-
Notifications
You must be signed in to change notification settings - Fork 0
/
DBC.php
114 lines (85 loc) · 3.3 KB
/
DBC.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
class DBLink{
public $con;
function __construct(){
$lines = file('db.txt');
$sv= trim($lines[0]);
$un= trim($lines[1]);
$pw= trim($lines[2]);
$db= trim($lines[3]);
$this->con= mysqli_connect($sv, $un, $pw, $db) or die ("DB failed at : __construct()" . mysqli_error($this->con));
}
function __destruct(){
mysqli_close($this->con);
}
public function getRoommmates($ID, $UID){
$SQL = "SELECT U.FirstName, U.LastName, U.Email, U.Phone
FROM User_Property UP
JOIN User U ON U.ID = UP.TenantID
WHERE UP.PropertyID = $ID
AND UP.TenantID <> $UID
";
$results = mysqli_query($this->con, $SQL) or die ("DB failed at login(): " . mysqli_error($this->con));
if($this->emptyResult($results))
return false;
else {
return mysqli_fetch_assoc($results);
}
}
public function getUserInfo($ID){
$SQL = "SELECT U.ID TenantID, U.FirstName, U.LastName, U.Email, U.Phone, P.ID PropertyID, P.Address, P.TotalTenants, L.FirstName LandlordFirstName, L.LastName LandlordLastName, L.Email LandlordEmail, L.Phone LandlordPhone
FROM `User_Property` up
JOIN User U ON U.ID = up.TenantID
JOIN Property P ON P.ID = up.PropertyID
JOIN User L ON L.ID = P.LandlordID
WHERE up.TenantID =$ID";
$results = mysqli_query($this->con, $SQL) or die ("DB failed at login(): " . mysqli_error($this->con));
if($this->emptyResult($results))
return false;
else {
return mysqli_fetch_assoc($results);
}
}
//function to validate login
public function login($valArray){
//ADD CRYPT()
$SQL= "SELECT * FROM User WHERE (UPPER(Email) = '". strtoupper($valArray["email"]) ."') AND (password = '" . $valArray["password"]. "')";
$results = mysqli_query($this->con, $SQL) or die ("DB failed at login(): " . mysqli_error($this->con));
if($this->emptyResult($results))
return false;
else
return mysqli_fetch_assoc($results);
}
public function addUser($valArray){
unset($valArray["pass"]);
//ADD CRYPT()
$SQL = "INSERT INTO User(FirstName,LastName,Email,Password,UserType) VALUES (";
foreach ($valArray as $val)
$SQL .= "'" . $val . "',";
$SQL = rtrim($SQL, ',').")";
mysqli_query($this->con, $SQL) or die ("DB failed at addUser(): " . mysqli_error($this->con));
}
//function to run user-specified query (SQL command)
public function query($SQL){
$results = mysqli_query($this->con, $SQL) or die ("DB failed at query(): " . mysqli_error($this->con));
return $results;
}
//function to update password on existent record
public function update($username, $password){
//echo "using update function <br>";
//$password = hash('md5', $password);
$password= crypt($password, "D4E5V22I9K12A1");
$SQL = "UPDATE users SET password = '$password' WHERE UPPER(username) = '$username'";
mysqli_query($this->con, $SQL) or die ("DB failed: " . mysqli_error());
}
public function emptyResult($result){
//echo "using emptyResult() <br>";
if(mysqli_num_rows($result)==0){
$var = true;
}else{
$var = false;
}
return $var;
}
}
?>