public function connectUser($email, $password) { $this->email = $email; $this->password = \projet21\starcraft\customHash($password); $database = new \PDO('mysql:host=' . $GLOBALS['settings']['dbHost'] . ';dbname=' . $GLOBALS['settings']['dbName'] . ';charset=utf8', $GLOBALS['settings']['dbUser'], $GLOBALS['settings']['dbPassword']); $credential_verify = $database->prepare('SELECT * FROM user WHERE email = :email'); $credential_verify->execute(array('email' => $this->email)); $occurence = 0; $password_valid = false; //verify if user exist while ($donnees = $credential_verify->fetch()) { if ($donnees['email'] == $this->email) { $occurence++; } //verify if password is valid if ($donnees['password'] == $this->password) { $password_valid = true; } else { $password_valid = false; } } //if user find and password valid, then initialize user_info if ($occurence == 1 and $password_valid) { $database = new \PDO('mysql:host=' . $GLOBALS['settings']['dbHost'] . ';dbname=' . $GLOBALS['settings']['dbName'] . ';charset=utf8', $GLOBALS['settings']['dbUser'], $GLOBALS['settings']['dbPassword']); $connect_user = $database->prepare('SELECT * FROM user WHERE email = :email'); $connect_user->execute(array('email' => $this->email)); while ($donnees = $connect_user->fetch()) { $this->id = $donnees['id']; $this->id_group = $donnees['id_group']; $this->pseudo = $donnees['pseudo']; $this->is_connected = TRUE; } return true; } elseif (!$password_valid) { $this->lastError = 'password_incorrect'; return false; } elseif ($occurence == 0) { $this->lastError = 'email_not_find'; return false; } else { $this->lastError = 'error'; return false; } }
public function userCreate($pseudo, $email, $password, $password_verification) { $error = null; $notValid = false; if ($password != $password_verification) { $this->lastError = 'password_not_match'; $notValid = true; } //pseudo verification if (!preg_match("#^[a-zA-Z0-9_ -]{3,16}\$#i", $pseudo) or preg_match("#ternoc|ZJ-AX#i", $pseudo)) { $this->lastError = 'pseudo_not_valid'; $notValid = true; } //email verification if (!preg_match("#^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9-.]+\$#", $email)) { $this->lastError = 'email_not_valid'; $notValid = true; } if (!$notValid) { //verification if email is already used $email = htmlspecialchars($email); $verification = $this->database->prepare('SELECT * FROM user WHERE email = :email'); $verification->execute(array('email' => $email)); while ($verification_data = $verification->fetch()) { if ($verification_data['email'] == $email) { $notValid = true; $error = 'email_already_use'; } } } if (!$notValid) { //if values are valid, then insert into database $password_hash = \projet21\starcraft\customHash($password); $pseudo = htmlspecialchars($pseudo); $email = htmlspecialchars($email); $req = $this->database->prepare('INSERT INTO user(id_group, pseudo, password, email, password_test) VALUES(:id_group, :pseudo, :password, :email, :password_test)'); $req->execute(array('id_group' => '2', 'pseudo' => $pseudo, 'password' => $password_hash, 'email' => strtolower($email), 'password_test' => $password)); $error = null; return true; } if ($notValid) { return false; } }