Source of: /ADI/auth-db-sessions/model.php
<?php
function login_user($db,$uid,$pwd) {
$uid = mysqli_real_escape_string($db,trim($uid));
$password_digest = md5($pwd); $query = "SELECT * FROM users
WHERE userid = '$uid'
AND password = '$password_digest'";
$result = @ mysqli_query($db, $query);
if (!$result)
showerror($db);
if (mysqli_num_rows($result) > 0)
$user = mysqli_fetch_assoc($result);
else
$user = array() ;
return $user;
}
function check_if_user_exists($db,$newid) {
$newid = mysqli_real_escape_string($db,trim($newid));
$query = "SELECT * FROM users WHERE userid = '" . $newid ."'";
$result = @ mysqli_query($db, $query);
if(!$result)
showerror($db);
if(mysqli_num_rows($result) > 0)
$user_exists=true;
else
$user_exists=false;
return $user_exists;
}
function register_user($db,$userid,$fullname,$email,$notes){
$password = substr(md5(time()),0,6); $_SESSION['uid'] = $userid; $_SESSION['password'] = $password; $present_date = date("Y-m-d H:i:s");
$password_digest = md5($password); $query = "INSERT INTO users(userid,password,fullname,email,notes, created_at)
VALUES('$userid','$password_digest','$fullname','$email','$notes','$present_date')";
if(!mysqli_query($db, $query))
showerror($db);
return true; }
?>