Skip to content
Snippets Groups Projects
Commit 1604f011 authored by PhilippeBajoit's avatar PhilippeBajoit
Browse files

use closeCursor()

parent c07e6d13
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 37 additions and 26 deletions
api/persistency.php
+ 37
26
View file @ 1604f011
<?php
$pdo = null;
$cost = ["cost" => 12];
$PDO = null;
$COST = ["cost" => 12];
/**
* @return void
*/
function initialize_db(): void
{
global $pdo;
$pdo = new PDO('sqlite:_286827163ab1.db');
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
global $PDO;
$PDO = new PDO('sqlite:_286827163ab1.db');
$PDO->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$q = "CREATE TABLE IF NOT EXISTS users("
. "email TEXT PRIMARY KEY NOT NULL, "
......@@ -17,7 +17,7 @@ function initialize_db(): void
. "firstname TEXT NOT NULL, lastname TEXT NOT NULL, "
. "is_active INTEGER DEFAULT 0 NOT NULL, "
. "password TEXT NOT NULL, public_key TEXT)";
$pdo->exec($q);
$PDO->exec($q);
}
/**
......@@ -35,11 +35,11 @@ function create_user(array $data): array
delete_user($email);
// create user
global $pdo;
global $PDO;
$uuid = uuid_v4();
/** @var PDOStatement $stm */
$stm = $pdo->prepare('INSERT INTO users(user_id, email, firstname, lastname, password) ' .
$stm = $PDO->prepare('INSERT INTO users(user_id, email, firstname, lastname, password) ' .
'VALUES(:uuid, :email, :firstname, :lastname, :password)');
$stm->bindValue(':uuid', $uuid);
$stm->bindValue(':email', $data['email']);
......@@ -48,6 +48,7 @@ function create_user(array $data): array
$stm->bindValue(':password', password_hash($data['password'],
PASSWORD_DEFAULT, ["cost" => 12]));
$stm->execute();
$stm->closeCursor();
// prepare register email
$registration = "https://" . $_SERVER['HTTP_HOST'] . "/app?register&uuid=" . $uuid;
......@@ -70,12 +71,15 @@ function create_user(array $data): array
*/
function get_user_by_uuid($uuid): mixed
{
global $pdo;
global $PDO;
/** @var PDOStatement $stm */
$stm = $pdo->prepare('SELECT * FROM users WHERE user_id = :uuid');
$stm = $PDO->prepare('SELECT * FROM users WHERE user_id = :uuid');
$stm->bindValue(':uuid', $uuid);
$stm->execute();
return $stm->fetch(PDO::FETCH_ASSOC);
$data = $stm->fetch(PDO::FETCH_ASSOC);
$stm->closeCursor();
return $data;
}
/**
......@@ -85,13 +89,16 @@ function get_user_by_uuid($uuid): mixed
*/
function get_user($email, $is_active): mixed
{
global $pdo;
global $PDO;
/** @var PDOStatement $stm */
$stm = $pdo->prepare('SELECT * FROM users WHERE email = :email AND is_active = :is_active');
$stm = $PDO->prepare('SELECT * FROM users WHERE email = :email AND is_active = :is_active');
$stm->bindValue(':email', $email);
$stm->bindValue(':is_active', $is_active);
$stm->execute();
return $stm->fetch(PDO::FETCH_ASSOC);
$data = $stm->fetch(PDO::FETCH_ASSOC);
$stm->closeCursor();
return $data;
}
/**
......@@ -124,8 +131,8 @@ function login_user(array $data): array
}
if ($success) {
global $cost;
if (password_needs_rehash($user['password'], PASSWORD_DEFAULT, $cost)) {
global $COST;
if (password_needs_rehash($user['password'], PASSWORD_DEFAULT, $COST)) {
password_change($email, $data);
}
user_to_token($user);
......@@ -149,14 +156,15 @@ function update_user($email, array $data): array
$user = get_user($email, 1);
if ($user) {
global $pdo;
global $PDO;
/** @var PDOStatement $stm */
$stm = $pdo->prepare('UPDATE users ' .
$stm = $PDO->prepare('UPDATE users ' .
'SET firstname = :firstname, lastname = :lastname WHERE email = :email');
$stm->bindValue(':email', $email);
$stm->bindValue(':firstname', $data['firstname']);
$stm->bindValue(':lastname', $data['lastname']);
$stm->execute();
$stm->closeCursor();
} else {
$result['status'] = 404;
$result['error'] = "User does not exist or is not registered.";
......@@ -181,13 +189,14 @@ function password_change($email, array $data): array
$password = $data['password'];
$user = get_user($email, 1);
if ($user) {
global $pdo;
global $cost;
global $PDO;
global $COST;
/** @var PDOStatement $stm */
$stm = $pdo->prepare('UPDATE users SET password = :password WHERE email = :email');
$stm = $PDO->prepare('UPDATE users SET password = :password WHERE email = :email');
$stm->bindValue(':email', $email);
$stm->bindValue(':password', password_hash($password, PASSWORD_DEFAULT, $cost));
$stm->bindValue(':password', password_hash($password, PASSWORD_DEFAULT, $COST));
$stm->execute();
$stm->closeCursor();
} else {
$result['status'] = 404;
$result['error'] = "User does not exist or is not registered.";
......@@ -203,12 +212,13 @@ function delete_user($email): array
{
$result = base_result();
global $pdo;
global $PDO;
/** @var PDOStatement $stm */
$stm = $pdo->prepare('DELETE FROM users WHERE email = :email');
$stm = $PDO->prepare('DELETE FROM users WHERE email = :email');
$stm->bindValue(':email', $email);
$stm->execute();
$stm->closeCursor();
return $result;
}
......@@ -223,12 +233,13 @@ function register_user($uuid): array
$result = base_result();
$user = get_user_by_uuid($uuid, 0);
if ($user && ($user['is_active'] == 0)) {
global $pdo;
global $PDO;
/** @var PDOStatement $stm */
$stm = $pdo->prepare('UPDATE users SET is_active = 1 WHERE user_id = :uuid');
$stm = $PDO->prepare('UPDATE users SET is_active = 1 WHERE user_id = :uuid');
$stm->bindValue(':uuid', $uuid);
$stm->execute();
$stm->closeCursor();
user_to_token($user);
} else {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment