Nextrek
Subversion Repository Public Repository

Nextrek

URLs

Copy to Clipboard
Explore
Commits

Diff Revisions 714 vs 716 for /Android/SmartCharging/endPoints/nightly/repositories/UserRepository.php

Diff revisions: vs.
  @@ -58,18 +58,33 @@
58 58 $hashedPwd = password_hash($password, PASSWORD_DEFAULT);
59 59 $newToken = sha1($user->username.session_id().time());
60 60
61 - $query = "INSERT INTO utente(username, password, nome, cognome, cell, email, token)
61 + /*$query = "INSERT INTO utente(username, password, nome, cognome, cell, email, token)
62 62 VALUES ('".$user->username."',
63 63 '".$hashedPwd."',
64 64 '".$user->nome."',
65 65 '".$user->cognome."',
66 66 '".$user->cell."',
67 67 '".$user->email."',
68 - '".$newToken."')";
68 + '".$newToken."')";*/
69 69
70 - //echo "<br/>".$query."<br/>";
70 + //echo "<br/>".$query."<br/>";
71 +
72 + $query = "INSERT INTO utente(username, password, nome, cognome, cell, email, token)
73 + VALUES (:username, :password, :nome, :cognome, :cell, :email, :token)";
74 +
75 + $stmt = $this->db->prepare($query);
71 76
72 - $this->db->exec($query);
77 + $stmt->bindParam(':username', $user->username);
78 + $stmt->bindParam(':password', $hashedPwd);
79 + $stmt->bindParam(':nome', $user->nome);
80 + $stmt->bindParam(':cognome', $user->cognome);
81 + $stmt->bindParam(':cell', $user->cell);
82 + $stmt->bindParam(':email', $user->email);
83 + $stmt->bindParam(':token', $newToken);
84 +
85 + $result = $stmt->execute();
86 +
87 + //$this->db->exec($query);
73 88 $status["id"] = $this->db->lastInsertId();
74 89 $status["return"] = 0;
75 90 $status["token"] = $newToken;
  @@ -318,9 +333,15 @@
318 333 public function getAvatar($user_id) {
319 334 $status = array();
320 335 try {
321 - $query = "SELECT avatar FROM utente WHERE id='".$user_id."'";
322 - $result = $this->db->query($query);
323 - $row = ($result->rowCount()>0) ? $result->fetch() : null;
336 + //$query = "SELECT avatar FROM utente WHERE id='".$user_id."'";
337 + $query = "SELECT avatar FROM utente WHERE id=:id";
338 +
339 + $stmt = $this->db->prepare($query);
340 + $stmt->bindParam(':id', $user_id);
341 + $result = $stmt->execute();
342 +
343 + //$result = $this->db->query($query);
344 + $row = ($stmt->rowCount()>0) ? $stmt->fetch() : null;
324 345
325 346 if (!is_null($row)) {
326 347 $status["return"] = 0;
  @@ -349,13 +370,20 @@
349 370 $status = array();
350 371
351 372 try {
352 - $query = "UPDATE utente
373 + /*$query = "UPDATE utente
353 374 SET avatar='".$avatar_url."'
354 - WHERE id=".$user_id;
375 + WHERE id=".$user_id;*/
376 +
377 + //echo "<br/>".$query."<br/>";
355 378
356 - //echo "<br/>".$query."<br/>";
379 + $query = "UPDATE utente SET avatar=:avatar WHERE id=:id";
380 +
381 + $stmt = $this->db->prepare($query);
382 + $stmt->bindParam(':avatar', $avatar_url);
383 + $stmt->bindParam(':id', $user_id);
384 + $stmt->execute();
357 385
358 - $this->db->exec($query);
386 + //$this->db->exec($query);
359 387 $status["return"] = 0;
360 388 $status["avatar_name"] = $avatar_url;
361 389 return $status;
  @@ -370,34 +398,53 @@
370 398
371 399 public function editUser($user) { //$user è l'oggetto Utente
372 400 $status = array();
401 + $array_params = array();
373 402
374 403 try {
375 404
376 405 $setString = "";
377 406
378 407 if (isset($user->nome) && !is_null($user->nome)) {
379 - $setString = ($setString == "") ? "nome='".$user->nome."'" : $setString.",nome='".$user->nome."'";
408 + //$setString = ($setString == "") ? "nome='".$user->nome."'" : $setString.",nome='".$user->nome."'";
409 + $setString = ($setString == "") ? "nome=:nome" : $setString.",nome=:nome";
410 + $array_params[":nome"] = $user->nome;
380 411 }
381 412
382 413 if (isset($user->cognome) && !is_null($user->cognome)) {
383 - $setString = ($setString == "") ? "cognome='".$user->cognome."'" : $setString.",cognome='".$user->cognome."'";
414 + //$setString = ($setString == "") ? "cognome='".$user->cognome."'" : $setString.",cognome='".$user->cognome."'";
415 + $setString = ($setString == "") ? "cognome=:cognome" : $setString.",cognome=:cognome";
416 + $array_params[":cognome"] = $user->cognome;
384 417 }
385 418
386 419 if (isset($user->cell) && !is_null($user->cell)) {
387 - $setString = ($setString == "") ? "cell='".$user->cell."'" : $setString.",cell='".$user->cell."'";
420 + //$setString = ($setString == "") ? "cell='".$user->cell."'" : $setString.",cell='".$user->cell."'";
421 + $setString = ($setString == "") ? "cell=:cell" : $setString.",cell=:cell";
422 + $array_params[":cell"] = $user->cell;
388 423 }
389 424
390 425 if (isset($user->email) && !is_null($user->email)) {
391 - $setString = ($setString == "") ? "email='".$user->email."'" : $setString.",email='".$user->email."'";
426 + //$setString = ($setString == "") ? "email='".$user->email."'" : $setString.",email='".$user->email."'";
427 + $setString = ($setString == "") ? "email=:email" : $setString.",email=:email";
428 + $array_params[":email"] = $user->email;
392 429 }
393 430
394 - $query = "UPDATE utente
431 + /*$query = "UPDATE utente
432 + SET ".$setString."
433 + WHERE id=".$user->id;*/
434 +
435 + //echo "<br/>".$query."<br/>";
436 +
437 + //$this->db->exec($query);
438 +
439 + $query = "UPDATE utente
395 440 SET ".$setString."
396 - WHERE id=".$user->id;
441 + WHERE id=:id";
442 +
443 + $array_params[":id"] = $user->id;
397 444
398 - //echo "<br/>".$query."<br/>";
445 + $stmt = $this->db->prepare($query);
446 + $stmt->execute($array_params);
399 447
400 - $this->db->exec($query);
401 448 $status["return"] = 0;
402 449
403 450 } catch (PDOException $e) {
  @@ -413,12 +460,21 @@
413 460
414 461 public function deleteUser($user_id) {
415 462 $status = array();
463 + /*$query = "UPDATE utente,locale
464 + SET utente.is_active=0, utente.token='', locale.hidden=1
465 + WHERE utente.id=".$user_id." AND locale.id_utente_owner=".$user_id;*/
466 +
416 467 $query = "UPDATE utente,locale
417 468 SET utente.is_active=0, utente.token='', locale.hidden=1
418 - WHERE utente.id=".$user_id." AND locale.id_utente_owner=".$user_id;
469 + WHERE utente.id=:id_utente AND locale.id_utente_owner=:id_utente_owner";
419 470
420 471 try {
421 - $this->db->exec($query);
472 + $stmt = $this->db->prepare($query);
473 + $stmt->bindParam(':id_utente', $user_id);
474 + $stmt->bindParam(':id_utente_owner', $user_id);
475 + $stmt->execute();
476 +
477 + //$this->db->exec($query);
422 478 $status["return"] = 0;
423 479 return $status;
424 480 } catch (PDOException $e) {
  @@ -431,12 +487,21 @@
431 487
432 488 public function enableUser($user_id) {
433 489 $status = array();
490 + /*$query = "UPDATE utente,locale
491 + SET utente.is_active=1, locale.hidden=0
492 + WHERE utente.id=".$user_id." AND locale.id_utente_owner=".$user_id;*/
493 +
434 494 $query = "UPDATE utente,locale
435 495 SET utente.is_active=1, locale.hidden=0
436 - WHERE utente.id=".$user_id." AND locale.id_utente_owner=".$user_id;
496 + WHERE utente.id=:id_utente AND locale.id_utente_owner=:id_utente_owner";
437 497
438 498 try {
439 - $this->db->exec($query);
499 + $stmt = $this->db->prepare($query);
500 + $stmt->bindParam(':id_utente', $user_id);
501 + $stmt->bindParam(':id_utente_owner', $user_id);
502 + $stmt->execute();
503 +
504 + //$this->db->exec($query);
440 505 $status["return"] = 0;
441 506 return $status;
442 507 } catch (PDOException $e) {

View View this file contents

History View the full history

Feeds

Commits for /Android/SmartCharging/endPoints/nightly/repositories/UserRepository.php

Need assistance?   Get in touch, or head to our documentation site.