public function doSignup($passwordForm, $userName, $userEmail)
{
$response = new \stdClass();
$randomSalt = mcrypt_create_iv(22, MCRYPT_DEV_URANDOM);
$passwordHashOptions = array('cost' => 15, 'salt' => $randomSalt);
$securePassword = password_hash($passwordForm, PASSWORD_BCRYPT, $passwordHashOptions);
$myDb = new DbConnection();
if ($myDb->checkUserForSignup($userName, $userEmail) == 1) {
$response->code_operation = "signup";
$response->status = "false";
$response->description = $myDb->statusMessage;
return $response;
} elseif ($status = $myDb->addNewUser($userName, $userEmail, $securePassword) == 1) {
$response->code_operation = "signup";
$response->status = "false";
$response->description = $myDb->statusMessage;
return $response;
} elseif ($status == 0) {
$response->code_operation = "signup";
$response->status = "true";
$response->description = $myDb->statusMessage;
return $response;
} else {
$response->code_operation = "signup";
$response->status = "false";
$response->description = $myDb->statusMessage;
return $response;
}
}
public function doLogin($userEmail, $userPassword)
{
$response = new \stdClass();
$response->code_operation = "login";
$response->description = null;
$response->user_id = null;
$response->user_name = null;
$response->user_email = null;
$dbConnection = new DbConnection();
$statusCode = $dbConnection->checkUserForLogin($userEmail);
if ($statusCode === 1) {
$response->status = "false";
$response->description = $dbConnection->statusMessage;
return $response;
} elseif ($statusCode === 0) {
$statusCode = $dbConnection->checkBruteForce($dbConnection->userId);
if ($statusCode === 1) {
$response->status = "false";
$response->description = $dbConnection->statusMessage;
return $response;
} elseif ($statusCode === 0) {
if (password_verify($userPassword, $dbConnection->dbPassword)) {
$response->status = "true";
$response->description = $dbConnection->statusMessage;
$userId = preg_replace("/[^0-9]+/", "", $dbConnection->userId);
$userName = $username = preg_replace("/[^a-zA-Z0-9_\\-]+/", "", $dbConnection->userName);
$sessionHash = hash('sha512', $dbConnection->dbPassword . $userId . $userName . $userEmail);
$_SESSION['sessionData'] = $sessionHash;
$_SESSION['user_id'] = $userId;
$_SESSION['user_email'] = $userEmail;
$_SESSION['user_name'] = $userName;
$response->user_id = $userId;
$response->user_email = $userEmail;
$response->user_name = $userName;
setcookie("sessionData", $sessionHash);
return $response;
} else {
$dbConnection->insertBadLoginAttempt($dbConnection->userId);
$response->status = "false";
$response->description = $dbConnection->statusMessage;
return $response;
}
} else {
$response->status = "false";
return $response;
}
} else {
$response->status = "false";
return $response;
}
}
public function restoreNewPassword($email, $password, $token)
{
$dataBaseServices = new DbConnection();
$checkEmailStatus = $dataBaseServices->checkUserEmail($email);
if ($checkEmailStatus === 0) {
$chekTokenStatus = $dataBaseServices->checkValidToken($email, $token);
if ($chekTokenStatus === 0) {
$signedPassword = $this->signNewPassword($password);
$changePasswordStatus = $dataBaseServices->changeUserPassword($email, $signedPassword);
if ($changePasswordStatus === 0) {
return 0;
} else {
return 1;
}
} else {
return 1;
}
} else {
return 1;
}
}
