aboutsummaryrefslogtreecommitdiffstats
path: root/php/database.php
blob: 934aafa39e3615d249bed1a74d5374bfe72cbf6c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php 
require_once "configuration.php";
require_once "user.php";
require_once "misc.php";

/*handles database stuff*/
	class Database
	{
		private $pdo;


		public function __construct()
		{
			global $domain_name;
			global $database_name;
			global $database_username;
			global $database_password;
			global $database_location;
			try
			{
				$this->pdo=new PDO("mysql:dbname={$database_name};host={$database_location}",$database_username,$database_password);
			}catch(PDOException $e)
			{
				error_log("Could not get database {$database_name} from {$database_location}, {$e} ");
				die("The cow bought the farm");
			}
		}

		/*returns false if this isn't a user, otherwise returns the userid*/
		function get_user(string $user) 
		{
			$ret=new User;

			$prep=$this->pdo->prepare("select user_id,username,email from users where username=:username");
			$prep->bindParam(':username',$user);

			$prep->execute();

			$hold=$prep->fetch(PDO::FETCH_ASSOC);

			if($hold)
			{
				$ret->user_id=$hold["user_id"];
				$ret->username=$hold["username"];
				$ret->email_address=$hold["email"];
				return $ret;
			}else
			{
				return false;
			}
		}
		/*returns false if this isn't a user or the password is incorrect, otherwise returns the userid*/
		function authenticate(string $user, string $password) 
		{
			$ret=new User;
			global $password_hash_algo;
			


			$hashed_pass=password_hash($password,$password_hash_algo);
			$prep=$this->pdo->prepare("select user_id,username,email from users where username=:username and password=:password");
			$prep->bindParam(':username',$user);
			$prep->bindParam(':password',$hashed_pass);

			$prep->execute();

			$hold=$prep->fetch(PDO::FETCH_ASSOC);
			if($hold)
			{
				$ret->user_id=hold["user_id"];
				$ret->username=hold["username"];
				$ret->email_address["email"];
				return $ret;
			}else
			{
				return false;
			}
		}
		/*returns false if username is taken, email is not checked here*/
		function register_user(string $user,string $password,string $email) : bool
		{
			$hold=$this->get_user($user);
			global $domain_name;
			global $has_email_verification;
			global $password_hash_algo;


			if($hold)
			{
				return false;
			}else
			{
				if($has_email_verification)
				{
					generate_email_verification_link();
				}else
				{
					$hashed_pass=password_hash($password,$password_hash_algo);
					$prep=$this->pdo->prepare("insert into users(username,password,email) values(:username,:password,:email)");
					$prep->bindParam(':username',$user);
					$prep->bindParam(':password',$hashed_pass);
					$prep->bindParam(':email',$email);
					$prep->execute();
				}
				return true;
			}
		}
	}


?>