static function changePassword($userToChange, $dirtyUpdatedPassword)
{
//Recieves new password. hashes with Salt. Updates database with new password.
$mysqli = DB::getInstance();
$cleanUpdatedPassword = Cleaner::cleanVar($dirtyUpdatedPassword);
//creates long, random salt:
$size = mcrypt_get_iv_size(MCRYPT_CAST_256, MCRYPT_MODE_CFB);
$newSalt = mcrypt_create_iv($size);
//hashes our cleaned password with added salt:
$safeUpdatedPassword = hash("sha512", "{$newSalt}" . "{$cleanUpdatedPassword}");
$queryChangePassword = "******" . $safeUpdatedPassword . "', salt='" . $newSalt . "'\n\t\tWHERE users.id=" . $userToChange . ";\n\t\t";
$mysqli->query($queryChangePassword);
}
static function showSingleGoal($dirtyGoalID, $dirtyUserID)
{
// takes POST about goalID and session userID and shows goal that contains both from database.
$cleanGoalID = Cleaner::cleanVar($dirtyGoalID);
$cleanUserID = Cleaner::cleanVar($dirtyUserID);
$mysqli = DB::getInstance();
$query = "\n\t\t\tSELECT content.*, goals_use_content.id as 'connection_id', goals.id as 'goal_id', goals.goal, goals.subject as 'goal_subject', goals.year as 'goal_year', goals.user_id as 'goal_user_id'\n\t\t\tfrom goals\n\t\t\tleft join goals_use_content\n\t\t\ton goals.id = goals_use_content.goal_id\n\t\t\tleft join content\n\t\t\ton goals_use_content.content_id = content.id\n\t\t\twhere goals.user_id = '" . $cleanUserID . "'\n\t\t\tand goals.id = '" . $cleanGoalID . "'\n\t\t";
$result = $mysqli->query($query);
$array = array();
while ($row = $result->fetch_assoc()) {
$array[] = $row;
}
return ['items' => $array, 'goal' => $array[0]['goal'], 'goal_subject' => $array[0]['goal_subject'], 'goal_year' => $array[0]['goal_year'], 'goal_id' => $array[0]['goal_id']];
}
static function showConnectedContent($dirtyGoalID, $dirtyUserID)
{
// takes POST about goalID and userID and shows the content that has both values
$cleanGoalID = Cleaner::cleanVar($dirtyGoalID);
$cleanUserID = Cleaner::cleanVar($dirtyUserID);
$mysqli = DB::getInstance();
$queryConnections = "\n\t\tSELECT *\n\t\tFROM content, goals_use_content\n\t\tWHERE content.id = goals_use_content.content_id\n\t\tAND goals_use_content.goal_id = '" . $cleanGoalID . "'\n\t\tHAVING goals_use_content.user_id = '" . $cleanUserID . "'\n\t\tORDER BY content.timestamp DESC\n\t\t";
$resultConnections = $mysqli->query($queryConnections);
$array = array();
while ($rowConnections = $resultConnections->fetch_assoc()) {
$array[] = $rowConnections;
}
return $array;
}
function rating($dirtyContentID, $dirtyUserId, $dirtyRating)
{
// takes contentID, userID and rating containing 1 or -1 and insert it into database.
// it checks if that userID has rated on that content before. if no, it will insert rating into database.
$cleanContentID = Cleaner::cleanVar($dirtyContentID);
$cleanUserId = Cleaner::cleanVar($dirtyUserId);
$cleanRating = Cleaner::cleanVar($dirtyRating);
$mysqli = DB::getInstance();
$query = "SELECT EXISTS(SELECT * FROM rating WHERE content_id = '{$cleanContentID}' and users_id = '{$cleanUserId}') as ratingExists";
$result = $mysqli->query($query);
$array = array();
while ($row = $result->fetch_assoc()) {
if ($row['ratingExists'] == 0) {
$query = "\n\t\t\t\t\tINSERT INTO rating (content_id, users_id, rating)\n\t\t\t\t\tVALUES ('{$cleanContentID}', '{$cleanUserId}', '{$cleanRating}')\n\t\t\t\t";
$mysqli->query($query);
}
}
}
