Auth bugfixes
This commit is contained in:
parent
d99272b525
commit
d5f4cf6ff5
|
@ -8,23 +8,36 @@ class Auth{
|
||||||
|
|
||||||
private $pdo;
|
private $pdo;
|
||||||
|
|
||||||
|
private $dbhost;
|
||||||
|
private $dbname;
|
||||||
|
private $dbuser;
|
||||||
|
private $dbpass;
|
||||||
/**
|
/**
|
||||||
* Constructor method to initialize the database connection and start the session
|
* Constructor method to initialize the database connection and start the session
|
||||||
*/
|
*/
|
||||||
|
|
||||||
public function __construct($host, $dbname, $username, $password){
|
public function __construct(){
|
||||||
$dsn = "mysql:host=$host;dbname=$dbname;charset=utf8mb4";
|
global $db_config;
|
||||||
|
$this->dbhost = $db_config['DB_HOST'];
|
||||||
|
$this->dbname = $db_config['DB_NAME'];
|
||||||
|
$this->dbuser = $db_config['DB_USERNAME'];
|
||||||
|
$this->dbpass = $db_config['DB_PASSWORD'];
|
||||||
|
|
||||||
|
$dsn = "mysql:host=$this->dbhost;dbname=$this->dbname;charset=utf8mb4";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Instantiate the PDO object with the DSN, username, and password, and set attributes.
|
* Instantiate the PDO object with the DSN, username, and password, and set attributes.
|
||||||
* Then start a new session
|
* Then start a new session
|
||||||
*/
|
*/
|
||||||
|
|
||||||
$this->pdo = new PDO($dsn, $username. $password, [
|
$this->pdo = new PDO($dsn, $this->dbuser, $this->dbpass, [
|
||||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||||
]);
|
]);
|
||||||
|
|
||||||
|
if($_SESSION){
|
||||||
|
session_destroy();
|
||||||
|
}
|
||||||
session_start();
|
session_start();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -33,7 +46,7 @@ class Auth{
|
||||||
*/
|
*/
|
||||||
|
|
||||||
public function login($username, $password){
|
public function login($username, $password){
|
||||||
$sql = "SELECT * FROM users WHERE username = :username or email = :email LIMIT 1";
|
$query = "SELECT * FROM users WHERE email = :username LIMIT 1";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Prepare the SQL query for execution.
|
* Prepare the SQL query for execution.
|
||||||
|
@ -43,8 +56,7 @@ class Auth{
|
||||||
|
|
||||||
$query = $this->pdo->prepare($query);
|
$query = $this->pdo->prepare($query);
|
||||||
$query->execute([
|
$query->execute([
|
||||||
":username" => $username,
|
":username" => $username
|
||||||
":password" => $password
|
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$user = $query->fetch();
|
$user = $query->fetch();
|
||||||
|
@ -58,7 +70,8 @@ class Auth{
|
||||||
|
|
||||||
if($user && password_verify($password, $user['password'])){
|
if($user && password_verify($password, $user['password'])){
|
||||||
$_SESSION['user_id'] = $user['id'];
|
$_SESSION['user_id'] = $user['id'];
|
||||||
$_SESSION['username'] = $user['username'];
|
$_SESSION['name'] = $user['name'];
|
||||||
|
$_SESSION['email'] = $user['email'];
|
||||||
$_SESSION['token'] = bin2hex(random_bytes(32));
|
$_SESSION['token'] = bin2hex(random_bytes(32));
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
|
Loading…
Reference in New Issue