simplified the process of getting user_infos as the user we want to get some info is the one connected

This commit is contained in:
Louis Vallat 2019-11-10 14:09:59 +01:00
parent 7bd7ba8f5f
commit 6618becd17
3 changed files with 101 additions and 4 deletions

View File

@ -158,7 +158,7 @@ function get_user_id_from_email($email)
return false; return false;
} }
function get_user_info_from_session_id($session_id, $info) function get_user_info_from_session_id($info)
{ {
global $PDO, $SESSION_COOKIE_NAME; global $PDO, $SESSION_COOKIE_NAME;
@ -170,7 +170,7 @@ function get_user_info_from_session_id($session_id, $info)
ON sessions.user_id = accounts.id ON sessions.user_id = accounts.id
WHERE session_id = :session_id;"; WHERE session_id = :session_id;";
$query = $PDO->prepare($sql); $query = $PDO->prepare($sql);
$query->bindValue(":session_id", $session_id); $query->bindValue(":session_id", $_COOKIE[$SESSION_COOKIE_NAME]);
if ($query->execute()) if ($query->execute())
foreach ($query as $row) { foreach ($query as $row) {
switch ($info) { switch ($info) {
@ -218,3 +218,100 @@ function change_user_password($user_id, $new_clear_password)
$query->bindValue(":id", $user_id, PDO::PARAM_INT); $query->bindValue(":id", $user_id, PDO::PARAM_INT);
return $query->execute(); return $query->execute();
} }
function add_cupboard($name, $description)
{
global $PDO;
$sql = "INSERT INTO cupboards (name, description, owner_id, public_id)
VALUES (:name, :description, :owner_id, :public_id);";
$query = $PDO->prepare($sql);
$query->bindValue(":name", $name);
$query->bindValue(":description", $description);
$query->bindValue(":owner_id", get_user_info_from_session_id("id"));
$query->bindValue(":public_id", generate_random_string());
return $query->execute();
}
function does_cupboard_exist_from_id($id)
{
global $PDO;
$sql = "SELECT id FROM cupboards WHERE id = :id;";
$query = $PDO->prepare($sql);
$query->bindValue(":id", $id);
if ($query->execute()) {
return ($query->rowCount() === 1);
}
return false;
}
function add_product($name, $description, $expiration_date = NULL, $cupboard_id = NULL)
{
global $PDO;
$sql = "INSERT INTO products
(name, description, expiration_date, owner_id, cupboard_id, public_id)
VALUES
(:name, :description, :expiration_date, :owner_id, :cupboard_id, :public_id);";
$query = $PDO->prepare($sql);
$query->bindValue(":name", $name);
$query->bindValue(":description", $description);
if ($expiration_date === NULL) {
$query->bindValue(":expiration_date", NULL, PDO::PARAM_INT);
} else {
$query->bindValue(":expiration_date", $expiration_date);
}
if ($cupboard_id === NULL) {
$query->bindValue(":cupboard_id", NULL, PDO::PARAM_INT);
} else {
$query->bindValue(":cupboard_id", $cupboard_id);
}
$query->bindValue(":owner_id", get_user_info_from_session_id("id"));
$query->bindValue(":public_id", generate_random_string());
return $query->execute();
}
function get_users_products_array()
{
global $PDO;
$user_products = array();
$sql = "SELECT
id, name, description, expiration_date, added_date, cupboard_name, public_id
FROM products WHERE owner_id = :owner_id;";
$query = $PDO->prepare($sql);
$query->bindValue(":owner_id", get_user_info_from_session_id("id"));
if ($query->execute()) {
foreach ($query as $row) {
array_push($user_products, $row);
}
}
return $user_products;
}
function get_users_cupboards_array()
{
global $PDO;
$user_cupboards = array();
$sql = "SELECT
id, name, description, public_id
FROM products WHERE owner_id = :owner_id;";
$query = $PDO->prepare($sql);
$query->bindValue(":owner_id", get_user_info_from_session_id("id"));
if ($query->execute()) {
foreach ($query as $row) {
array_push($user_cupboards, $row);
}
}
return $user_cupboards;
}

View File

@ -36,7 +36,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Check input errors before updating the database // Check input errors before updating the database
if (empty($new_password_err) && empty($confirm_password_err)) { if (empty($new_password_err) && empty($confirm_password_err)) {
if (change_user_password( if (change_user_password(
get_user_info_from_session_id($_COOKIE[$SESSION_COOKIE_NAME], "id"), get_user_info_from_session_id("id"),
$new_password $new_password
)) { )) {
//header("location: welcome.php"); //header("location: welcome.php");

View File

@ -20,7 +20,7 @@ if(!is_connected()){
</head> </head>
<body> <body>
<div class="page-header"> <div class="page-header">
<h1>Hi, <b><?php echo htmlspecialchars(get_user_info_from_session_id($_COOKIE[$SESSION_COOKIE_NAME], "first_name")); ?></b>. Welcome to our site.</h1> <h1>Hi, <b><?php echo htmlspecialchars(get_user_info_from_session_id("first_name")); ?></b>. Welcome to our site.</h1>
</div> </div>
<p> <p>
<a href="reset-password.php" class="btn btn-warning">Reset Your Password</a> <a href="reset-password.php" class="btn btn-warning">Reset Your Password</a>