
$user = mysqli_fetch_assoc($result);
return $user;
};
$model['user'] = $user;
};
$add_model($model);
unset($add_model);
<?php
$titles[] = 'Register';
if ($s['user']) {
add_flash('warning', "You can't create new users during the session");
go_home();
}
if ($p) {
$error_messages = validate('register', $p);
if ($error_messages) {
foreach ($error_messages as $msg) {
add_flash('danger', $msg);
}
} else {
$model['user']['create']($p);
login_user($p['name'], $p['password']);
}
}
include get_tpl('register');
<?php
$add_model = function (&$model) use($conn) {
global $s;
mysqli_query($conn, "CREATE TABLE IF NOT EXISTS posts(\n id INT PRIMARY KEY AUTO_INCREMENT,\n title VARCHAR(20),\n content TEXT\n )");
$post = array();
$post['create'] = function ($post) use($conn, $s) {
$title = $post['title'];
$content = strip_tags($post['content'], '<a>');
mysqli_query($conn, "INSERT INTO posts(title, content)\n VALUES('{$title}', '{$content}')");
$new_id = mysqli_insert_id($conn);
mysqli_query($conn, "INSERT INTO com(from_id, from_type, to_id, to_type)\n VALUES({$s['user']['id']}, 'user', {$new_id}, 'post')");
add_flash('success', "Post created");
};
$post['all'] = function ($where = 'WHERE com.rel_type="have"') use($conn, $s) {
$result = mysqli_query($conn, "SELECT * FROM posts JOIN com JOIN users\n ON posts.id = com.to_id AND users.id = com.from_id {$where}\n ORDER BY posts.id DESC");
// $posts = array();
while ($posts[] = mysqli_fetch_assoc($result)) {
}
array_pop($posts);
return $posts;
};
$post['my_stream'] = function () use($conn, $s, $post) {
return $post['all']("WHERE users.id = {$s['user']['id']} AND com.rel_type='have' ");
};
$post['by_user'] = function ($id) use($conn, $s, $post) {
return $post['all']("WHERE users.id = {$id} AND com.rel_type='have' ");
};
$post['by_id'] = function ($id) use($conn, $s, $post) {
return $post['all']("WHERE posts.id = {$id} AND com.rel_type='have' ");
};
<?php
unset($s['user']);
add_flash('info', "Now you're Anon");
go_home();
