Last active
February 4, 2018 15:00
-
-
Save arvindsvt/beef5a622759c33b55c9686e8e495786 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* DB Class | |
* This class is used for database related (connect, insert, update, and delete) operations | |
* with PHP Data Objects (PDO) | |
*/ | |
class DB{ | |
private $dbHost = "localhost"; | |
private $dbUsername = "root"; | |
private $dbPassword = ""; | |
private $dbName = "codexworld"; | |
public function __construct(){ | |
if(!isset($this->db)){ | |
// Connect to the database | |
try{ | |
$conn = new PDO("mysql:host=".$this->dbHost.";dbname=".$this->dbName, $this->dbUsername, $this->dbPassword); | |
$conn -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); | |
$this->db = $conn; | |
}catch(PDOException $e){ | |
die("Failed to connect with MySQL: " . $e->getMessage()); | |
} | |
} | |
} | |
/* | |
* Returns rows from the database based on the conditions | |
* @param string name of the table | |
* @param array select, where, order_by, limit and return_type conditions | |
*/ | |
public function getRows($table,$conditions = array()){ | |
$sql = 'SELECT '; | |
$sql .= array_key_exists("select",$conditions)?$conditions['select']:'*'; | |
$sql .= ' FROM '.$table; | |
if(array_key_exists("where",$conditions)){ | |
$sql .= ' WHERE '; | |
$i = 0; | |
foreach($conditions['where'] as $key => $value){ | |
$pre = ($i > 0)?' AND ':''; | |
$sql .= $pre.$key." = '".$value."'"; | |
$i++; | |
} | |
} | |
if(array_key_exists("order_by",$conditions)){ | |
$sql .= ' ORDER BY '.$conditions['order_by']; | |
} | |
if(array_key_exists("start",$conditions) && array_key_exists("limit",$conditions)){ | |
$sql .= ' LIMIT '.$conditions['start'].','.$conditions['limit']; | |
}elseif(!array_key_exists("start",$conditions) && array_key_exists("limit",$conditions)){ | |
$sql .= ' LIMIT '.$conditions['limit']; | |
} | |
$query = $this->db->prepare($sql); | |
$query->execute(); | |
if(array_key_exists("return_type",$conditions) && $conditions['return_type'] != 'all'){ | |
switch($conditions['return_type']){ | |
case 'count': | |
$data = $query->rowCount(); | |
break; | |
case 'single': | |
$data = $query->fetch(PDO::FETCH_ASSOC); | |
break; | |
default: | |
$data = ''; | |
} | |
}else{ | |
if($query->rowCount() > 0){ | |
$data = $query->fetchAll(); | |
} | |
} | |
return !empty($data)?$data:false; | |
} | |
/* | |
* Insert data into the database | |
* @param string name of the table | |
* @param array the data for inserting into the table | |
*/ | |
public function insert($table,$data){ | |
if(!empty($data) && is_array($data)){ | |
$columns = ''; | |
$values = ''; | |
$i = 0; | |
if(!array_key_exists('created',$data)){ | |
$data['created'] = date("Y-m-d H:i:s"); | |
} | |
if(!array_key_exists('modified',$data)){ | |
$data['modified'] = date("Y-m-d H:i:s"); | |
} | |
$columnString = implode(',', array_keys($data)); | |
$valueString = ":".implode(',:', array_keys($data)); | |
$sql = "INSERT INTO ".$table." (".$columnString.") VALUES (".$valueString.")"; | |
$query = $this->db->prepare($sql); | |
foreach($data as $key=>$val){ | |
$query->bindValue(':'.$key, $val); | |
} | |
$insert = $query->execute(); | |
return $insert?$this->db->lastInsertId():false; | |
}else{ | |
return false; | |
} | |
} | |
/* | |
* Update data into the database | |
* @param string name of the table | |
* @param array the data for updating into the table | |
* @param array where condition on updating data | |
*/ | |
public function update($table,$data,$conditions){ | |
if(!empty($data) && is_array($data)){ | |
$colvalSet = ''; | |
$whereSql = ''; | |
$i = 0; | |
if(!array_key_exists('modified',$data)){ | |
$data['modified'] = date("Y-m-d H:i:s"); | |
} | |
foreach($data as $key=>$val){ | |
$pre = ($i > 0)?', ':''; | |
$colvalSet .= $pre.$key."='".$val."'"; | |
$i++; | |
} | |
if(!empty($conditions)&& is_array($conditions)){ | |
$whereSql .= ' WHERE '; | |
$i = 0; | |
foreach($conditions as $key => $value){ | |
$pre = ($i > 0)?' AND ':''; | |
$whereSql .= $pre.$key." = '".$value."'"; | |
$i++; | |
} | |
} | |
$sql = "UPDATE ".$table." SET ".$colvalSet.$whereSql; | |
$query = $this->db->prepare($sql); | |
$update = $query->execute(); | |
return $update?$query->rowCount():false; | |
}else{ | |
return false; | |
} | |
} | |
/* | |
* Delete data from the database | |
* @param string name of the table | |
* @param array where condition on deleting data | |
*/ | |
public function delete($table,$conditions){ | |
$whereSql = ''; | |
if(!empty($conditions)&& is_array($conditions)){ | |
$whereSql .= ' WHERE '; | |
$i = 0; | |
foreach($conditions as $key => $value){ | |
$pre = ($i > 0)?' AND ':''; | |
$whereSql .= $pre.$key." = '".$value."'"; | |
$i++; | |
} | |
} | |
$sql = "DELETE FROM ".$table.$whereSql; | |
$delete = $this->db->exec($sql); | |
return $delete?$delete:false; | |
} | |
} | |
action.php (insert, update, delete records) | |
This file handles the requests coming from the HTML page using DB class. Based on the request, user data would add, update, delete to the database. Here the code is executed based on the action_type. action_type would be three types, add, edit, and delete. The following operations can happen based on the action_type. | |
add insert the record in the database, status message store into the session and return to the list page. | |
edit updates the record in the database status message store into the session and return to the list page. | |
delete deletes the record from the database status message store into the session and return to the list page. | |
<?php | |
session_start(); | |
include 'DB.php'; | |
$db = new DB(); | |
$tblName = 'pdo_users'; | |
if(isset($_REQUEST['action_type']) && !empty($_REQUEST['action_type'])){ | |
if($_REQUEST['action_type'] == 'add'){ | |
$userData = array( | |
'name' => $_POST['name'], | |
'email' => $_POST['email'], | |
'phone' => $_POST['phone'] | |
); | |
$insert = $db->insert($tblName,$userData); | |
$statusMsg = $insert?'User data has been inserted successfully.':'Some problem occurred, please try again.'; | |
$_SESSION['statusMsg'] = $statusMsg; | |
header("Location:index.php"); | |
}elseif($_REQUEST['action_type'] == 'edit'){ | |
if(!empty($_POST['id'])){ | |
$userData = array( | |
'name' => $_POST['name'], | |
'email' => $_POST['email'], | |
'phone' => $_POST['phone'] | |
); | |
$condition = array('id' => $_POST['id']); | |
$update = $db->update($tblName,$userData,$condition); | |
$statusMsg = $update?'User data has been updated successfully.':'Some problem occurred, please try again.'; | |
$_SESSION['statusMsg'] = $statusMsg; | |
header("Location:index.php"); | |
} | |
}elseif($_REQUEST['action_type'] == 'delete'){ | |
if(!empty($_GET['id'])){ | |
$condition = array('id' => $_GET['id']); | |
$delete = $db->delete($tblName,$condition); | |
$statusMsg = $delete?'User data has been deleted successfully.':'Some problem occurred, please try again.'; | |
$_SESSION['statusMsg'] = $statusMsg; | |
header("Location:index.php"); | |
} | |
} | |
} | |
<?php | |
session_start(); | |
/* | |
Process will contain methods like | |
1 - Check validation and existence of email in our database | |
2 - Insertion of Record | |
3 - Send Action link to user email Address | |
4 - Selection of Record | |
*/ | |
//Add databse page | |
include "db.php"; | |
class Process extends Database | |
{ | |
public function verify_email($table,$email){ | |
$regexp = "/^[a-z0-9_-]+(\.[a-z0-9_-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/"; | |
if(!preg_match($regexp,$email)){ | |
return "invalid_email"; | |
} | |
//Check email already exists or not | |
$sql = "SELECT id FROM ".$table." WHERE u_email = '$email' LIMIT 1"; | |
$query = mysqli_query($this->con,$sql); | |
$count = mysqli_num_rows($query); | |
if($count == 1){ | |
return "already_exists"; | |
}else{ | |
return "ok"; | |
} | |
} | |
public function insert_record($table,$input){ | |
$sql = ""; | |
$sql .= "INSERT INTO ".$table." "; | |
$sql .= "(".implode(",",array_keys($input)).") VALUES "; | |
$sql .= "('".implode("','", array_values($input))."')"; | |
$query = mysqli_query($this->con,$sql); | |
$last_id = mysqli_insert_id($this->con); | |
if($query){ | |
return $last_id; | |
} | |
} | |
public function send_activation_code($email,$act_code,$uid){ | |
$to = $email; | |
$subject = 'Activation Link from Webscript.info'; | |
$from = '[email protected]';//Its not valid email Address | |
// To send HTML mail, the Content-type header must be set | |
$headers = 'MIME-Version: 1.0' . "\r\n"; | |
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; | |
// Create email headers | |
$headers .= 'From: '.$from."\r\n". | |
'Reply-To: '.$from."\r\n" . | |
'X-Mailer: PHP/' . phpversion(); | |
// Compose a simple HTML email message | |
$message = '<html><body>'; | |
$message .= '<h1 style="color:#f40;">Hi '.$email.'</h1>'; | |
$message .= '<p style="color:#333;font-size:14px;font-family:san-serif,Arial;">Please Click on given link to activate your account</p>'; | |
$message .= "<a href='http://www.webscript.info/register_login/activation_code.php?ACTIVATION_CODE=".$act_code."&uid=".$uid."&ue=".$email."'>Click here</a>"; | |
$message .= '</body></html>'; | |
// Sending email | |
if(mail($to, $subject, $message, $headers)){ | |
return true; | |
} else{ | |
return false; | |
} | |
} | |
public function select_record($table,$where_condition){ | |
$sql = ""; | |
$condition = ""; | |
$array = array(); | |
foreach ($where_condition as $key => $value) { | |
$condition .= $key . "='".$value."' AND "; | |
} | |
$condition = substr($condition, 0,-5); | |
$sql .= "SELECT * FROM ".$table." WHERE ".$condition; | |
$query = mysqli_query($this->con,$sql); | |
while ($row = mysqli_fetch_array($query)) { | |
$array = $row; | |
} | |
return $array; | |
} | |
} | |
$obj = new Process; | |
if(isset($_POST["check_email"])){ | |
$email = $_POST["email"]; | |
echo $data = $obj->verify_email("user_info",$email); | |
exit(); | |
} | |
if(isset($_POST["u_email"])){ | |
if (empty($_POST["gender"]) || empty($_POST["lang"])) { | |
echo "empty_fields"; | |
exit(); | |
} | |
$name = preg_replace("#[^A-Za-z ]#i", "", $_POST["name"]); | |
$data = $obj->verify_email("user_info",$_POST["u_email"]); | |
if($data == "already_exists"){ | |
echo "Email Already Exists"; | |
exit(); | |
}else{ | |
$email = $_POST["u_email"]; | |
} | |
$gender = preg_replace("#[^a-z]#i", "", $_POST["gender"]); | |
$country = preg_replace("#[^A-Za-z ]#i", "", $_POST["u_country"]); | |
$lang = $_POST["lang"]; | |
$count = COUNT($lang); | |
$languages = ""; | |
for($i=0;$i<$count;$i++){ | |
$languages .= $lang[$i].","; | |
} | |
$languages = substr($languages, 0, -1); | |
$languages = preg_replace("#[^A-Za-z,]#i", "", $languages); | |
$password = $_POST["password"]; | |
$repassword = $_POST["repassword"]; | |
//Start Validation from here | |
if(empty($name) || empty($password) || empty($languages) || empty($country)){ | |
echo "empty_fields"; | |
exit(); | |
} | |
if(strlen($password) < 9){ | |
echo "password_short"; | |
exit(); | |
} | |
if($password != $repassword){ | |
echo "not_same"; | |
exit(); | |
}else{ | |
//Hash Password | |
$options = ["COST" => 12]; | |
$hash_password = password_hash($password,PASSWORD_DEFAULT,$options); | |
} | |
$signup_date = date("Y-m-d H:i:s"); | |
$act_code = time().md5($email).rand(50000,1000000); | |
$act_code = str_shuffle($act_code); | |
$user = array("u_name"=>$name,"u_email"=>$email,"gender"=>$gender,"languages"=>$languages,"country"=>$country,"password"=>$hash_password,"signup_date"=>$signup_date,"last_login"=>$signup_date,"act_code"=>$act_code,"activated"=>"0"); | |
$id = $obj->insert_record("user_info",$user); | |
if($id){ | |
//[email protected] | |
$username = explode("@", $email); | |
$userdir = $username[0]; | |
if(!file_exists("user/$userdir".$id)){ | |
mkdir("user/$userdir".$id,0755); | |
} | |
if ($obj->send_activation_code($email,$act_code,$id)) { | |
echo "email_send_success"; | |
exit(); | |
} | |
} | |
} | |
//User Login Process | |
if (isset($_POST["log_email"]) AND isset($_POST["log_password"])) { | |
$data = $obj->verify_email("user_info",$_POST["log_email"]); | |
if($data == "ok"){ | |
echo "not_exists"; | |
exit(); | |
}else if($data == "invalid_email"){ | |
echo "invalid_email"; | |
exit(); | |
}else if($data == "already_exists"){ | |
$email = array("u_email"=>$_POST["log_email"]); | |
$row = $obj->select_record("user_info",$email); | |
$activated = $row["activated"]; | |
if($activated == '1'){ | |
if(password_verify($_POST["log_password"],$row["password"])){ | |
//Session Variables | |
$_SESSION["name"] = $row["u_name"]; | |
$_SESSION["id"] = $row["id"]; | |
$_SESSION["email"] = $row["u_email"]; | |
$_SESSION["password"] = $row["password"]; | |
//Cookies | |
setcookie("id",$row["id"],strtotime("+1 day"),"/","","",TRUE); | |
setcookie("name",$row["u_name"],strtotime("+1 day"),"/","","",TRUE); | |
setcookie("email",$row["u_email"],strtotime("+1 day"),"/","","",TRUE); | |
setcookie("p",$row["password"],strtotime("+1 day"),"/","","",TRUE); | |
echo "login_success"; | |
exit(); | |
} | |
}else if ($activated == '0'){ | |
echo "Please verify your email Address"; | |
exit(); | |
} | |
} | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment