Nextrek
Subversion Repository Public Repository

Nextrek

URLs

Copy to Clipboard
Explore
Commits

Diff Revisions 711 vs 714 for /Android/SmartCharging/endPoints/nightly/repositories/UserRepository.php

Diff revisions: vs.
  @@ -27,7 +27,6 @@
27 27 $stmt = $conn->prepare($queryToken);
28 28 $stmt->bindParam(':token', $token);
29 29 $result = $stmt->execute();
30 -
31 30 return ($stmt->rowCount()>0);
32 31 } catch (PDOException $e) {
33 32 echo $e->getMessage();
  @@ -91,14 +90,22 @@
91 90 $status = array();
92 91
93 92 try {
94 - $query = "SELECT id, password, email, is_owner FROM utente WHERE username='".$username."' AND is_active=1";
93 + //$query = "SELECT id, password, email, is_owner FROM utente WHERE username='".$username."' AND is_active=1";
94 +
95 + $query = "SELECT id, password, email, is_owner FROM utente WHERE username=:username AND is_active=1";
95 96
96 97 if ($is_admin) {
97 98 $query = $query." AND is_admin=1";
98 99 }
99 100
100 - $result = $this->db->query($query);
101 - $row = ($result->rowCount()>0) ? $result->fetch() : null;
101 + $stmt = $this->db->prepare($query);
102 + $stmt->bindParam(':username', $username);
103 + $result = $stmt->execute();
104 +
105 + /*$result = $this->db->query($query);
106 + $row = ($result->rowCount()>0) ? $result->fetch() : null;*/
107 +
108 + $row = ($stmt->rowCount()>0) ? $stmt->fetch() : null;
102 109
103 110 if (is_null($row)) {
104 111 $status = createErrorMessage(1, "Username non valido");
  @@ -114,13 +121,20 @@
114 121 //$newToken = sha1($row["email"].session_id().time());
115 122 $newToken = sha1($username.session_id().time());
116 123
117 - $queryToken = "UPDATE utente
124 + /*$queryToken = "UPDATE utente
118 125 SET token='".$newToken."'
119 - WHERE id=".$row["id"];
126 + WHERE id=".$row["id"];*/
120 127
121 128 //echo "<br/>".$queryToken."<br/>";
122 129
123 - $this->db->exec($queryToken);
130 + $queryToken = "UPDATE utente SET token=:token WHERE id=:id";
131 +
132 + //$this->db->exec($queryToken);
133 +
134 + $stmt = $this->db->prepare($queryToken);
135 + $stmt->bindParam(':token', $newToken);
136 + $stmt->bindParam(':id', $row["id"]);
137 + $stmt->execute();
124 138
125 139 $status["return"] = 0;
126 140 $status["is_owner"] = $row["is_owner"];
  @@ -143,13 +157,19 @@
143 157 public function logoutUser($user_id) {
144 158 $status = array();
145 159 try {
146 - $queryToken = "UPDATE utente
160 + /*$queryToken = "UPDATE utente
147 161 SET token = ''
148 - WHERE id=".$user_id;
162 + WHERE id=".$user_id;*/
149 163
150 164 //echo "<br/>".$queryToken."<br/>";
151 165
152 - $this->db->exec($queryToken);
166 + $queryToken = "UPDATE utente SET token='' WHERE id=:id";
167 +
168 + //$this->db->exec($queryToken);
169 +
170 + $stmt = $this->db->prepare($queryToken);
171 + $stmt->bindParam(':id', $user_id);
172 + $stmt->execute();
153 173
154 174 $status["return"] = 0;
155 175 return $status;
  @@ -198,18 +218,36 @@
198 218 $u_last_name = $graphObject->getProperty('last_name');
199 219 $u_email = $graphObject->getProperty('email');
200 220
201 - $sql = "SELECT id, username FROM utente WHERE email='".$user_email."'";
221 + //$sql = "SELECT id, username FROM utente WHERE email='".$user_email."'";
222 + $sql = "SELECT id, username FROM utente WHERE email=:email";
223 +
224 + //$result = $this->db->query($sql);
202 225
203 - $result = $this->db->query($sql);
204 - $row = ($result->rowCount()>0) ? $result->fetch() : null;
226 + $stmt = $this->db->prepare($sql);
227 + $stmt->bindParam(':email', $user_email);
228 + $stmt->execute();
229 +
230 + $row = ($stmt->rowCount()>0) ? $stmt->fetch() : null;
205 231
206 232 if (!is_null($row)) { //utente già esistente
207 233
208 - $sql = "UPDATE utente
234 + /*$sql = "UPDATE utente
209 235 SET nome='".$u_first_name."', cognome='".$u_last_name."', email='".$u_email."', token='".$fb_token."'
210 - WHERE id=".$row["id"];
236 + WHERE id=".$row["id"];*/
237 +
238 + $sql = "UPDATE utente
239 + SET nome=:nome, cognome=:cognome, email=:email, token=:token
240 + WHERE id=:id";
241 +
242 + $stmt = $this->db->prepare($sql);
243 + $stmt->bindParam(':nome', $u_first_name);
244 + $stmt->bindParam(':cognome', $u_last_name);
245 + $stmt->bindParam(':email', $u_email);
246 + $stmt->bindParam(':token', $fb_token);
247 + $stmt->bindParam(':id', $row["id"]);
248 + $stmt->execute();
211 249
212 - $this->db->exec($sql);
250 + //$this->db->exec($sql);
213 251 $status["id"] = $row["id"];
214 252 $status["username"] = $row["username"];
215 253
  @@ -225,12 +263,24 @@
225 263 fputs($file, $fb_avatar_data);
226 264 fclose($file);
227 265
228 - $sql = "INSERT INTO utente (nome,cognome,email,token,username,avatar)
229 - VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."','".$username."','".$image_filename."')";
266 + /*$sql = "INSERT INTO utente (nome,cognome,email,token,username,avatar)
267 + VALUES ('".$u_first_name."','".$u_last_name."','".$u_email."','".$fb_token."','".$username."','".$image_filename."')";*/
230 268
231 269 //echo "<br/>".$sql."<br/>";
232 270
233 - $this->db->exec($sql);
271 + $sql = "INSERT INTO utente (nome,cognome,email,token,username,avatar)
272 + VALUES (:nome,:cognome,:email,:token,:username,:avatar)";
273 +
274 + $stmt = $this->db->prepare($sql);
275 + $stmt->bindParam(':nome', $u_first_name);
276 + $stmt->bindParam(':cognome', $u_last_name);
277 + $stmt->bindParam(':email', $u_email);
278 + $stmt->bindParam(':token', $fb_token);
279 + $stmt->bindParam(':username', $username);
280 + $stmt->bindParam(':avatar', $image_filename);
281 + $stmt->execute();
282 +
283 + //$this->db->exec($sql);
234 284 $status["id"] = $this->db->lastInsertId();
235 285 $status["username"] = $username;
236 286

View View this file contents

History View the full history

Feeds

Commits for /Android/SmartCharging/endPoints/nightly/repositories/UserRepository.php

Need assistance?   Get in touch, or head to our documentation site.