Nextrek

Explore
Commits
@ 593
Nextrek / Android / SmartCharging / endPoints / repositories / UserRepository.php

<?php
	require_once('UserRepositoryInterface.php');
	require_once(dirname(__FILE__)."/../constants.php");
	require_once(dirname(__FILE__)."/../utilities.php");
	define('FACEBOOK_SDK_V4_SRC_DIR', dirname(__FILE__).'/../fb_SDK/src/Facebook/');
	require_once(dirname(__FILE__)."/../fb_SDK/autoload.php");
	use Facebook\FacebookSession;
	use Facebook\FacebookRedirectLoginHelper;
	use Facebook\FacebookRequest;
	use Facebook\FacebookResponse;
	use Facebook\FacebookSDKException;
	use Facebook\FacebookRequestException;
	use Facebook\FacebookAuthorizationException;
	use Facebook\GraphObject;

	class UserRepository implements UserRepositoryInterface {
		protected $db;

		public function __construct($db) {
			$this->db = $db;
		}

		public static function checkToken($token, $conn) {
			try {
				$queryToken = "SELECT id FROM utente WHERE token='".$token."'";
				//echo "<br/>".$queryToken."<br/>";
				$result = $conn->query($queryToken);
				return ($result->rowCount()>0);
			} catch (PDOException $e) {
				echo $e->getMessage();
				return false;
			}
		}

		public function registerUser($user, $password) {
			$status = array();
			
			try {

				if (!$this->checkUserName($user)) { //username già registrato
					$status = createErrorMessage(1, "Username già registrato");
					$status["id"] = -1;
					$status["return"] = 1;
					$status["token"] = "";
					return $status;
				}

				if (!$this->checkEmail($user)) { //email già registrata
					$status = createErrorMessage(2, "Email già registrata");
					$status["id"] = -1;
					//$status["return"] = 2;	
					$status["token"] = "";
					return $status;
				}

				$hashedPwd = password_hash($password, PASSWORD_DEFAULT);
				$newToken = sha1($user->username.session_id().time());

				$query = "INSERT INTO utente(username, password, nome, cognome, cell, email, token)
	    				VALUES ('".$user->username."',
	    						'".$hashedPwd."',
	    						'".$user->nome."',
	    						'".$user->cognome."',
	    						'".$user->cell."',
	    						'".$user->email."',
	    						'".$newToken."')";
				
				//echo "<br/>".$query."<br/>";	

				$this->db->exec($query);
				$status["id"] = $this->db->lastInsertId();
				$status["return"] = 0;
				$status["token"] = $newToken;
				return $status;
				//echo "New record created successfully";
			} catch (PDOException $e) {
				echo $e->getMessage();
				$status = createErrorMessage(3, "Errore DB");
				$status["id"] = -1;
				//$status["return"] = 3;
				$status["token"] = "";
				return $status;
			}

		}

		public function loginUser($username, $password, $is_admin) {
			$status = array();

			try {
				$query = "SELECT id, password, email, is_owner FROM utente WHERE username='".$username."' AND is_active=1";

				if ($is_admin) {
					$query = $query." AND is_admin=1";
				}

				$result = $this->db->query($query);
				$row = ($result->rowCount()>0) ? $result->fetch() : null;

				if (is_null($row)) {
					$status = createErrorMessage(1, "Username non valido");
					//$status["return"] = 1;
					$status["id"] = -1;
					$status["token"] = "";
				} else if (!password_verify($password, $row["password"])) {
					$status = createErrorMessage(1, "Password non valida");
					//$status["return"] = 1;
					$status["id"] = -1;
					$status["token"] = "";
				} else {
					//$newToken = sha1($row["email"].session_id().time());
					$newToken = sha1($username.session_id().time());

					$queryToken = "UPDATE utente
									SET token='".$newToken."'
									WHERE id=".$row["id"];

					//echo "<br/>".$queryToken."<br/>";

					$this->db->exec($queryToken);

					$status["return"] = 0;
					$status["is_owner"] = $row["is_owner"];
					$status["id"] = $row["id"];
					$status["token"] = $newToken;
				}

				return $status;

			} catch (PDOException $e) {
				echo $e->getMessage();
				$status = createErrorMessage(2, "Errore DB");
				//$status["return"] = 2;
				$status["id"] = -1;
				$status["token"] = "";
				return $status;
			}
		}

		public function logoutUser($user_id) {
			$status = array();
			try {
				$queryToken = "UPDATE utente
								SET token = NULL
								WHERE id=".$user_id;

				$status["return"] = 0;
				return $status;
			} catch (PDOException $e) {
				echo $e->getMessage();
				$status = createErrorMessage(1, "Errore DB");
				//$status["return"] = 1;
				return $status;
			}
		}

		public function facebookLogin($fb_user, $user_email, $fb_token, $username = null) {
			$status = array();

			FacebookSession::setDefaultApplication(
	            '1444964019146825', //$appId
	            '1596f53e44c38ff927a9491ec6bff882' //$appSecret
	        );

	        try {
	        	$session = new FacebookSession($fb_token);
            	$session->validate();

            	if (!isset($session)) {
            		$status = createErrorMessage(1, "Sessione FB non valida");
            		//$status["return"] = 1;
					$status["id"] = -1;
					$status["token"] = "";
					return $status;	
            	}

            	//richiesta alla facebook graph, richiedendo id_utente, nome ed email
	            $request     = new FacebookRequest($session, 'GET', '/me?fields=id,first_name,last_name,email');
	            $response    = $request->execute();
	            $graphObject = $response->getGraphObject();

	            if ($fb_user != $graphObject->getProperty('id')) { //Il token ricevuto non coincide con quello di FB
	            	$status = createErrorMessage(1, "Il token ricevuto non coincide con quello di FB");
	            	//$status["return"] = 1;
					$status["id"] = -1;
					$status["token"] = "";
					return $status;
	            }

	            $u_first_name  = $graphObject->getProperty('first_name');
	            $u_last_name  = $graphObject->getProperty('last_name');
            	$u_email = $graphObject->getProperty('email');

            	$sql = "SELECT id, username FROM utente WHERE email='".$user_email."'";

            	$result = $this->db->query($sql);
				$row = ($result->rowCount()>0) ? $result->fetch() : null;

				if (!is_null($row)) { //utente già esistente

					$sql = "UPDATE utente
							SET nome='".$u_first_name."', cognome='".$u_last_name."', email='".$u_email."', token='".$fb_token."'
							WHERE id=".$row["id"];

					$this->db->exec($sql);
					$status["id"] = $row["id"];
					$status["username"] = $row["username"];

				} else { //creazione nuova utenza

					$sql = "INSERT INTO utente (nome,cognome,email,token,username)
							VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."','".$username."')";

					$this->db->exec($sql);
					$status["id"] = $this->db->lastInsertId();
					$status["username"] = $username;

				}

				$status["return"] = 0;
				$status["token"] = $fb_token;		
                return $status;

	        } catch (Exception $e) {
	        	echo $e->getMessage();
	        	$status = createErrorMessage(1, "Errore DB");
	        	//$status["return"] = 1;
				$status["id"] = -1;
				$status["token"] = "";
				$status["username"] = "";
				return $status;
	        }
		}

		//true se username è disponibile, false altrimenti
		protected function checkUserName($user) {
			$query = "SELECT count(*) from utente WHERE username='".$user->username."'";
			$result = $this->db->query($query);
			return ($result->fetchColumn() == "0");
		}

		//true se email è disponibile, false altrimenti
		protected function checkEmail($user) {
			$query = "SELECT count(*) from utente WHERE email='".$user->email."'";
			$result = $this->db->query($query);
			return ($result->fetchColumn() == "0");
		}

		public function getAvatar($user_id) {
			$status = array();
			try {
				$query = "SELECT avatar FROM utente WHERE id='".$user_id."'";
				$result = $this->db->query($query);
				$row = ($result->rowCount()>0) ? $result->fetch() : null;

				if (!is_null($row)) {
					$status["return"] = 0;
					$status["id"] = $user_id;
					$status["avatar"] = IMAGE_SERVER.AVATAR_PATH.$row["avatar"];
				} else {
					$status = createErrorMessage(1, "User ID non disponibile");
					//$status["return"] = 1;
					$status["id"] = -1;
					$status["avatar"] = "";
				}

				return $status;

			} catch (PDOException $e) {
				echo $e->getMessage();
				$status = createErrorMessage(1, "Errore DB");
				//$status["return"] = 1;
				$status["id"] = -1;
				$status["avatar"] = "";
				return $status;
			}
		}

		public function setAvatar($user_id, $avatar_url) {
			$status = array();

			try {
				$query = "UPDATE utente
							SET avatar='".$avatar_url."'
	    					WHERE id=".$user_id;

	    		//echo "<br/>".$query."<br/>";	

				$this->db->exec($query);
				$status["return"] = 0;
				$status["avatar_name"] = $avatar_url;
				return $status;
			} catch (PDOException $e) {
				echo $e->getMessage();
				$status = createErrorMessage(1, "Errore DB");
				//$status["return"] = 1;
				$status["avatar_name"] = "";
				return $status;
			}
		}

		public function editUser($user) { //$user è l'oggetto Utente
			$status = array();

			try {

				$setString = "";

				if (isset($user->nome) && !is_null($user->nome)) {
					$setString = ($setString == "") ? "nome='".$user->nome."'" : $setString.",nome='".$user->nome."'";
				}

				if (isset($user->cognome) && !is_null($user->cognome)) {
					$setString = ($setString == "") ? "cognome='".$user->cognome."'" : $setString.",cognome='".$user->cognome."'";
				}

				if (isset($user->cell) && !is_null($user->cell)) {
					$setString = ($setString == "") ? "cell='".$user->cell."'" : $setString.",cell='".$user->cell."'";
				}

				if (isset($user->email) && !is_null($user->email)) {
					$setString = ($setString == "") ? "email='".$user->email."'" : $setString.",email='".$user->email."'";
				}

				$query = "UPDATE utente
							SET ".$setString."
	    					WHERE id=".$user->id;

	    		//echo "<br/>".$query."<br/>";	

				$this->db->exec($query);
				$status["return"] = 0;

			} catch (PDOException $e) {
				echo $e->getMessage();
				$status = createErrorMessage(1, "Errore DB");
				//$status["return"] = 1;
				return $status;
			}

			return $status;

		}

		public function deleteUser($user_id) {
			$status = array();
			$query = "UPDATE utente
						SET is_active=0, token=''
						WHERE id=".$user_id;

			try {
				$this->db->exec($query);
				$status["return"] = 0;
				return $status;
			} catch (PDOException $e) {
				echo $e->getMessage();
				$status = createErrorMessage(1, "Errore DB");
				//$status["return"] = 1;
				return $status;
			}
		}

		public function enableUser($user_id) {
			$status = array();
			$query = "UPDATE utente
						SET is_active=1
						WHERE id=".$user_id;

			try {
				$this->db->exec($query);
				$status["return"] = 0;
				return $status;
			} catch (PDOException $e) {
				echo $e->getMessage();
				$status = createErrorMessage(1, "Errore DB");
				//$status["return"] = 1;
				return $status;
			}
		}

	}

?>
Commits for Nextrek/Android/SmartCharging/endPoints/repositories/UserRepository.php

Revision	Author	Commited	Message
579 Diff	FSallustio	Thu 27 Aug, 2015 08:25:11 +0000
510 Diff	FSallustio	Thu 20 Aug, 2015 12:50:58 +0000	Merge ramo stable con la nightly.
507	FSallustio	Thu 20 Aug, 2015 07:51:22 +0000	Merge ramo stable con la nightly.
History View complete history Commits RSS feed for /Android/SmartCharging/endPoints/repositories/UserRepository.php
Need assistance? Get in touch, or head to our documentation site.
URLs

Nextrek / Android / SmartCharging / endPoints / repositories / UserRepository.php

Commits for Nextrek/Android/SmartCharging/endPoints/repositories/UserRepository.php
