Subversion Repository Public Repository

Nextrek

Diff Revisions 510 vs 579 for /Android/SmartCharging/endPoints/repositories/UserRepository.php

Diff revisions: vs.
  @@ -1,6 +1,7 @@
1 1 <?php
2 2 require_once('UserRepositoryInterface.php');
3 3 require_once(dirname(__FILE__)."/../constants.php");
4 + require_once(dirname(__FILE__)."/../utilities.php");
4 5 define('FACEBOOK_SDK_V4_SRC_DIR', dirname(__FILE__).'/../fb_SDK/src/Facebook/');
5 6 require_once(dirname(__FILE__)."/../fb_SDK/autoload.php");
6 7 use Facebook\FacebookSession;
  @@ -36,16 +37,18 @@
36 37
37 38 try {
38 39
39 - if (!$this->checkUserName($user)) {
40 + if (!$this->checkUserName($user)) { //username già registrato
41 + $status = createErrorMessage(1, "Username già registrato");
40 42 $status["id"] = -1;
41 - $status["return"] = 1; //username già registrato
43 + $status["return"] = 1;
42 44 $status["token"] = "";
43 45 return $status;
44 46 }
45 47
46 - if (!$this->checkEmail($user)) {
48 + if (!$this->checkEmail($user)) { //email già registrata
49 + $status = createErrorMessage(2, "Email già registrata");
47 50 $status["id"] = -1;
48 - $status["return"] = 2; //email già registrata
51 + //$status["return"] = 2;
49 52 $status["token"] = "";
50 53 return $status;
51 54 }
  @@ -72,23 +75,39 @@
72 75 //echo "New record created successfully";
73 76 } catch (PDOException $e) {
74 77 echo $e->getMessage();
78 + $status = createErrorMessage(3, "Errore DB");
75 79 $status["id"] = -1;
76 - $status["return"] = 3;
80 + //$status["return"] = 3;
77 81 $status["token"] = "";
78 82 return $status;
79 83 }
80 84
81 85 }
82 86
83 - public function loginUser($username, $password) {
87 + public function loginUser($username, $password, $is_admin) {
84 88 $status = array();
85 89
86 90 try {
87 - $query = "SELECT id, password, email FROM utente WHERE username='".$username."'";
91 + $query = "SELECT id, password, email, is_owner FROM utente WHERE username='".$username."' AND is_active=1";
92 +
93 + if ($is_admin) {
94 + $query = $query." AND is_admin=1";
95 + }
96 +
88 97 $result = $this->db->query($query);
89 98 $row = ($result->rowCount()>0) ? $result->fetch() : null;
90 99
91 - if (!is_null($row) && password_verify($password, $row["password"])) {
100 + if (is_null($row)) {
101 + $status = createErrorMessage(1, "Username non valido");
102 + //$status["return"] = 1;
103 + $status["id"] = -1;
104 + $status["token"] = "";
105 + } else if (!password_verify($password, $row["password"])) {
106 + $status = createErrorMessage(1, "Password non valida");
107 + //$status["return"] = 1;
108 + $status["id"] = -1;
109 + $status["token"] = "";
110 + } else {
92 111 //$newToken = sha1($row["email"].session_id().time());
93 112 $newToken = sha1($username.session_id().time());
94 113
  @@ -101,19 +120,17 @@
101 120 $this->db->exec($queryToken);
102 121
103 122 $status["return"] = 0;
123 + $status["is_owner"] = $row["is_owner"];
104 124 $status["id"] = $row["id"];
105 125 $status["token"] = $newToken;
106 - } else {
107 - $status["return"] = 1;
108 - $status["id"] = -1;
109 - $status["token"] = "";
110 126 }
111 127
112 128 return $status;
113 129
114 130 } catch (PDOException $e) {
115 131 echo $e->getMessage();
116 - $status["return"] = 2;
132 + $status = createErrorMessage(2, "Errore DB");
133 + //$status["return"] = 2;
117 134 $status["id"] = -1;
118 135 $status["token"] = "";
119 136 return $status;
  @@ -131,12 +148,13 @@
131 148 return $status;
132 149 } catch (PDOException $e) {
133 150 echo $e->getMessage();
134 - $status["return"] = 1;
151 + $status = createErrorMessage(1, "Errore DB");
152 + //$status["return"] = 1;
135 153 return $status;
136 154 }
137 155 }
138 156
139 - public function facebookLogin($fb_user, $user_email, $fb_token) {
157 + public function facebookLogin($fb_user, $user_email, $fb_token, $username = null) {
140 158 $status = array();
141 159
142 160 FacebookSession::setDefaultApplication(
  @@ -149,7 +167,8 @@
149 167 $session->validate();
150 168
151 169 if (!isset($session)) {
152 - $status["return"] = 1;
170 + $status = createErrorMessage(1, "Sessione FB non valida");
171 + //$status["return"] = 1;
153 172 $status["id"] = -1;
154 173 $status["token"] = "";
155 174 return $status;
  @@ -160,8 +179,9 @@
160 179 $response = $request->execute();
161 180 $graphObject = $response->getGraphObject();
162 181
163 - if ($obj->user_id != $graphObject->getProperty('id')) { //Il token ricevuto non coincide con quello di FB
164 - $status["return"] = 1;
182 + if ($fb_user != $graphObject->getProperty('id')) { //Il token ricevuto non coincide con quello di FB
183 + $status = createErrorMessage(1, "Il token ricevuto non coincide con quello di FB");
184 + //$status["return"] = 1;
165 185 $status["id"] = -1;
166 186 $status["token"] = "";
167 187 return $status;
  @@ -171,7 +191,7 @@
171 191 $u_last_name = $graphObject->getProperty('last_name');
172 192 $u_email = $graphObject->getProperty('email');
173 193
174 - $sql = "SELECT id FROM utente WHERE email='".$user_email."'";
194 + $sql = "SELECT id, username FROM utente WHERE email='".$user_email."'";
175 195
176 196 $result = $this->db->query($sql);
177 197 $row = ($result->rowCount()>0) ? $result->fetch() : null;
  @@ -184,14 +204,16 @@
184 204
185 205 $this->db->exec($sql);
186 206 $status["id"] = $row["id"];
207 + $status["username"] = $row["username"];
187 208
188 209 } else { //creazione nuova utenza
189 210
190 - $sql = "INSERT INTO users (nome,cognome,email,token)
191 - VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."')";
211 + $sql = "INSERT INTO utente (nome,cognome,email,token,username)
212 + VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."','".$username."')";
192 213
193 - $this->db->exec($query);
214 + $this->db->exec($sql);
194 215 $status["id"] = $this->db->lastInsertId();
216 + $status["username"] = $username;
195 217
196 218 }
197 219
  @@ -201,9 +223,11 @@
201 223
202 224 } catch (Exception $e) {
203 225 echo $e->getMessage();
204 - $status["return"] = 1;
226 + $status = createErrorMessage(1, "Errore DB");
227 + //$status["return"] = 1;
205 228 $status["id"] = -1;
206 229 $status["token"] = "";
230 + $status["username"] = "";
207 231 return $status;
208 232 }
209 233 }
  @@ -232,9 +256,10 @@
232 256 if (!is_null($row)) {
233 257 $status["return"] = 0;
234 258 $status["id"] = $user_id;
235 - $status["avatar"] = AVATAR_PATH.$row["avatar"];
259 + $status["avatar"] = IMAGE_SERVER.AVATAR_PATH.$row["avatar"];
236 260 } else {
237 - $status["return"] = 1;
261 + $status = createErrorMessage(1, "User ID non disponibile");
262 + //$status["return"] = 1;
238 263 $status["id"] = -1;
239 264 $status["avatar"] = "";
240 265 }
  @@ -243,7 +268,8 @@
243 268
244 269 } catch (PDOException $e) {
245 270 echo $e->getMessage();
246 - $status["return"] = 1;
271 + $status = createErrorMessage(1, "Errore DB");
272 + //$status["return"] = 1;
247 273 $status["id"] = -1;
248 274 $status["avatar"] = "";
249 275 return $status;
  @@ -266,7 +292,8 @@
266 292 return $status;
267 293 } catch (PDOException $e) {
268 294 echo $e->getMessage();
269 - $status["return"] = 1;
295 + $status = createErrorMessage(1, "Errore DB");
296 + //$status["return"] = 1;
270 297 $status["avatar_name"] = "";
271 298 return $status;
272 299 }
  @@ -306,7 +333,8 @@
306 333
307 334 } catch (PDOException $e) {
308 335 echo $e->getMessage();
309 - $status["return"] = 1;
336 + $status = createErrorMessage(1, "Errore DB");
337 + //$status["return"] = 1;
310 338 return $status;
311 339 }
312 340
  @@ -314,6 +342,42 @@
314 342
315 343 }
316 344
345 + public function deleteUser($user_id) {
346 + $status = array();
347 + $query = "UPDATE utente
348 + SET is_active=0, token=''
349 + WHERE id=".$user_id;
350 +
351 + try {
352 + $this->db->exec($query);
353 + $status["return"] = 0;
354 + return $status;
355 + } catch (PDOException $e) {
356 + echo $e->getMessage();
357 + $status = createErrorMessage(1, "Errore DB");
358 + //$status["return"] = 1;
359 + return $status;
360 + }
361 + }
362 +
363 + public function enableUser($user_id) {
364 + $status = array();
365 + $query = "UPDATE utente
366 + SET is_active=1
367 + WHERE id=".$user_id;
368 +
369 + try {
370 + $this->db->exec($query);
371 + $status["return"] = 0;
372 + return $status;
373 + } catch (PDOException $e) {
374 + echo $e->getMessage();
375 + $status = createErrorMessage(1, "Errore DB");
376 + //$status["return"] = 1;
377 + return $status;
378 + }
379 + }
380 +
317 381 }
318 382
319 383 ?>