uqzJgL3z

· 5 years ago · Jul 22, 2020, 07:46 AM
1Class Account {
2	$hashpw = hash('sha1', $_POST["d"]["password"]);
3	private $datetime = date("Y-m-d H:i:s");
4	
5	function Data($select){
6		global $Connect_Server;
7		
8		$accounts = $Connect_Server->prepare("SELECT ".$select." FROM accounts WHERE id = :id LIMIT 1");
9		$accounts->bindValue(':id', $_SESSION['logged'], PDO::PARAM_INT);
10		$accounts->execute();
11		
12		$msg = $accounts->fetch(PDO::FETCH_ASSOC);
13		return $msg[$select];
14	}
15	
16	function getData($select, $param){
17		global $Connect_Server;
18		
19		$accounts = $Connect_Server->prepare("SELECT ".$select." FROM accounts WHERE id = :id LIMIT 1");
20		$accounts->bindValue(':id', $param, PDO::PARAM_INT);
21		$accounts->execute();
22		
23		$msg = $accounts->fetch(PDO::FETCH_ASSOC);
24		return $msg[$select];
25	}
26	
27	function logout(){
28		if(isset($_SESSION['logged'])){
29			echo json_encode(['ok' => true], JSON_PRETTY_PRINT);
30			
31			setcookie ("token", $_COOKIE['token'], time() - (10 * 365 * 24 * 60 * 60 * 60));
32			session_destroy();
33			setcookie ("token", $_COOKIE['token'], time() - (10 * 365 * 24 * 60 * 60 * 60));
34		}else{
35			//todo(?)
36		}
37	}
38	
39	function login(){
40		global $Connect_Server;
41		
42		$accounts = $Connect_Server->prepare('SELECT id FROM accounts WHERE name = :name and password = :password or email = :name and password = :password LIMIT 1');
43		$accounts->bindParam(':name', $_POST["d"]["login"], PDO::PARAM_STR);
44		$accounts->bindParam(':password', $this->hashpw, PDO::PARAM_STR);
45		$accounts->execute();
46		
47		$account = $accounts->fetch(PDO::FETCH_ASSOC);
48		
49		if(empty($_POST["d"]["login"])){
50			echo json_encode(['ok' => false, 'msg' => 'Wypełnij pole Login!']);
51		}elseif(empty($_POST["d"]["password"])){
52			echo json_encode(['ok' => false, 'msg' => 'Wypełnij pole Hasła!']);
53		
54		}elseif($account){
55			echo json_encode(['ok' => true]);
56
57			$_SESSION['logged'] = $account["id"];
58			$_COOKIE['user_id'] = $account["id"];
59
60			$secretKey = '!@#$%^&*()[]+?.?>?HaKuNaMatata909/?**&^$#EDFG';
61			$token = hash('SHA256', $secretKey.$account["id"].$secretKey);
62			
63			$this->updateIP();
64
65			setcookie('token', $token, time() + (10 * 365 * 24 * 60 * 60), '/', '.sdbh.tk');
66		}else{
67			echo json_encode(['ok' => false, 'msg' => 'Błędny Login Lub Hasło!']);
68		}
69	}
70	
71	function updateIP(){
72		global $Connect_Server;
73		
74		$UserIP = ("UPDATE accounts SET ip = :ip, last_active = :last_active WHERE id = :account_id LIMIT 1");
75		$newUserIP = $Connect_Server->prepare($UserIP);
76		$newUserIP->bindValue(':account_id', Login(), PDO::PARAM_INT);
77		$newUserIP->bindParam(':ip', $_SERVER['REMOTE_ADDR'], PDO::PARAM_STR);
78		$newUserIP->bindParam(':last_active', $this->datetime, PDO::PARAM_STR);
79		$newUserIP->execute();
80		$newUserIP->closeCursor();
81	}
82}