I have a recurring problem in my Android application.
Basically I am using PHP and a MYSQL database to register and login users into my app.
Registration works fine. I am able to connect to the database and insert the new user into the table without any problems.
The issue I am facing is when logging into the app. Whenever I call the login url, I am getting the following error:
BasicNetwork.performRequest: Unexpected response code 500 for URL.
I tried using other tools to access this url and posting the parameters manually to eliminate the issue that the error might be coming from my app code. In fact I got a Generic 500 Internal Server Error. Tested the register URL with this tool too and it worked perfectly.
My PHP classes all call the same script to get the connection details, so there is no problem with that either since registration works.
Here is my code below:
Login class:
<?php
require_once 'UserFunctions.php';
$db = new UserFunctions();
$response = array("error" => FALSE);
if (isset($_POST['email']) && isset($_POST['password'])) {
$email = $_POST['email'];
$password = $_POST['password'];
$user = $db->getUserByEmailAndPassword($email, $password);
$count = $db->getUserCount();
if ($user != false) {
$response["error"] = FALSE;
$response["uid"] = $user["unique_id"];
$response["user"]["name"] = $user["name"];
$response["user"]["email"] = $user["email"];
echo json_encode($response);
} else {
$response["error"] = TRUE;
$response["error_msg"] = "Login credentials are wrong. Please try again!";
echo json_encode($response);
}
} else {
$response["error"] = TRUE;
$response["error_msg"] = "One of the required parameters is missing!";
echo json_encode($response);
}
?>
UserFunctions class:
<?php
class UserFunctions {
private $conn;
function __construct() {
require_once 'include/DbConnect.php';
$db = new DbConnect();
$this->conn = $db->connect();
}
function __destruct() {
}
public function storeUser($name, $email, $password) {
$uuid = uniqid('', true);
$hash = $this->hashSSHA($password);
$password = $hash["encrypted"];
$salt = $hash["salt"];
$stmt = $this->conn->prepare("INSERT INTO users(unique_id, UserName, UserEmail, UserPassword, salt) VALUES(?, ?, ?, ?, ?)");
$stmt->bind_param("sssss", $uuid, $name, $email, $password, $salt);
$result = $stmt->execute();
$stmt->close();
if ($result) {
$stmt = $this->conn->prepare("SELECT * FROM users WHERE UserEmail = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return false;
}
}
public function getUserByEmailAndPassword($email, $password) {
$stmt = $this->conn->prepare("SELECT * FROM users WHERE UserEmail = ?");
$stmt->bind_param("s", $email);
if ($stmt->execute()) {
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return NULL;
}
}
public function isUserExisted($email) {
$stmt = $this->conn->prepare("SELECT UserEmail FROM users WHERE UserEmail = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->close();
return true;
} else {
$stmt->close();
return false;
}
}
public function hashSSHA($password) {
$salt = sha1(rand());
$salt = substr($salt, 0, 10);
$encrypted = base64_encode(sha1($password . $salt, true) . $salt);
$hash = array("salt" => $salt, "encrypted" => $encrypted);
return $hash;
}
public function checkhashSSHA($salt, $password) {
$hash = base64_encode(sha1($password . $salt, true) . $salt);
return $hash;
}
}
?>
I found where my problem was.
For all those who encounter the very nasty error 500, check your logs. Occured to me that once I checked the logs, I found that the method checkhashSSHA() was never being used, and this was causing the following error:
PHP Fatal error: Call to undefined function checkHashSSA() in /xxx/xxx/xxx/xxx/UserFunctions.php on line 54
Hence I added the following code to decrypt the password:
public function getUserByEmailAndPassword($email, $password) {
$stmt = $this->conn->prepare("SELECT * FROM users WHERE UserEmail = ?");
$stmt->bind_param("s", $email);
if ($stmt->execute()) {
$user = $stmt->get_result()->fetch_assoc();
$salt = $user['salt'];
$userPassword = $user['UserPassword'];
$hash = $this->checkhashSSHA($salt, $password);
if ($userPassword == $hash) {
return $user;
}
$stmt->close();
} else {
return NULL;
}
}
This solved my error.
Just for the record, logs for such errors are usually found in the following location: var/log/apache2/error.log You may need to make some change to the php.ini file to log these errors.
Hope this helps anyone with the 500 error ;)
Related
I have this code to make login with my application android ,
but I need to test with some value
<?php
require_once 'DB_Functions.php';
$db = new DB_Functions();
// json response array
$response = array("error" => FALSE);
// receiving the post params
/* $email = $_POST['email'];
$password = $_POST['password'];*/
$email ="bi#yahoo.fr";
$password ="123456";
// get the user by email and password
$user = $db->getUserByEmailAndPassword($email,$password);
if ($user != false) {
// use is found
$response["error"] = FALSE;
$response["uid"] = $user["unique_id"];
$response["user"]["name"] = $user["name"];
$response["user"]["email"] = $user["email"];
$response["user"]["created_at"] = $user["created_at"];
$response["user"]["updated_at"] = $user["updated_at"];
echo json_encode($response);
} else {
// user is not found with the credentials
$response["error"] = TRUE;
$response["error_msg"] = "Login credentials are wrong. Please try again!";
echo json_encode($response);
}
/*else {
// required post params is missing
$response["error"] = TRUE;
$response["error_msg"] = "Required parameters email or password is
missing!";
echo json_encode($response);
}*/
?>
file DB_Functions.php is this
<?php
class DB_Functions {
private $conn;
// constructor
function __construct() {
require_once 'DB_Connect.php';
// connecting to database
$db = new Db_Connect();
$this->conn = $db->connect();
}
// destructor
function __destruct() {
}
/**
* Storing new user
* returns user details
*/
public function storeUser($name, $email, $password) {
$uuid = uniqid('', true);
$hash = $this->hashSSHA($password);
$encrypted_password = $hash["encrypted"]; // encrypted password
$salt = $hash["salt"]; // salt
$stmt = $this->conn->prepare("INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES(?, ?, ?, ?, ?, NOW())");
$stmt->bind_param("sssss", $uuid, $name, $email, $encrypted_password, $salt);
$result = $stmt->execute();
$stmt->close();
// check for successful store
if ($result) {
$stmt = $this->conn->prepare("SELECT * FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return false;
}
}
/**
* Get user by email and password
*/
public function getUserByEmailAndPassword($email, $password) {
$stmt = $this->conn->prepare("SELECT * FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
if ($stmt->execute()) {
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
// verifying user password
$salt = $user['salt'];
$encrypted_password = $user['encrypted_password'];
$hash = $this->checkhashSSHA($salt, $password);
// check for password equality
if ($encrypted_password == $hash) {
// user authentication details are correct
return $user;
}
} else {
return NULL;
}
}
/**
* Check user is existed or not
*/
public function isUserExisted($email) {
$stmt = $this->conn->prepare("SELECT email from users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
// user existed
$stmt->close();
return true;
} else {
// user not existed
$stmt->close();
return false;
}
}
/**
* Encrypting password
* #param password
* returns salt and encrypted password
*/
public function hashSSHA($password) {
$salt = sha1(rand());
$salt = substr($salt, 0, 10);
$encrypted = base64_encode(sha1($password . $salt, true) . $salt);
$hash = array("salt" => $salt, "encrypted" => $encrypted);
return $hash;
}
/**
* Decrypting password
* #param salt, password
* returns hash string
*/
public function checkhashSSHA($salt, $password) {
$hash = base64_encode(sha1($password . $salt, true) . $salt);
return $hash;
}
}
?>
how to fix that
the file DB_Connect Contains all informations about database name and password ... all thing are correctly
but when i put 127.0.0.1/myproject/myfileLogin to test with this values
email:bi#yahoo.fr
password :123456
he show me Login credentials are wrong. Please try again! in My data base I have These two
email:bi#yahoo.fr
password :123456
I'm working on Php web services which are working on localhost when I upload it to Cpanel server it is not responding. it is used is registered but response message is not showing while checking with postman
DB_Function has the main function where it is connected to table to insert data.Which is working.
DB_Function.php
<?php
class DB_Functions {
private $conn;
// constructor
function __construct() {
require_once 'DB_Connect.php';
// connecting to database
$db = new Db_Connect();
$this->conn = $db->connect();
}
// destructor
function __destruct() {
}
/**
* Storing new user
* returns user details
*/
public function storeUser($name, $email, $password, $phone, $address, $address_2,$education, $position, $gender, $bank_account_no, $experience, $company_name, $company_temp, $references_description, $amount ) {
//$uuid = uniqid('', true);
$hash = $this->hashSSHA($password);
$encrypted_password = $hash["encrypted"]; // encrypted password
$salt = $hash["salt"]; // salt
$stmt = $this->conn->prepare("INSERT INTO emp_registration( full_name, email, password, salt, phone, address, address_2, education, position, gender, bank_account_no, experience, company_name, company_temp,references_description,amount, created_at) VALUES(?,?, ?, ?, ?, ?, ?, ?,?,?,?,?,?,?,?,?, NOW())");
$stmt->bind_param("sssssssssssssssi", $name, $email, $encrypted_password, $salt, $phone, $address, $address_2,$education, $position, $gender, $bank_account_no, $experience, $company_name, $company_temp, $references_description, $amount );
$result = $stmt->execute();
$stmt->close();
// check for successful store
if ($result) {
$stmt = $this->conn->prepare("SELECT * FROM emp_registration WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return false;
}
}
/**
* Get user by email and password
*/
public function getUserByEmailAndPassword($email, $password) {
$stmt = $this->conn->prepare("SELECT * FROM emp_registration WHERE email = ?");
$stmt->bind_param("s", $email);
if ($stmt->execute()) {
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
// verifying user password
$salt = $user['salt'];
$encrypted_password = $user['password'];
$hash = $this->checkhashSSHA($salt, $password);
// check for password equality
if ($encrypted_password == $hash) {
// user authentication details are correct
return $user;
}
} else {
return NULL;
}
}
/**
* Check user is existed or not
*/
public function isUserExisted($email) {
$stmt = $this->conn->prepare("SELECT email from emp_registration WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
// user existed
$stmt->close();
return true;
} else {
// user not existed
$stmt->close();
return false;
}
}
/**
* Encrypting password
* #param password
* returns salt and encrypted password
*/
public function hashSSHA($password) {
$salt = sha1(rand());
$salt = substr($salt, 0, 10);
$encrypted = base64_encode(sha1($password . $salt, true) . $salt);
$hash = array("salt" => $salt, "encrypted" => $encrypted);
return $hash;
}
/**
* Decrypting password
* #param salt, password
* returns hash string
*/
public function checkhashSSHA($salt, $password) {
$hash = base64_encode(sha1($password . $salt, true) . $salt);
return $hash;
}
}
?>
In Emp_registration it is sending store_user fuction in DB_Functions class but Response is not comming from it on server.
Emp_registration.php
<?php
require_once 'include/DB_Function.php';
$db = new DB_Functions();
// json response array
$response = array("error" => FALSE);
if (isset($_POST['name']) && isset($_POST['email']) && isset($_POST['password']) && isset($_POST['phone']) && isset($_POST['address']) && isset($_POST['address_2']) &&
isset($_POST['education']) && isset($_POST['position']) && isset($_POST['gender']) && isset($_POST['bank_account_no']) && isset($_POST['experience']) && isset($_POST['company_name']) && isset($_POST['company_temp']) && isset($_POST['references_description'])
&& isset($_POST['amount']) ) {
// receiving the post params
$name = $_POST['name'];
$email = $_POST['email'];
$password = $_POST['password'];
$phone = $_POST['phone'];
$address = $_POST['address'];
$address_2 = $_POST['address_2'];
$education = $_POST['education'];
$position = $_POST['position'];
$gender = $_POST['gender'];
$bank_account_no = $_POST['bank_account_no'];
$experience = $_POST['experience'];
$company_name = $_POST['company_name'];
$company_temp = $_POST['company_temp'];
$references_description = $_POST['references_description'];
$amount = intval( $_POST['amount']);
// check if emp_registration is already existed with the same email
if ($db->isUserExisted($email)) {
// emp_registration already existed
$response["error"] = TRUE;
$response["error_msg"] = "User already existed with " . $email;
echo json_encode($response);
} else {
// create a new emp_registration
$emp_registration = $db->storeUser($name, $email, $password, $phone, $address, $address_2, $education, $position, $gender, $bank_account_no, $experience, $company_name, $company_temp, $references_description, $amount);
if ($emp_registration) {
// emp_registration stored successfully
$response["error"] = FALSE;
$response["emp_id"] = $emp_registration["id"];
$response["emp_registration"]["full_name"] = $emp_registration["full_name"];
$response["emp_registration"]["email"] = $emp_registration["email"];
$response["emp_registration"]["created_at"] = $emp_registration["created_at"];
$response["emp_registration"]["updated_at"] = $emp_registration["updated_at"];
echo json_encode($response);
} else {
// emp_registration failed to store
$response["error"] = TRUE;
$response["error_msg"] = "Unknown error occurred in registration!";
echo json_encode($response);
}
}
} else {
$response["error"] = TRUE;
$response["error_msg"] = "Required parameters (name, email or password) is missing!";
echo json_encode($response);
}
?>
.htaccess
RewriteEngine on
RewriteCond %{HTTP_HOST} ^web\.ddagroindore\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.web\.ddagroindore\.com$
RewriteRule ^/?$ "http\:\/\/ddagroindore\.com\/webservice" [R=301,L]
In my application I am using 2 php files where one contains all the funtions required for the application and the another is to retrive and send the data back to the user
My first php file is DB_Functions.php
which contains the following code
<?php
class DB_Functions {
private $conn;
// constructor
function __construct() {
require_once 'DB_Connect.php';
// connecting to database
$db = new Db_Connect();
$this->conn = $db->connect();
}
/**
* Storing new user
* returns user details
*/
public function storeUser($name,$sex,$dob,$email,$college,$password,$latitude,$longitude,$pass) {
$uuid = uniqid('', true);
$hash = $this->hashSSHA($password);
$encrypted_password = $hash["encrypted"]; // encrypted password
$salt = $hash["salt"]; // salt
$stmt = $this->conn->prepare("INSERT INTO CFLASH_USERS(Name, sex, dob, mail, college, password, latitude, longitude, pass, salt, created_at) VALUES(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, NOW())");
$stmt->bind_param("ssssssssss", $name, $sex, $dob, $email, $college, $password, $latitude, $longitude, $pass, $salt);
$result = $stmt->execute();
$stmt->close();
// check for successful store
if ($result) {
$stmt = $this->conn->prepare("SELECT * FROM CFLASH_USERS WHERE mail = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return false;
}
}
/**
* Encrypting password
* #param password
* returns salt and encrypted password
*/
public function hashSSHA($password) {
$salt = sha1(rand());
$salt = substr($salt, 0, 10);
$encrypted = base64_encode(sha1($password . $salt, true) . $salt);
$hash = array("salt" => $salt, "encrypted" => $encrypted);
return $hash;
}
/**
* Decrypting password
* #param salt, password
* returns hash string
*/
public function checkhashSSHA($salt, $password) {
$hash = base64_encode(sha1($password . $salt, true) . $salt);
return $hash;
}
}
?>
My second php file Register.php contains
<?php
require_once 'include/DB_Functions.php';
$db = new DB_Functions();
// json response array
$response = array("error" => FALSE);
if (isset($_POST['name']) && isset($_POST['email']) && isset($_POST['password'])) {
// receiving the post params
$name = $_POST['name'];
$sex = $_POST['sex'];
$dob = $_POST['dob'];
$email = $_POST['email'];
$college = $_POST['college'];
$password = $_POST['password'];
$latitude = $_POST['latitude'];
$longitude = $_POST['longitude'];
$pass = $_POST['pass'];
// create a new user
$user = $db->storeUser($name, $sex, $dob, $email, $college ,$password, $latitude, $longitude, $pass);
if ($user) {
// user stored successfully
$response["error"] = FALSE;
$response["uid"] = $user["mail"];
$response["user"]["name"] = $user["Name"];
$response["user"]["sex"] = $user["sex"];
$response["user"]["dob"] = $user["dob"];
$response["user"]["email"] = $user["mail"];
$response["user"]["college"] = $user["college"];
$response["user"]["created_at"] = $user["created_at"];
$response["user"]["updated_at"] = $user["updated_at"];
echo json_encode($response);
} else {
// user failed to store
$response["error"] = TRUE;
$response["error_msg"] = "Unknown error occurred in registration!";
echo json_encode($response);
}
} else {
$response["error"] = TRUE;
$response["error_msg"] = "Required parameters (name, email or password) is missing!";
echo json_encode($response);
}
?>
My table structure is
I am unable to insert the data into it. I have checked for the post meathod to be wrong but it not wrong. So I thought that there will be an error with bind_param(). Please let me know where the error is and a solution to rectify it.
Please explain me about "Call to undefined method mysqli_stmt::get_result()"
You are likely missing MySQLND. That method is only available with that driver.
http://php.net/manual/en/mysqli-stmt.get-result.php
I am using following code to connect to an sql database on a web hosting server.
I am facing the error
Warning: mysqli::mysqli(): (HY000/2002): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2) in /srv/disk7/2067595/www/envoycc.atwebpages.com/DB_Connect.php on line 10
The 10th line is $this->conn = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
My overall code is
config.php
<?php
/**
* Database config variables
*/
define("DB_HOST", "localhost");
define("DB_USER", "2067595_android");
define("DB_PASSWORD", "password");
define("DB_DATABASE", "2067595_android");
?>
DB_Connect.php
<?php
class DB_Connect {
private $conn;
// Connecting to database
public function connect() {
require_once 'config.php';
// Connecting to mysql database
$this->conn = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
// return database handler
return $this->conn;
}
}
?>
DB_Functions.php
<?php
class DB_Functions {
private $conn;
// constructor
function __construct() {
require_once 'DB_Connect.php';
// connecting to database
$db = new Db_Connect();
$this->conn = $db->connect();
}
// destructor
function __destruct() {
}
/**
* Storing new user
* returns user details
*/
public function storeUser($name, $email, $password) {
$uuid = uniqid('', true);
$hash = $this->hashSSHA($password);
$encrypted_password = $hash["encrypted"]; // encrypted password
$salt = $hash["salt"]; // salt
$stmt = $this->conn->prepare("INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES(?, ?, ?, ?, ?, NOW())");
$stmt->bind_param("sssss", $uuid, $name, $email, $encrypted_password, $salt);
$result = $stmt->execute();
$stmt->close();
// check for successful store
if ($result) {
$stmt = $this->conn->prepare("SELECT * FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return false;
}
}
/**
* Get user by email and password
*/
public function getUserByEmailAndPassword($email, $password) {
$stmt = $this->conn->prepare("SELECT * FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
if ($stmt->execute()) {
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return NULL;
}
}
/**
* Check user is existed or not
*/
public function isUserExisted($email) {
$stmt = $this->conn->prepare("SELECT email from users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
// user existed
$stmt->close();
return true;
} else {
// user not existed
$stmt->close();
return false;
}
}
/**
* Encrypting password
* #param password
* returns salt and encrypted password
*/
public function hashSSHA($password) {
$salt = sha1(rand());
$salt = substr($salt, 0, 10);
$encrypted = base64_encode(sha1($password . $salt, true) . $salt);
$hash = array("salt" => $salt, "encrypted" => $encrypted);
return $hash;
}
/**
* Decrypting password
* #param salt, password
* returns hash string
*/
public function checkhashSSHA($salt, $password) {
$hash = base64_encode(sha1($password . $salt, true) . $salt);
return $hash;
}
}
?>
login.php
<?php
require_once 'DB_Functions.php';
$db = new DB_Functions();
// json response array
$response = array("error" => FALSE);
if (isset($_POST['email']) && isset($_POST['password'])) {
// receiving the post params
$email = $_POST['email'];
$password = $_POST['password'];
// get the user by email and password
$user = $db->getUserByEmailAndPassword($email, $password);
if ($user != false) {
// use is found
$response["error"] = FALSE;
$response["uid"] = $user["unique_id"];
$response["user"]["name"] = $user["name"];
$response["user"]["email"] = $user["email"];
$response["user"]["created_at"] = $user["created_at"];
$response["user"]["updated_at"] = $user["updated_at"];
echo json_encode($response);
} else {
// user is not found with the credentials
$response["error"] = TRUE;
$response["error_msg"] = "Login credentials are wrong. Please try again!";
echo json_encode($response);
}
} else {
// required post params is missing
$response["error"] = TRUE;
$response["error_msg"] = "Required parameters email or password is missing!";
echo json_encode($response);
}
?>
As I noted in comments:
AwardSpace sent you an email with the server address to use for db work.
The ??? as I pointed out are to be replaced with the fdbxxx (xxx are numbers) they gave you to use fdbxxx.awardspace.net.
This I know, because I use their service also.
i'm still build an API for android app. I follow this tutorial: http://www.androidhive.info/2012/01/android-login-and-registration-with-php-mysql-and-sqlite/.
When I try to submit: It will be SERVER 500 ERROR.
Check the demo:
FORM: http://simedik.masterbiz.net/api/form.php
<form action="login.php" method="post">
<input type="text" name="email"/>
<input type="text" name="password"/>
<input type="submit" value="SUBMIT"/>
</form>
Anyone have solution for this? Thanks in advance!
LOGIN.PHP SCRIPT
<?php
require_once 'DB_Functions.php';
$db = new DB_Functions();
// json response array
$response = array("error" => FALSE);
if (isset($_POST['email']) && isset($_POST['password'])) {
// receiving the post params
$email = $_POST['email'];
$password = $_POST['password'];
// get the user by email and password
$user = $db->getUserByEmailAndPassword($email, $password);
if ($user != false) {
// use is found
$response["error"] = FALSE;
$response["uid"] = $user["unique_id"];
$response["user"]["name"] = $user["name"];
$response["user"]["email"] = $user["email"];
$response["user"]["created_at"] = $user["created_at"];
$response["user"]["updated_at"] = $user["updated_at"];
echo json_encode($response);
} else {
// user is not found with the credentials
$response["error"] = TRUE;
$response["error_msg"] = "Login credentials are wrong. Please try again!";
echo json_encode($response);
}
} else {
// required post params is missing
$response["error"] = TRUE;
$response["error_msg"] = "Required parameters email or password is missing!";
echo json_encode($response);
}
?>
DB_FUNCTIONS.PHP
<?php
class DB_Functions {
private $conn;
// constructor
function __construct() {
require_once 'DB_Connect.php';
// connecting to database
$db = new Db_Connect();
$this->conn = $db->connect();
}
// destructor
function __destruct() {
}
/**
* Storing new user
* returns user details
*/
public function storeUser($name, $email, $password) {
$uuid = uniqid('', true);
$hash = $this->hashSSHA($password);
$encrypted_password = $hash["encrypted"]; // encrypted password
$salt = $hash["salt"]; // salt
$stmt = $this->conn->prepare("INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES(?, ?, ?, ?, ?, NOW())");
$stmt->bind_param("sssss", $uuid, $name, $email, $encrypted_password, $salt);
$result = $stmt->execute();
$stmt->close();
// check for successful store
if ($result) {
$stmt = $this->conn->prepare("SELECT * FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return false;
}
}
/**
* Get user by email and password
*/
public function getUserByEmailAndPassword($email, $password) {
$stmt = $this->conn->prepare("SELECT * FROM pasien WHERE kd_pasien = ?");
$stmt->bind_param("s", $email);
if ($stmt->execute()) {
$user = $stmt->get_result()->fetch_assoc();
$stmt->close();
return $user;
} else {
return NULL;
}
}
/**
* Check user is existed or not
*/
public function isUserExisted($email) {
$stmt = $this->conn->prepare("SELECT email from users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
// user existed
$stmt->close();
return true;
} else {
// user not existed
$stmt->close();
return false;
}
}
/**
* Encrypting password
* #param password
* returns salt and encrypted password
*/
public function hashSSHA($password) {
$salt = sha1(rand());
$salt = substr($salt, 0, 10);
$encrypted = base64_encode(sha1($password . $salt, true) . $salt);
$hash = array("salt" => $salt, "encrypted" => $encrypted);
return $hash;
}
/**
* Decrypting password
* #param salt, password
* returns hash string
*/
public function checkhashSSHA($salt, $password) {
$hash = base64_encode(sha1($password . $salt, true) . $salt);
return $hash;
}
}
?>