/
Account.php
109 lines (87 loc) · 3.47 KB
/
Account.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?php
//2011, Jacob Andresen <jacob.andresen@gmail.com>
class Account
{
public $id;
public $userName;
public $password;
public $firstName;
public $lastName;
public $collections;
public static function create($data)
{
$SQL = "INSERT INTO account(username, password, first_name, last_name) VALUES('" . $data->userName . "','" . $data->password . "','" . $data->firstName . "','" . $data->lastName . "')";
mysql_query($SQL) or die("create failed:" . $SQL . mysql_error());
$a = new Account();
$a->id = mysql_insert_id();
$a->userName = $data->userName;
$a->password = $data->password;
$a->firstName = $data->firstName;
$a->lastName = $data->lastName;
return $a;
}
public static function retrieve($data)
{
$SQL = "SELECT id,username,password,first_name,last_name from account where id='" . $data->id . "'";
$res = mysql_query($SQL) or die ("read failed:" . $SQL . mysql_error());
$row = mysql_fetch_array($res);
$a = new Account();
$a->id = $row[0];
$a->userName = $row[1];
$a->password = $row[2];
$a->firstName = $row[3];
$a->lastName = $row[4];
$a->collections = Collection::retrieve((object)array("accountId" => $a->id));
return $a;
}
public static function update($data)
{
$SQL = "UPDATE account where id=" . $data->id . " set username='" . $data->userName . "',password='" . $data->password . "',first_name='" . $data->firstName . "',last_name='" . $data->lastName . "'";
mysql_query($SQL) or die ("Account update failed:" . $SQL . mysql_error());
}
public static function destroy($id)
{
mysql_query("DELETE FROM account where id=$id");
}
public static function login($userName, $password)
{
$res = mysql_query("SELECT id from account where username='" . $userName . "' and password='" . $password . "'") or die(mysql_error());
$row = mysql_fetch_array($res);
$id = $row[0];
if (isset($id)) {
Account::generateToken($userName, $password);
return (Account::retrieve((object)array("id" => $id)));
} else {
throw (new Exception("login failed for user " . $userName));
}
}
public static function tokenLogin($token)
{
$sql = "SELECT a.id from account a, token t where t.value='$token' and t.account_id=a.id";
$res = mysql_query($sql);
$row = mysql_fetch_array($res);
$id = $row[0];
if (isset($id)) {
return '{id:"'.$id.'",token:"'.$token.'"}';
}
}
public static function generateToken($userName, $password)
{
$token = md5($userName . $password . rand());
$sql = "select id from account where username='$userName' and password='$password'";
$res = mysql_query($sql) or die (" failed logging in");
$row = mysql_fetch_array($res);
$id = $row['id'];
$sql = "insert into token(account_id, value) values( '$id', '$token');";
mysql_query($sql) or die;
return $token;
}
public static function getToken($userName, $password)
{
$sql = "select a.id,t.value from account a, token t where a.username='$userName' and a.password='$password' and t.account_id=a.id ;";
$res = mysql_query($sql) or die (" failed getting token:" . mysql_error());
$row = mysql_fetch_array($res);
return $row['value'];
}
}
?>