-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathfnc_user.php
75 lines (70 loc) · 3.27 KB
/
fnc_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<?php
function sign_up($name, $surname, $gender, $birth_date, $email, $password) {
$notice = 0;
$conn = new mysqli($GLOBALS["server_host"], $GLOBALS["server_user_name"], $GLOBALS["server_password"], $GLOBALS["database"]);
$stmt = $conn->prepare("INSERT INTO vr21_users (vr21_users_firstname, vr21_users_lastname, vr21_users_birthdate, vr21_users_gender, vr21_users_email, vr21_users_password) VALUES (?,?,?,?,?,?)");
echo $conn->error;
// krüpteerime parooli
//$options = ["cost" => 12, "salt" => substr(sha1(rand()), 0, 22) ];
$options = ["cost" => 12];
$pwd_hash = password_hash($password, PASSWORD_BCRYPT, $options );
$stmt -> bind_param("sssiss", $name, $surname, $birth_date, $gender, $email, $pwd_hash);
if($stmt -> execute()) {
$notice = 1;
}
$stmt -> close();
$conn -> close();
return $notice;
}
function sign_in($email, $password) {
$notice = null;
$conn = new mysqli($GLOBALS["server_host"], $GLOBALS["server_user_name"], $GLOBALS["server_password"], $GLOBALS["database"]);
$stmt = $conn -> prepare("SELECT vr21_users_id, vr21_users_firstname, vr21_users_lastname, vr21_users_password FROM vr21_users WHERE vr21_users_email = ?");
echo $conn -> error;
$stmt -> bind_param("s", $email);
$stmt -> bind_result($id_from_db, $first_name_from_db, $last_name_from_db, $password_from_db);
$stmt -> execute();
// kui leiti
if($stmt -> fetch()){
// kas parool klapib
if(password_verify($password, $password_from_db,)){
//olemegi sisse loginud
$notice = 0;
$stmt -> close();
$stmt = $conn -> prepare("SELECT vr21_users_id, vr21_users_firstname, vr21_users_lastname FROM vr21_users WHERE vr21_users_email = ?");
echo $conn -> error;
$stmt -> bind_result($id_from_db, $first_name_from_db, $last_name_from_db);
$stmt -> bind_param("s", $email);
$stmt -> execute();
$_SESSION["user_id"] = $id_from_db;
$_SESSION["user_first_name"] = $first_name_from_db;
$_SESSION["user_last_name"] = $last_name_from_db;
$stmt -> close();
$conn -> close();
header("Location: home.php");
exit();
}
else {
$notice = "Sisselogimine ebaõnnestus, viga kasutajatunnuses või paroolis";
}
}
$stmt -> close();
$conn -> close();
return $notice;
}
// kontrollin kas selline kasutaja/e-mail on olemas
function account_verification($email){
$notice = 0;
$conn = new mysqli($GLOBALS["server_host"], $GLOBALS["server_user_name"], $GLOBALS["server_password"], $GLOBALS["database"]);
$stmt = $conn -> prepare("SELECT vr21_users_id FROM vr21_users WHERE vr21_users_email = ?");
echo $conn -> error;
$stmt -> bind_param("s", $email);
$stmt -> execute();
// kui leiti
if($stmt -> fetch()){
$notice = 1;
}
$stmt -> close();
$conn -> close();
return $notice;
}