| |
@@ -1,6 +1,7 @@ |
| 1 |
1 |
|
<?php |
| 2 |
2 |
|
require_once('UserRepositoryInterface.php'); |
| 3 |
3 |
|
require_once(dirname(__FILE__)."/../constants.php"); |
| |
4 |
+ |
require_once(dirname(__FILE__)."/../utilities.php"); |
| 4 |
5 |
|
define('FACEBOOK_SDK_V4_SRC_DIR', dirname(__FILE__).'/../fb_SDK/src/Facebook/'); |
| 5 |
6 |
|
require_once(dirname(__FILE__)."/../fb_SDK/autoload.php"); |
| 6 |
7 |
|
use Facebook\FacebookSession; |
| |
@@ -36,16 +37,18 @@ |
| 36 |
37 |
|
|
| 37 |
38 |
|
try { |
| 38 |
39 |
|
|
| 39 |
|
- |
if (!$this->checkUserName($user)) { |
| |
40 |
+ |
if (!$this->checkUserName($user)) { //username già registrato |
| |
41 |
+ |
$status = createErrorMessage(1, "Username già registrato"); |
| 40 |
42 |
|
$status["id"] = -1; |
| 41 |
|
- |
$status["return"] = 1; //username già registrato |
| |
43 |
+ |
$status["return"] = 1; |
| 42 |
44 |
|
$status["token"] = ""; |
| 43 |
45 |
|
return $status; |
| 44 |
46 |
|
} |
| 45 |
47 |
|
|
| 46 |
|
- |
if (!$this->checkEmail($user)) { |
| |
48 |
+ |
if (!$this->checkEmail($user)) { //email già registrata |
| |
49 |
+ |
$status = createErrorMessage(2, "Email già registrata"); |
| 47 |
50 |
|
$status["id"] = -1; |
| 48 |
|
- |
$status["return"] = 2; //email già registrata |
| |
51 |
+ |
//$status["return"] = 2; |
| 49 |
52 |
|
$status["token"] = ""; |
| 50 |
53 |
|
return $status; |
| 51 |
54 |
|
} |
| |
@@ -72,23 +75,39 @@ |
| 72 |
75 |
|
//echo "New record created successfully"; |
| 73 |
76 |
|
} catch (PDOException $e) { |
| 74 |
77 |
|
echo $e->getMessage(); |
| |
78 |
+ |
$status = createErrorMessage(3, "Errore DB"); |
| 75 |
79 |
|
$status["id"] = -1; |
| 76 |
|
- |
$status["return"] = 3; |
| |
80 |
+ |
//$status["return"] = 3; |
| 77 |
81 |
|
$status["token"] = ""; |
| 78 |
82 |
|
return $status; |
| 79 |
83 |
|
} |
| 80 |
84 |
|
|
| 81 |
85 |
|
} |
| 82 |
86 |
|
|
| 83 |
|
- |
public function loginUser($username, $password) { |
| |
87 |
+ |
public function loginUser($username, $password, $is_admin) { |
| 84 |
88 |
|
$status = array(); |
| 85 |
89 |
|
|
| 86 |
90 |
|
try { |
| 87 |
|
- |
$query = "SELECT id, password, email FROM utente WHERE username='".$username."'"; |
| |
91 |
+ |
$query = "SELECT id, password, email, is_owner FROM utente WHERE username='".$username."' AND is_active=1"; |
| |
92 |
+ |
|
| |
93 |
+ |
if ($is_admin) { |
| |
94 |
+ |
$query = $query." AND is_admin=1"; |
| |
95 |
+ |
} |
| |
96 |
+ |
|
| 88 |
97 |
|
$result = $this->db->query($query); |
| 89 |
98 |
|
$row = ($result->rowCount()>0) ? $result->fetch() : null; |
| 90 |
99 |
|
|
| 91 |
|
- |
if (!is_null($row) && password_verify($password, $row["password"])) { |
| |
100 |
+ |
if (is_null($row)) { |
| |
101 |
+ |
$status = createErrorMessage(1, "Username non valido"); |
| |
102 |
+ |
//$status["return"] = 1; |
| |
103 |
+ |
$status["id"] = -1; |
| |
104 |
+ |
$status["token"] = ""; |
| |
105 |
+ |
} else if (!password_verify($password, $row["password"])) { |
| |
106 |
+ |
$status = createErrorMessage(1, "Password non valida"); |
| |
107 |
+ |
//$status["return"] = 1; |
| |
108 |
+ |
$status["id"] = -1; |
| |
109 |
+ |
$status["token"] = ""; |
| |
110 |
+ |
} else { |
| 92 |
111 |
|
//$newToken = sha1($row["email"].session_id().time()); |
| 93 |
112 |
|
$newToken = sha1($username.session_id().time()); |
| 94 |
113 |
|
|
| |
@@ -101,19 +120,17 @@ |
| 101 |
120 |
|
$this->db->exec($queryToken); |
| 102 |
121 |
|
|
| 103 |
122 |
|
$status["return"] = 0; |
| |
123 |
+ |
$status["is_owner"] = $row["is_owner"]; |
| 104 |
124 |
|
$status["id"] = $row["id"]; |
| 105 |
125 |
|
$status["token"] = $newToken; |
| 106 |
|
- |
} else { |
| 107 |
|
- |
$status["return"] = 1; |
| 108 |
|
- |
$status["id"] = -1; |
| 109 |
|
- |
$status["token"] = ""; |
| 110 |
126 |
|
} |
| 111 |
127 |
|
|
| 112 |
128 |
|
return $status; |
| 113 |
129 |
|
|
| 114 |
130 |
|
} catch (PDOException $e) { |
| 115 |
131 |
|
echo $e->getMessage(); |
| 116 |
|
- |
$status["return"] = 2; |
| |
132 |
+ |
$status = createErrorMessage(2, "Errore DB"); |
| |
133 |
+ |
//$status["return"] = 2; |
| 117 |
134 |
|
$status["id"] = -1; |
| 118 |
135 |
|
$status["token"] = ""; |
| 119 |
136 |
|
return $status; |
| |
@@ -131,12 +148,13 @@ |
| 131 |
148 |
|
return $status; |
| 132 |
149 |
|
} catch (PDOException $e) { |
| 133 |
150 |
|
echo $e->getMessage(); |
| 134 |
|
- |
$status["return"] = 1; |
| |
151 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
| |
152 |
+ |
//$status["return"] = 1; |
| 135 |
153 |
|
return $status; |
| 136 |
154 |
|
} |
| 137 |
155 |
|
} |
| 138 |
156 |
|
|
| 139 |
|
- |
public function facebookLogin($fb_user, $user_email, $fb_token) { |
| |
157 |
+ |
public function facebookLogin($fb_user, $user_email, $fb_token, $username = null) { |
| 140 |
158 |
|
$status = array(); |
| 141 |
159 |
|
|
| 142 |
160 |
|
FacebookSession::setDefaultApplication( |
| |
@@ -149,7 +167,8 @@ |
| 149 |
167 |
|
$session->validate(); |
| 150 |
168 |
|
|
| 151 |
169 |
|
if (!isset($session)) { |
| 152 |
|
- |
$status["return"] = 1; |
| |
170 |
+ |
$status = createErrorMessage(1, "Sessione FB non valida"); |
| |
171 |
+ |
//$status["return"] = 1; |
| 153 |
172 |
|
$status["id"] = -1; |
| 154 |
173 |
|
$status["token"] = ""; |
| 155 |
174 |
|
return $status; |
| |
@@ -160,8 +179,9 @@ |
| 160 |
179 |
|
$response = $request->execute(); |
| 161 |
180 |
|
$graphObject = $response->getGraphObject(); |
| 162 |
181 |
|
|
| 163 |
|
- |
if ($obj->user_id != $graphObject->getProperty('id')) { //Il token ricevuto non coincide con quello di FB |
| 164 |
|
- |
$status["return"] = 1; |
| |
182 |
+ |
if ($fb_user != $graphObject->getProperty('id')) { //Il token ricevuto non coincide con quello di FB |
| |
183 |
+ |
$status = createErrorMessage(1, "Il token ricevuto non coincide con quello di FB"); |
| |
184 |
+ |
//$status["return"] = 1; |
| 165 |
185 |
|
$status["id"] = -1; |
| 166 |
186 |
|
$status["token"] = ""; |
| 167 |
187 |
|
return $status; |
| |
@@ -171,7 +191,7 @@ |
| 171 |
191 |
|
$u_last_name = $graphObject->getProperty('last_name'); |
| 172 |
192 |
|
$u_email = $graphObject->getProperty('email'); |
| 173 |
193 |
|
|
| 174 |
|
- |
$sql = "SELECT id FROM utente WHERE email='".$user_email."'"; |
| |
194 |
+ |
$sql = "SELECT id, username FROM utente WHERE email='".$user_email."'"; |
| 175 |
195 |
|
|
| 176 |
196 |
|
$result = $this->db->query($sql); |
| 177 |
197 |
|
$row = ($result->rowCount()>0) ? $result->fetch() : null; |
| |
@@ -184,14 +204,16 @@ |
| 184 |
204 |
|
|
| 185 |
205 |
|
$this->db->exec($sql); |
| 186 |
206 |
|
$status["id"] = $row["id"]; |
| |
207 |
+ |
$status["username"] = $row["username"]; |
| 187 |
208 |
|
|
| 188 |
209 |
|
} else { //creazione nuova utenza |
| 189 |
210 |
|
|
| 190 |
|
- |
$sql = "INSERT INTO users (nome,cognome,email,token) |
| 191 |
|
- |
VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."')"; |
| |
211 |
+ |
$sql = "INSERT INTO utente (nome,cognome,email,token,username) |
| |
212 |
+ |
VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."','".$username."')"; |
| 192 |
213 |
|
|
| 193 |
|
- |
$this->db->exec($query); |
| |
214 |
+ |
$this->db->exec($sql); |
| 194 |
215 |
|
$status["id"] = $this->db->lastInsertId(); |
| |
216 |
+ |
$status["username"] = $username; |
| 195 |
217 |
|
|
| 196 |
218 |
|
} |
| 197 |
219 |
|
|
| |
@@ -201,9 +223,11 @@ |
| 201 |
223 |
|
|
| 202 |
224 |
|
} catch (Exception $e) { |
| 203 |
225 |
|
echo $e->getMessage(); |
| 204 |
|
- |
$status["return"] = 1; |
| |
226 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
| |
227 |
+ |
//$status["return"] = 1; |
| 205 |
228 |
|
$status["id"] = -1; |
| 206 |
229 |
|
$status["token"] = ""; |
| |
230 |
+ |
$status["username"] = ""; |
| 207 |
231 |
|
return $status; |
| 208 |
232 |
|
} |
| 209 |
233 |
|
} |
| |
@@ -232,9 +256,10 @@ |
| 232 |
256 |
|
if (!is_null($row)) { |
| 233 |
257 |
|
$status["return"] = 0; |
| 234 |
258 |
|
$status["id"] = $user_id; |
| 235 |
|
- |
$status["avatar"] = AVATAR_PATH.$row["avatar"]; |
| |
259 |
+ |
$status["avatar"] = IMAGE_SERVER.AVATAR_PATH.$row["avatar"]; |
| 236 |
260 |
|
} else { |
| 237 |
|
- |
$status["return"] = 1; |
| |
261 |
+ |
$status = createErrorMessage(1, "User ID non disponibile"); |
| |
262 |
+ |
//$status["return"] = 1; |
| 238 |
263 |
|
$status["id"] = -1; |
| 239 |
264 |
|
$status["avatar"] = ""; |
| 240 |
265 |
|
} |
| |
@@ -243,7 +268,8 @@ |
| 243 |
268 |
|
|
| 244 |
269 |
|
} catch (PDOException $e) { |
| 245 |
270 |
|
echo $e->getMessage(); |
| 246 |
|
- |
$status["return"] = 1; |
| |
271 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
| |
272 |
+ |
//$status["return"] = 1; |
| 247 |
273 |
|
$status["id"] = -1; |
| 248 |
274 |
|
$status["avatar"] = ""; |
| 249 |
275 |
|
return $status; |
| |
@@ -266,7 +292,8 @@ |
| 266 |
292 |
|
return $status; |
| 267 |
293 |
|
} catch (PDOException $e) { |
| 268 |
294 |
|
echo $e->getMessage(); |
| 269 |
|
- |
$status["return"] = 1; |
| |
295 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
| |
296 |
+ |
//$status["return"] = 1; |
| 270 |
297 |
|
$status["avatar_name"] = ""; |
| 271 |
298 |
|
return $status; |
| 272 |
299 |
|
} |
| |
@@ -306,7 +333,8 @@ |
| 306 |
333 |
|
|
| 307 |
334 |
|
} catch (PDOException $e) { |
| 308 |
335 |
|
echo $e->getMessage(); |
| 309 |
|
- |
$status["return"] = 1; |
| |
336 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
| |
337 |
+ |
//$status["return"] = 1; |
| 310 |
338 |
|
return $status; |
| 311 |
339 |
|
} |
| 312 |
340 |
|
|
| |
@@ -314,6 +342,42 @@ |
| 314 |
342 |
|
|
| 315 |
343 |
|
} |
| 316 |
344 |
|
|
| |
345 |
+ |
public function deleteUser($user_id) { |
| |
346 |
+ |
$status = array(); |
| |
347 |
+ |
$query = "UPDATE utente |
| |
348 |
+ |
SET is_active=0, token='' |
| |
349 |
+ |
WHERE id=".$user_id; |
| |
350 |
+ |
|
| |
351 |
+ |
try { |
| |
352 |
+ |
$this->db->exec($query); |
| |
353 |
+ |
$status["return"] = 0; |
| |
354 |
+ |
return $status; |
| |
355 |
+ |
} catch (PDOException $e) { |
| |
356 |
+ |
echo $e->getMessage(); |
| |
357 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
| |
358 |
+ |
//$status["return"] = 1; |
| |
359 |
+ |
return $status; |
| |
360 |
+ |
} |
| |
361 |
+ |
} |
| |
362 |
+ |
|
| |
363 |
+ |
public function enableUser($user_id) { |
| |
364 |
+ |
$status = array(); |
| |
365 |
+ |
$query = "UPDATE utente |
| |
366 |
+ |
SET is_active=1 |
| |
367 |
+ |
WHERE id=".$user_id; |
| |
368 |
+ |
|
| |
369 |
+ |
try { |
| |
370 |
+ |
$this->db->exec($query); |
| |
371 |
+ |
$status["return"] = 0; |
| |
372 |
+ |
return $status; |
| |
373 |
+ |
} catch (PDOException $e) { |
| |
374 |
+ |
echo $e->getMessage(); |
| |
375 |
+ |
$status = createErrorMessage(1, "Errore DB"); |
| |
376 |
+ |
//$status["return"] = 1; |
| |
377 |
+ |
return $status; |
| |
378 |
+ |
} |
| |
379 |
+ |
} |
| |
380 |
+ |
|
| 317 |
381 |
|
} |
| 318 |
382 |
|
|
| 319 |
383 |
|
?> |
View this file contents
View the full history
Commits for