<?php
include_once("connect.php");
class User
{
public function __construct()
{
$this->db = new Connection();
$this->db = $this->db->connectToDB();
}
public function login($user_name,$pass)
{
if(!empty($user_name) && !empty($pass))
{
$st = $this->db->prepare("Select * FROM users
WHERE user_name = :c and password = :p ");
$st->bindParam(":c",$user_name);
$st->bindParam(":p",$pass);
$st->execute();
if($st->rowCount() >= 1)
{
while($row = $st->fetch() )
{
$uName = $row["user_name"];
$role = $row["role"];
}
$_SESSION["todo_user_name"] = $uName;
$_SESSION["todo_role"] = $role;
header("location:index.php");
}//if($st->rowCount() == 1)
else
{
echo "ERROR";
echo"<script> alert('Username or Password is Wrong');</script>";
}//else
}//if(!empty($user_name) && !empty($pass))
}//function login($user_name,$pass)
public static function checkUserSession()
{
if( !isset($_SESSION["todo_user_name"]) )
{
header("location:login.php");
}
}//function checkUserSession()
public static function checkRoleSession($requiredRole)
{
if( !isset($_SESSION["todo_role"]) )
{
header("location:login.php");
}
else if($_SESSION["todo_role"] != $requiredRole )
{
header("location:login.php");
}
}//function checkUserSession()
}//class User
?>