public function __construct($user_id)
{
$this->uid = $user_id;
$user = DBWorker::getRow('SELECT * FROM users WHERE user_id = :uid AND active = 1', ':uid', $user_id);
if ($user) {
$this->email = $user['email'];
$this->alias = $user['alias'];
$this->name = $user['name'];
$this->city = $user['city'];
$this->phone = $user['phone'];
$this->about = $user['about'];
$this->sex = $user['sex'];
$this->date_joined = $user['date_joined'];
}
}
/**
* @return bool
*Pull password from schema and check it against user password
*/
public function check()
{
if (Helper::validateEmail($this->email) == true) {
//if email is invalid don't bother checking in the schema
$user = DBWorker::getRow('SELECT password FROM users WHERE email = :email AND active = 1', ':email', $this->email);
if (!$user) {
$this->valid = false;
$this->error = '<p class="warning"><strong>Error :</strong>Username and password do not match </p>';
//email is found. go on to check the password
} elseif ($user) {
//match user password against the one in the found row in the schema
if (crypt($this->pass, $user['password']) === $user['password']) {
$this->valid = true;
} else {
$this->error = '<p class="warning"><strong>Error :</strong>Username and password do not match </p>';
}
}
} else {
$this->error = '<p class="warning"><strong>Error :</strong> Please enter a valid email</p>';
$this->valid = false;
}
return $this->valid;
}
if (isset($_SESSION['uid'])) {
$debug['COOKIE_OK_l'] = true;
}
header('Location: panel.php');
}
}
$auth = null;
$error = '';
$user = null;
//Post data
if (isset($_POST['email']) && isset($_POST['password'])) {
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$pass = isset($_POST['password']) ? trim($_POST['password']) : '';
$auth = new Auth($email, $pass);
if ($auth->check() === false) {
$error = $auth->getError();
} else {
if (!empty($_POST['keep_session'])) {
if ($_POST['keep_session'] == 'keep_session') {
$user = DBWorker::getRow('SELECT user_id FROM users WHERE email = :email AND active = 1', ':email', $email);
Session::alter(Numbers::_randKey(), $user_agent_string, 'save', $user['user_id']);
$debug['SaveSession'] = true;
}
}
$debug['login'] = true;
header('Location: panel.php');
}
}
/*var_dump($debug);
var_dump($_SESSION);
var_dump($_COOKIE);*/
* User: Peter
* Date: 8/14/15
* Time: 6:39 PM
* To change this template use File | Settings | File Templates.
*/
session_start();
if (isset($_SESSION['uid'])) {
header('Location: home.php');
exit;
}
require_once "includes/database/DBWorker.php";
$success = null;
if (!empty($_POST['login'])) {
$user_name = !empty($_POST['username']) ? trim($_POST['username']) : '';
$password = !empty($_POST['password']) ? $_POST['password'] : '';
$user = DBWorker::getRow('SELECT * FROM users WHERE username = :username', ':username', $user_name);
if ($user) {
if (md5($password) == $user['password']) {
$_SESSION['uid'] = md5($username);
$_SESSION['username'] = $username;
header('Location: home.php');
exit;
}
}
$success = false;
}
?>
<!doctype html>
<html>
<head>
<link rel="stylesheet" href="css/header.css" type="text/css"/>
* Created by JetBrains PhpStorm.
* User: Peter
* Date: 8/9/15
* Time: 11:12 PM
* To change this template use File | Settings | File Templates.
*/
require_once "auth.inc.php";
require_once "includes/database/DBWorker.php";
require_once "includes/utils/helper.class.php";
$error_msg = array();
$success = false;
$dbh = new DBWorker();
$app_id = isset($_GET['app']) ? abs($_GET['app']) : null;
$app = null;
if (isset($app_id)) {
$app = DBWorker::getRow('SELECT * FROM apps WHERE id = :id', ':id', $app_id);
}
if (isset($_POST['add_app'])) {
$id = isset($_POST['id']) ? abs($_POST['id']) : -1;
$app_date = $_POST['app_date'];
$app_summary = trim($_POST['app_summary']);
$patient_name = $_POST['patient_name'];
if (preg_match('/^\\d{4}-\\d{2}-\\d{2}$/', $app_date) < 1) {
$error_msg[] = 'Invalid date';
}
if (strlen(trim($patient_name)) < 3) {
$error_msg[] = 'Client name too short';
}
$add_app = 'INSERT INTO apps (app_date, app_summary, patient_name) VALUES (:app_d, :app_sum, :patient)';
if ($_POST['add_app'] == 'Edit') {
$add_app = 'UPDATE apps SET app_date = :app_d, app_summary = :app_sum, patient_name = :patient WHERE id = :id';
$resend = false;
} else {
$error = 'Invalid activation key please enter your email to get your key';
}
}
}
if (isset($_POST['email'])) {
$email = trim($_POST['email']);
if (strlen($email) < 6 || strlen($email) > 32 || preg_match('/[^a-zA-Z0-9_@\\.]/', $email)) {
$error = 'Invalid email';
} else {
$user = DBWorker::getRow('SELECT * FROM users WHERE email = :email AND active = 0', ':email', Helper::filterEmail($email));
if ($user !== false) {
$uid = filter_var($user['user_id'], FILTER_SANITIZE_STRING);
$key = DBWorker::getRow('SELECT * FROM confirmation WHERE user_id = :uid', ':uid', $uid);
if ($key !== false) {
$token = $key['user_key'];
$user_id = $key['user_id'];
P_MAIL::sendConfirmation($user_id, $key['user_key'], $user['alias'], $user['email']);
} else {
//the key is unavailable
DBWorker::insert('INSERT INTO confirmation (user_id, user_key, expires) VALUES (:uid, ' . filter_var(Numbers::_randKey(), FILTER_SANITIZE_NUMBER_INT) . ', DATE_ADD(NOW(), INTERVAL 6 MONTH ))', ':uid', $user['user_id']);
//resend key to user's mail box
P_MAIL::sendConfirmation($user['user_id'], Numbers::_randKey(), $user['alias'], $user['email']);
}
} elseif (DBWorker::getRow('SELECT * FROM users WHERE email = :email AND active = 1', ':email', Helper::filterEmail($_POST['email']))) {
$error = 'Account already activated. Please <a href="../user/login.php?' . $append . '">login</a> to access your panel';
$resend = false;
}
}
}
