aboutsummaryrefslogtreecommitdiff
path: root/Html/classes/class.user.php
blob: b0f5e57229ad15ea94e07a4f9d8c6a9bd0953af8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php

include('class.password.php');

class User extends Password{

    private $db;
	
	function __construct($db){
		parent::__construct();
	
		$this->_db = $db;
	}

	public function is_logged_in(){
		if(isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == true){
			return true;
		}		
	}

	private function get_user_hash($username){	

		try {

			$stmt = $this->_db->prepare('SELECT password FROM blog_members WHERE username = :username');
			$stmt->execute(array('username' => $username));
			
			$row = $stmt->fetch();
			return $row['password'];

		} catch(PDOException $e) {
		    echo '<p class="error">'.$e->getMessage().'</p>';
		}
	}

	
	public function login($username,$password){	

		$hashed = $this->get_user_hash($username);

		try {

			$stmt = $this->_db->prepare('SELECT memberID,password,active FROM blog_members WHERE username = :username');
                	$stmt->execute(array('username' => $username));
                	$row = $stmt->fetch();
		
			if($this->password_verify($password,$hashed) == 1 && $row['active'] == 'yes') {
		   		$_SESSION['time'] = time(); 
		    		$_SESSION['loggedin'] = true;
		    		$_SESSION['username'] = $username;
				$_SESSION['userid'] = $row['memberID'];

		    		return true;
			}

		} catch(PDOException $e) {
                    echo '<p class="error">'.$e->getMessage().'</p>';
                }
	}	
	
		
	public function logout(){
		session_destroy();
	}
	
}

?>