function add($data = '') { if (!isset($this->email) and !isset($this->fb_id) and !isset($this->gp_id) and !isset($this->tw_id)) { Error::http(400, "When registerng a user, an email, facebook id (fb_id), google+ id (gp_id) , or twitter id (tw_id) must be used as input."); } foreach ($this->okToAdd as $key) { $this->addKeyVal($key, "NULL", "ifMissing"); } $this->obj->password = password_hash($this->obj->password, PASSWORD_DEFAULT); $this->valArr[array_search('password', $this->keyArr)] = $this->obj->password; $User = $this->obj; $User->user_id = $this->insert(); require_once "utils/Router.php"; Requester::$user_id = $User->user_id; unset($User->password); //no need to communicate this back for privacy $this->setDefaultBrand(); return array($User); }
static function token_login($user, $pwd) { list($label, self::$token_id) = explode("-", $user); if (!self::$token_id) { Error::http(400, "Missing or invalid token id."); } $sql = "SELECT tokens.user_id, users.name, tokens.login_provider, UNIX_TIMESTAMP(tokens.updated) as updated\n\t\t\tFROM tokens LEFT JOIN users ON tokens.user_id=users.user_id\n\t\t\tWHERE token_id=? AND ((token_val='0' AND otk=?) OR (token_val!=0 AND token_val=?))"; $rows = DBquery::get($sql, array(self::$token_id, $pwd, $pwd)); if (!$rows) { Error::http(401, "Invalid credentials for token ID='" . self::$token_id . "'."); } $updated = $rows[0]['updated']; //if ($updated AND time() - $updated > 86400) Error::http(401, "The login-enabled token#". self::$token_id ." for this user has expired (maximum 24-hours API session reached.)."); self::$user_id = $rows[0]['user_id']; self::$name = $rows[0]['name']; self::$otk = $pwd; self::$login_provider = $rows[0]['login_provider']; }