<?php class DB_Functions { private $db; //put your code here // constructor function __construct() { require_once 'DB_Connect.php'; // connecting to database $this->db = new DB_Connect(); $this->db->connect(); } // destructor function __destruct() { } /** * Storing new user * returns user details */ public function storeUser($name, $email, $password) { $uuid = uniqid('', true); $hash = $this->hashSSHA($password); $encrypted_password = $hash["encrypted"]; // encrypted password $salt = $hash["salt"]; // salt $result = mysql_query("INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES('$uuid', '$name', '$email', '$encrypted_password', '$salt', NOW())"); // check for successful store if ($result) { // get user details $uid = mysql_insert_id(); // last inserted id $result = mysql_query("SELECT * FROM users WHERE uid = $uid"); // return user details return mysql_fetch_array($result); } else { return false; } } /** * Get user by email and password */ public function getUserByEmailAndPassword($email, $password) { $result = mysql_query("SELECT * FROM users WHERE email = '$email'") or die(mysql_error()); // check for result $no_of_rows = mysql_num_rows($result); if ($no_of_rows > 0) { $result = mysql_fetch_array($result); $salt = $result['salt']; $encrypted_password = $result['encrypted_password']; $hash = $this->checkhashSSHA($salt, $password); // check for password equality if ($encrypted_password == $hash) { // user authentication details are correct return $result; } } else { // user not found return false; } } public function getCourses($user, $selectionKey, $selectionValue){ // Mysql select query $temp = array("CourseID"=>array(),"College" => array(), "Department"=>array(),"CRN" => array(), "SubjectCRS"=>array(),"Section" => array(), "Title"=>array(),"Building" => array(), "Room" => array(), "Instructor"=>array(),"Campus" => array(), "Time" =>array(), "Days" =>array()); $result = null; if($selectionKey =='CRN') $result = mysql_query("SELECT * FROM UsfCourses where '$selectionKey' = $selectionValue") or die(mysql_error()); if($selectionKey =='SubjectCRS') $result = mysql_query("SELECT * FROM UsfCourses where '$selectionKey' = '$selectionValue'") or die(mysql_error()); if($user == true){ $result = mysql_query(" SELECT C.* FROM StudentCourses S_C, users S, UsfCourses C WHERE S.StudentID = '$user' AND S_C.CourseID = C.CourseID"); } $no_of_rows = mysql_num_rows($result); if ($no_of_rows > 0) { while($row = mysql_fetch_array($result)){ array_push($temp["CourseID"], $row["CourseID"]); array_push($temp["College"], $row["College"]); array_push($temp["Department"], $row["Department"]); array_push($temp["CRN"], $row["CRN"]); array_push($temp["SubjectCRS"], $row["SubjectCRS"]); array_push($temp["Section"], $row["Section"]); array_push($temp["Title"], $row["Title"]); array_push($temp["Building"], $row["Building"]); array_push($temp["Room"], $row["Room"]); array_push($temp["Instructor"], $row["Instructor"]); array_push($temp["Campus"], $row["Campus"]); array_push($temp["Time"], $row["Time"]); array_push($temp["Days"], $row["Days"]); } return $temp; } //course was not found return false; } /** * Check user is existed or not */ public function isUserExisted($email) { $result = mysql_query("SELECT email from users WHERE email = '$email'"); $no_of_rows = mysql_num_rows($result); if ($no_of_rows > 0) { // user existed return true; } else { // user not existed return false; } } /** * Encrypting password * @param password * returns salt and encrypted password */ public function hashSSHA($password) { $salt = sha1(rand()); $salt = substr($salt, 0, 10); $encrypted = base64_encode(sha1($password . $salt, true) . $salt); $hash = array("salt" => $salt, "encrypted" => $encrypted); return $hash; } /** * Decrypting password * @param salt, password * returns hash string */ public function checkhashSSHA($salt, $password) { $hash = base64_encode(sha1($password . $salt, true) . $salt); return $hash; } public function storeCourse($StudentID, $CourseID){ $result = mysql_query("INSERT INTO StudentCourses(StudentID, CourseID) VALUES('$StudentID', '$CourseID')"); // check for successful store if ($result) { // get user details $uid = mysql_insert_id(); // last inserted id $result = mysql_query("SELECT * FROM StudentCourses WHERE StudentClassID = $uid"); // return user details return mysql_fetch_array($result); } else { return false; } } public function getFriendsByCourseIdAndStudentId($StudentID, $CourseID){ $temp = array("name"=>array(),"CourseID"=>array(),"College" => array(), "Department"=>array(),"CRN" => array(), "SubjectCRS"=>array(),"Section" => array(), "Title"=>array(),"Building" => array(), "Room" => array(), "Instructor"=>array(),"Campus" => array(), "Time" =>array(), "Days" =>array()); $result = mysql_query("SELECT U2.name, C.* FROM StudentCourses SC1, StudentCourses SC2, users U, Friends F, users U2, UsfCourses C WHERE SC1.StudentID = $StudentID AND F.StudentID = U.StudentID AND SC2.StudentID = F.FriendOfID AND SC1.CourseID = SC2.CourseID AND F.FriendOfID = U2.StudentID AND SC1.CourseID = $CourseID"); $no_of_rows = mysql_num_rows($result); if ($no_of_rows > 0) { while($row = mysql_fetch_array($result)){ array_push($temp["name"], $row["name"]); array_push($temp["CourseID"], $row["CourseID"]); array_push($temp["College"], $row["College"]); array_push($temp["Department"], $row["Department"]); array_push($temp["CRN"], $row["CRN"]); array_push($temp["SubjectCRS"], $row["SubjectCRS"]); array_push($temp["Section"], $row["Section"]); array_push($temp["Title"], $row["Title"]); array_push($temp["Building"], $row["Building"]); array_push($temp["Room"], $row["Room"]); array_push($temp["Instructor"], $row["Instructor"]); array_push($temp["Campus"], $row["Campus"]); array_push($temp["Time"], $row["Time"]); array_push($temp["Days"], $row["Days"]); } return $temp; } //course was not found return false; } } ?>
You have javascript disabled. You will not be able to edit any code.