public function __construct($user_id = false, $sort_by = false, $order = false)
{
$result = array();
if ($sort_by !== false) {
$this->setSortBy($sort_by);
}
if ($order !== false) {
$this->SetOrder($order);
}
if ($user_id) {
// fetch ids from all objects of the list from the database
try {
$stmt = DB::getInstance()->prepare("SELECT user_remember_mes.id as user_remember_me_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM user_remember_mes\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE user_remember_mes.user_id = :user_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tcase :sort_by\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\twhen 'create_date' then user_remember_mes.create_date\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\telse NULL\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tend\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $this->getOrder());
$stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT);
$stmt->bindParam(':sort_by', $this->getSortBy(), PDO::PARAM_STR);
$stmt->execute();
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
echo $e->getMessage();
echo $e->getTraceAsString();
}
} else {
try {
$stmt = DB::getInstance()->prepare("SELECT user_remember_mes.id as user_remember_me_id\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM user_remember_mes\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tcase :sort_by\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\twhen 'create_date' then user_remember_mes.create_date\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\telse NULL\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tend\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $this->getOrder());
$stmt->bindParam(':sort_by', $this->getSortBy(), PDO::PARAM_STR);
$stmt->execute();
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
echo $e->getMessage();
echo $e->getTraceAsString();
}
}
foreach ($result as $user_remember_me) {
$user_remember_me = new UserRememberMe((int) $user_remember_me['user_remember_me_id']);
$user_remember_me->fetch();
$this->user_remember_me_list[] = $user_remember_me;
}
}
}
//at this point the user was logged in successfully
//store the session-id to the database
$stmt = DB::getInstance()->prepare("UPDATE users SET session_id = ? WHERE id = ?");
$stmt->execute(array(session_id(), $user_data['id']));
//store the
$_SESSION['user_id'] = $user_data['id'];
//set remember me coockie if the user requested this
if ($_POST['remember'] or $_GET['remember']) {
//http://fishbowl.pastiche.org/2004/01/19/persistent_login_cookie_best_practice/
//generate long random password
$random_password = Helper::randomPassword(56);
//hash the random password like a normal password
$phpass = new PasswordHash(8, false);
$random_password_hash = $phpass->HashPassword($random_password);
$user_remember_me = new UserRememberMe(false, (int) $user_data['id'], $random_password_hash);
$user_remember_me->store();
setcookie("remember_me", $user_data['id'] . "," . $random_password, time() + 60 * 60 * 24 * 14);
}
$messages[] = array("Herzlich willkommen " . $user_data['nickname'], 1);
Message::setMessage($messages);
//redirect the user to the page he visteted previously or to his userpage
if (!empty($_SESSION['redirect_after_login_url']) and strpos($_SESSION['redirect_after_login_url'], "register") === false and strpos($_SESSION['redirect_after_login_url'], "login") === false) {
header("Location: {$_SESSION['redirect_after_login_url']}");
} else {
header('Location: user.php?user_id=' . $_SESSION['user_id']);
}
} elseif ($_GET['section'] == "logout") {
Login::user_logout();
header('Location: index.php');
} else {