Adds note to implement mysql/mariadb option

main
Yasen Pramatarov 2024-07-03 13:47:30 +03:00
parent 518a355cf5
commit 5fb2aa2fae
3 changed files with 7 additions and 1 deletions

View File

@ -5,3 +5,5 @@
- ~~jilo-web.db outside web root~~ - ~~jilo-web.db outside web root~~
- jilo-web.db writable by web server user - jilo-web.db writable by web server user
- add mysql/mariadb option

View File

@ -4,10 +4,13 @@ class Database {
private $pdo; private $pdo;
public function __construct($dbFile) { public function __construct($dbFile) {
// pdo and pdo_sqlite needed
if ( !extension_loaded('pdo_sqlite') ) { if ( !extension_loaded('pdo_sqlite') ) {
throw new Exception('PDO extension for SQLite not loaded.'); throw new Exception('PDO extension for SQLite not loaded.');
} }
// connect to database
// FIXME: add mysql/mariadb option
try { try {
$this->pdo = new PDO("sqlite:" . $dbFile); $this->pdo = new PDO("sqlite:" . $dbFile);
$this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $this->pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

View File

@ -7,6 +7,7 @@ class User {
$this->db = $database->getConnection(); $this->db = $database->getConnection();
} }
// registration
public function register($username, $password) { public function register($username, $password) {
$hashedPassword = password_hash($password, PASSWORD_DEFAULT); $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$query = $this->db->prepare("INSERT INTO users (username, password) VALUES (:username, :password)"); $query = $this->db->prepare("INSERT INTO users (username, password) VALUES (:username, :password)");
@ -16,6 +17,7 @@ class User {
return $query->execute(); return $query->execute();
} }
// login
public function login($username, $password) { public function login($username, $password) {
$query = $this->db->prepare("SELECT * FROM users WHERE username = :username"); $query = $this->db->prepare("SELECT * FROM users WHERE username = :username");
$query->bindParam(':username', $username); $query->bindParam(':username', $username);
@ -23,7 +25,6 @@ class User {
$user = $query->fetch(PDO::FETCH_ASSOC); $user = $query->fetch(PDO::FETCH_ASSOC);
if ( $user && password_verify($password, $user['password'])) { if ( $user && password_verify($password, $user['password'])) {
session_start();
$_SESSION['user_id'] = $user['id']; $_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username']; $_SESSION['username'] = $user['username'];
return true; return true;