public static function connect()
{
if (!isset(self::$con) || null === self::$con) {
self::$con = new MySQLi(SERVER, USER, PASS, DB);
self::$con->set_charset('utf8');
if (mysqli_connect_error()) {
printf("connect failed %d", mysqli_connect_error);
return false;
}
}
return self::$con;
}
public function featured_products()
{
$products = array();
if ($pros = Product::query()->where([['`active`', '=', 1]])->order_by('`view`')->take(10)->get()) {
while ($row = $pros->fetch_assoc()) {
$pro = new Product($row);
if ($imgs = Data_Provider::execute_query('select * from eli_product_image where `id_product`=' . $pro->id . ' limit 1')) {
$images = array();
if ($other_row = $imgs->fetch_assoc()) {
$image = new Product_Image($other_row);
array_push($images, $image);
}
$pro->images = $images;
$imgs->free();
}
array_push($products, $pro);
}
$pros->free();
}
$this->render('views/_shared/_featured_product.php', ['products' => $products]);
}
public function update()
{
$link = Data_Provider::connect();
$sets = '';
foreach ($this->attributes as $key => $value) {
if ('id' != $key) {
$value = mysqli_escape_string($link, $value);
if ($key != end_key($this->attributes)) {
$sets .= " `{$key}` = '{$value}' , ";
} else {
$sets .= " `{$key}` ='{$value}' ";
}
}
}
$sql = 'update `' . self::$table . "` set {$sets} where `id`={$this->id}";
if ($link->query($sql)) {
if ($link->affected_rows > 0) {
return true;
}
return false;
}
}
public function password_post($params)
{
if (!isset($_SESSION['user'])) {
ob_end_clean();
header('Location:' . Path::go_to('user/login'));
exit;
}
$msg = array();
$msg = $this->validate_password($params['password'], $params['cf-password']);
if (sizeof($msg) > 0) {
$this->render('views/user/password.php', ['msg' => $msg]);
return;
}
if ($result = User::query(['`id`', '`password`'])->where([['`email`', '=', "'{$_SESSION['user']}'"]])->get()) {
if ($row = $result->fetch_assoc()) {
$user = new User($row);
$link = Data_Provider::connect();
if ($user->password == hash('sha384', mysqli_escape_string($link, $params['current-password']) . SECRET_KEY)) {
$user->password = hash('sha384', mysqli_escape_string($link, $params['password']) . SECRET_KEY);
if ($user->update()) {
$this->render('views/user/password_success.php');
return;
} else {
array_push($msg, 'Password hasn\'t been updated yet, try again later');
}
} else {
array_push($msg, 'Your password was incorrect');
}
} else {
array_push($msg, 'Error! Please try again');
}
} else {
array_push($msg, 'Database is dead "T-T');
}
$this->render('views/user/password.php', ['msg' => $msg]);
}
