|
@@ -1,6 +1,7 @@ |
1 |
1 |
|
<?php |
2 |
2 |
|
require_once('UserRepositoryInterface.php'); |
3 |
3 |
|
require_once(dirname(__FILE__)."/../constants.php"); |
|
4 |
+ |
require_once(dirname(__FILE__)."/../utilities.php"); |
4 |
5 |
|
define('FACEBOOK_SDK_V4_SRC_DIR', dirname(__FILE__).'/../fb_SDK/src/Facebook/'); |
5 |
6 |
|
require_once(dirname(__FILE__)."/../fb_SDK/autoload.php"); |
6 |
7 |
|
use Facebook\FacebookSession; |
|
@@ -36,16 +37,18 @@ |
36 |
37 |
|
|
37 |
38 |
|
try { |
38 |
39 |
|
|
39 |
|
- |
if (!$this->checkUserName($user)) { |
|
40 |
+ |
if (!$this->checkUserName($user)) { //username già registrato |
|
41 |
+ |
$status = createErrorMessage(1, "Username già registrato"); |
40 |
42 |
|
$status["id"] = -1; |
41 |
|
- |
$status["return"] = 1; //username già registrato |
|
43 |
+ |
$status["return"] = 1; |
42 |
44 |
|
$status["token"] = ""; |
43 |
45 |
|
return $status; |
44 |
46 |
|
} |
45 |
47 |
|
|
46 |
|
- |
if (!$this->checkEmail($user)) { |
|
48 |
+ |
if (!$this->checkEmail($user)) { //email già registrata |
|
49 |
+ |
$status = createErrorMessage(2, "Email già registrata"); |
47 |
50 |
|
$status["id"] = -1; |
48 |
|
- |
$status["return"] = 2; //email già registrata |
|
51 |
+ |
//$status["return"] = 2; |
49 |
52 |
|
$status["token"] = ""; |
50 |
53 |
|
return $status; |
51 |
54 |
|
} |
|
@@ -72,23 +75,39 @@ |
72 |
75 |
|
//echo "New record created successfully"; |
73 |
76 |
|
} catch (PDOException $e) { |
74 |
77 |
|
echo $e->getMessage(); |
|
78 |
+ |
$status = createErrorMessage(3, "Errore DB"); |
75 |
79 |
|
$status["id"] = -1; |
76 |
|
- |
$status["return"] = 3; |
|
80 |
+ |
//$status["return"] = 3; |
77 |
81 |
|
$status["token"] = ""; |
78 |
82 |
|
return $status; |
79 |
83 |
|
} |
80 |
84 |
|
|
81 |
85 |
|
} |
82 |
86 |
|
|
83 |
|
- |
public function loginUser($username, $password) { |
|
87 |
+ |
public function loginUser($username, $password, $is_admin) { |
84 |
88 |
|
$status = array(); |
85 |
89 |
|
|
86 |
90 |
|
try { |
87 |
|
- |
$query = "SELECT id, password, email FROM utente WHERE username='".$username."'"; |
|
91 |
+ |
$query = "SELECT id, password, email, is_owner FROM utente WHERE username='".$username."' AND is_active=1"; |
|
92 |
+ |
|
|
93 |
+ |
if ($is_admin) { |
|
94 |
+ |
$query = $query." AND is_admin=1"; |
|
95 |
+ |
} |
|
96 |
+ |
|
88 |
97 |
|
$result = $this->db->query($query); |
89 |
98 |
|
$row = ($result->rowCount()>0) ? $result->fetch() : null; |
90 |
99 |
|
|
91 |
|
- |
if (!is_null($row) && password_verify($password, $row["password"])) { |
|
100 |
+ |
if (is_null($row)) { |
|
101 |
+ |
$status = createErrorMessage(1, "Username non valido"); |
|
102 |
+ |
//$status["return"] = 1; |
|
103 |
+ |
$status["id"] = -1; |
|
104 |
+ |
$status["token"] = ""; |
|
105 |
+ |
} else if (!password_verify($password, $row["password"])) { |
|
106 |
+ |
$status = createErrorMessage(1, "Password non valida"); |
|
107 |
+ |
//$status["return"] = 1; |
|
108 |
+ |
$status["id"] = -1; |
|
109 |
+ |
$status["token"] = ""; |
|
110 |
+ |
} else { |
92 |
111 |
|
//$newToken = sha1($row["email"].session_id().time()); |
93 |
112 |
|
$newToken = sha1($username.session_id().time()); |
94 |
113 |
|
|
|
@@ -101,19 +120,17 @@ |
101 |
120 |
|
$this->db->exec($queryToken); |
102 |
121 |
|
|
103 |
122 |
|
$status["return"] = 0; |
|
123 |
+ |
$status["is_owner"] = $row["is_owner"]; |
104 |
124 |
|
$status["id"] = $row["id"]; |
105 |
125 |
|
$status["token"] = $newToken; |
106 |
|
- |
} else { |
107 |
|
- |
$status["return"] = 1; |
108 |
|
- |
$status["id"] = -1; |
109 |
|
- |
$status["token"] = ""; |
110 |
126 |
|
} |
111 |
127 |
|
|
112 |
128 |
|
return $status; |
113 |
129 |
|
|
114 |
130 |
|
} catch (PDOException $e) { |
115 |
131 |
|
echo $e->getMessage(); |
116 |
|
- |
$status["return"] = 2; |
|
132 |
+ |
$status = createErrorMessage(2, "Errore DB"); |
|
133 |
+ |
//$status["return"] = 2; |
117 |
134 |
|
$status["id"] = -1; |
118 |
135 |
|
$status["token"] = ""; |
119 |
136 |
|
return $status; |
|
@@ -131,12 +148,13 @@ |
131 |
148 |
|
return $status; |
132 |
149 |
|
} catch (PDOException $e) { |
133 |
150 |
|
echo $e->getMessage(); |
134 |
|
- |
$status["return"] = 1; |
|
151 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
152 |
+ |
//$status["return"] = 1; |
135 |
153 |
|
return $status; |
136 |
154 |
|
} |
137 |
155 |
|
} |
138 |
156 |
|
|
139 |
|
- |
public function facebookLogin($fb_user, $user_email, $fb_token) { |
|
157 |
+ |
public function facebookLogin($fb_user, $user_email, $fb_token, $username = null) { |
140 |
158 |
|
$status = array(); |
141 |
159 |
|
|
142 |
160 |
|
FacebookSession::setDefaultApplication( |
|
@@ -149,7 +167,8 @@ |
149 |
167 |
|
$session->validate(); |
150 |
168 |
|
|
151 |
169 |
|
if (!isset($session)) { |
152 |
|
- |
$status["return"] = 1; |
|
170 |
+ |
$status = createErrorMessage(1, "Sessione FB non valida"); |
|
171 |
+ |
//$status["return"] = 1; |
153 |
172 |
|
$status["id"] = -1; |
154 |
173 |
|
$status["token"] = ""; |
155 |
174 |
|
return $status; |
|
@@ -160,8 +179,9 @@ |
160 |
179 |
|
$response = $request->execute(); |
161 |
180 |
|
$graphObject = $response->getGraphObject(); |
162 |
181 |
|
|
163 |
|
- |
if ($obj->user_id != $graphObject->getProperty('id')) { //Il token ricevuto non coincide con quello di FB |
164 |
|
- |
$status["return"] = 1; |
|
182 |
+ |
if ($fb_user != $graphObject->getProperty('id')) { //Il token ricevuto non coincide con quello di FB |
|
183 |
+ |
$status = createErrorMessage(1, "Il token ricevuto non coincide con quello di FB"); |
|
184 |
+ |
//$status["return"] = 1; |
165 |
185 |
|
$status["id"] = -1; |
166 |
186 |
|
$status["token"] = ""; |
167 |
187 |
|
return $status; |
|
@@ -171,7 +191,7 @@ |
171 |
191 |
|
$u_last_name = $graphObject->getProperty('last_name'); |
172 |
192 |
|
$u_email = $graphObject->getProperty('email'); |
173 |
193 |
|
|
174 |
|
- |
$sql = "SELECT id FROM utente WHERE email='".$user_email."'"; |
|
194 |
+ |
$sql = "SELECT id, username FROM utente WHERE email='".$user_email."'"; |
175 |
195 |
|
|
176 |
196 |
|
$result = $this->db->query($sql); |
177 |
197 |
|
$row = ($result->rowCount()>0) ? $result->fetch() : null; |
|
@@ -184,14 +204,16 @@ |
184 |
204 |
|
|
185 |
205 |
|
$this->db->exec($sql); |
186 |
206 |
|
$status["id"] = $row["id"]; |
|
207 |
+ |
$status["username"] = $row["username"]; |
187 |
208 |
|
|
188 |
209 |
|
} else { //creazione nuova utenza |
189 |
210 |
|
|
190 |
|
- |
$sql = "INSERT INTO users (nome,cognome,email,token) |
191 |
|
- |
VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."')"; |
|
211 |
+ |
$sql = "INSERT INTO utente (nome,cognome,email,token,username) |
|
212 |
+ |
VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."','".$username."')"; |
192 |
213 |
|
|
193 |
|
- |
$this->db->exec($query); |
|
214 |
+ |
$this->db->exec($sql); |
194 |
215 |
|
$status["id"] = $this->db->lastInsertId(); |
|
216 |
+ |
$status["username"] = $username; |
195 |
217 |
|
|
196 |
218 |
|
} |
197 |
219 |
|
|
|
@@ -201,9 +223,11 @@ |
201 |
223 |
|
|
202 |
224 |
|
} catch (Exception $e) { |
203 |
225 |
|
echo $e->getMessage(); |
204 |
|
- |
$status["return"] = 1; |
|
226 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
227 |
+ |
//$status["return"] = 1; |
205 |
228 |
|
$status["id"] = -1; |
206 |
229 |
|
$status["token"] = ""; |
|
230 |
+ |
$status["username"] = ""; |
207 |
231 |
|
return $status; |
208 |
232 |
|
} |
209 |
233 |
|
} |
|
@@ -232,9 +256,10 @@ |
232 |
256 |
|
if (!is_null($row)) { |
233 |
257 |
|
$status["return"] = 0; |
234 |
258 |
|
$status["id"] = $user_id; |
235 |
|
- |
$status["avatar"] = AVATAR_PATH.$row["avatar"]; |
|
259 |
+ |
$status["avatar"] = IMAGE_SERVER.AVATAR_PATH.$row["avatar"]; |
236 |
260 |
|
} else { |
237 |
|
- |
$status["return"] = 1; |
|
261 |
+ |
$status = createErrorMessage(1, "User ID non disponibile"); |
|
262 |
+ |
//$status["return"] = 1; |
238 |
263 |
|
$status["id"] = -1; |
239 |
264 |
|
$status["avatar"] = ""; |
240 |
265 |
|
} |
|
@@ -243,7 +268,8 @@ |
243 |
268 |
|
|
244 |
269 |
|
} catch (PDOException $e) { |
245 |
270 |
|
echo $e->getMessage(); |
246 |
|
- |
$status["return"] = 1; |
|
271 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
272 |
+ |
//$status["return"] = 1; |
247 |
273 |
|
$status["id"] = -1; |
248 |
274 |
|
$status["avatar"] = ""; |
249 |
275 |
|
return $status; |
|
@@ -266,7 +292,8 @@ |
266 |
292 |
|
return $status; |
267 |
293 |
|
} catch (PDOException $e) { |
268 |
294 |
|
echo $e->getMessage(); |
269 |
|
- |
$status["return"] = 1; |
|
295 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
296 |
+ |
//$status["return"] = 1; |
270 |
297 |
|
$status["avatar_name"] = ""; |
271 |
298 |
|
return $status; |
272 |
299 |
|
} |
|
@@ -306,7 +333,8 @@ |
306 |
333 |
|
|
307 |
334 |
|
} catch (PDOException $e) { |
308 |
335 |
|
echo $e->getMessage(); |
309 |
|
- |
$status["return"] = 1; |
|
336 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
337 |
+ |
//$status["return"] = 1; |
310 |
338 |
|
return $status; |
311 |
339 |
|
} |
312 |
340 |
|
|
|
@@ -314,6 +342,42 @@ |
314 |
342 |
|
|
315 |
343 |
|
} |
316 |
344 |
|
|
|
345 |
+ |
public function deleteUser($user_id) { |
|
346 |
+ |
$status = array(); |
|
347 |
+ |
$query = "UPDATE utente |
|
348 |
+ |
SET is_active=0, token='' |
|
349 |
+ |
WHERE id=".$user_id; |
|
350 |
+ |
|
|
351 |
+ |
try { |
|
352 |
+ |
$this->db->exec($query); |
|
353 |
+ |
$status["return"] = 0; |
|
354 |
+ |
return $status; |
|
355 |
+ |
} catch (PDOException $e) { |
|
356 |
+ |
echo $e->getMessage(); |
|
357 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
358 |
+ |
//$status["return"] = 1; |
|
359 |
+ |
return $status; |
|
360 |
+ |
} |
|
361 |
+ |
} |
|
362 |
+ |
|
|
363 |
+ |
public function enableUser($user_id) { |
|
364 |
+ |
$status = array(); |
|
365 |
+ |
$query = "UPDATE utente |
|
366 |
+ |
SET is_active=1 |
|
367 |
+ |
WHERE id=".$user_id; |
|
368 |
+ |
|
|
369 |
+ |
try { |
|
370 |
+ |
$this->db->exec($query); |
|
371 |
+ |
$status["return"] = 0; |
|
372 |
+ |
return $status; |
|
373 |
+ |
} catch (PDOException $e) { |
|
374 |
+ |
echo $e->getMessage(); |
|
375 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
|
376 |
+ |
//$status["return"] = 1; |
|
377 |
+ |
return $status; |
|
378 |
+ |
} |
|
379 |
+ |
} |
|
380 |
+ |
|
317 |
381 |
|
} |
318 |
382 |
|
|
319 |
383 |
|
?> |