From 5fd9fa480f302902328b81f912dd67ce378284f8 Mon Sep 17 00:00:00 2001 From: citizenz7 Date: Thu, 20 Apr 2017 18:50:55 +0200 Subject: V.1.4.6 --- Html/classes/class.user.php | 68 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 Html/classes/class.user.php (limited to 'Html/classes/class.user.php') diff --git a/Html/classes/class.user.php b/Html/classes/class.user.php new file mode 100644 index 0000000..b0f5e57 --- /dev/null +++ b/Html/classes/class.user.php @@ -0,0 +1,68 @@ +_db = $db; + } + + public function is_logged_in(){ + if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){ + return true; + } + } + + private function get_user_hash($username){ + + try { + + $stmt = $this->_db->prepare('SELECT password FROM blog_members WHERE username = :username'); + $stmt->execute(array('username' => $username)); + + $row = $stmt->fetch(); + return $row['password']; + + } catch(PDOException $e) { + echo '

'.$e->getMessage().'

'; + } + } + + + public function login($username,$password){ + + $hashed = $this->get_user_hash($username); + + try { + + $stmt = $this->_db->prepare('SELECT memberID,password,active FROM blog_members WHERE username = :username'); + $stmt->execute(array('username' => $username)); + $row = $stmt->fetch(); + + if($this->password_verify($password,$hashed) == 1 && $row['active'] == 'yes') { + $_SESSION['time'] = time(); + $_SESSION['loggedin'] = true; + $_SESSION['username'] = $username; + $_SESSION['userid'] = $row['memberID']; + + return true; + } + + } catch(PDOException $e) { + echo '

'.$e->getMessage().'

'; + } + } + + + public function logout(){ + session_destroy(); + } + +} + +?> -- cgit v1.2.1