conn = $db->connect(); } // destructor function __destruct() { } /** * Storing new user * returns user details */ public function storeUser($name, $username, $password){ $uuid = uniqid('', true); $hash = $this->hashSSHA($password); $encrypted_password = $hash["encrypted"]; // encrypted password $salt = $hash["salt"]; // salt $stmt = $this->conn->prepare("INSERT INTO users(unique_id, name, username, encrypted_password, salt) VALUES(?, ?, ?, ?, ?)"); $stmt->bind_param("sssss", $uuid, $name, $username, $encrypted_password, $salt); $result = $stmt->execute(); $stmt->close(); // check for successful store if ($result) { $stmt = $this->conn->prepare("SELECT * FROM users WHERE username = ?"); $stmt->bind_param("s", $username); $stmt->execute(); $user = $stmt->get_result()->fetch_assoc(); $stmt->close(); return $user; } else { return false; } } /** * Get user by username and password */ public function getUserByLoginAndPassword($username, $password) { $stmt = $this->conn->prepare("SELECT * FROM users WHERE username = ?"); $stmt->bind_param("s", $username); if ($stmt->execute()) { $user = $stmt->get_result()->fetch_assoc(); $stmt->close(); // verifying user password $salt = $user['salt']; $encrypted_password = $user['encrypted_password']; $hash = $this->checkhashSSHA($salt, $password); // check for password equality if ($encrypted_password == $hash) { // user authentication details are correct return $user; } } else { return NULL; } } /** * Get all users */ function getUsers() { $stmt = $this->conn->prepare("SELECT username FROM users"); $stmt->execute(); $users = $stmt->get_result()->fetch_all(); $stmt->close(); return $users; } /** * Check user is existed or not */ public function isUserExisted($username) { $stmt = $this->conn->prepare("SELECT username from users WHERE username = ?"); $stmt->bind_param("s", $username); $stmt->execute(); $stmt->store_result(); if ($stmt->num_rows > 0) { // user existed $stmt->close(); return true; } else { // user not existed $stmt->close(); return false; } } /** * Delete a user if user existed */ public function deleteUser($username) { $stmt = $this->conn->prepare("SELECT username from users WHERE username = ?"); $stmt->bind_param("s", $username); $stmt->execute(); $stmt->store_result(); if ($stmt->num_rows > 0) { // user existed $stmt = $this->conn->prepare("DELETE from users WHERE username = ?"); $stmt->bind_param("s", $username); $stmt->execute(); $stmt->close(); return true; } else { // user not existed $stmt->close(); return false; } } /** * Encrypting password * @param password * returns salt and encrypted password */ public function hashSSHA($password) { $salt = sha1(rand()); $salt = substr($salt, 0, 10); $encrypted = base64_encode(sha1($password . $salt, true) . $salt); $hash = array("salt" => $salt, "encrypted" => $encrypted); return $hash; } /** * Decrypting password * @param salt, password * returns hash string */ public function checkhashSSHA($salt, $password) { $hash = base64_encode(sha1($password . $salt, true) . $salt); return $hash; } } ?>