Sindbad~EG File Manager
<?php
class MemberAuth {
private $db;
public function __construct() {
$this->db = Database::getInstance()->getConnection();
}
/**
* Create a member account
*/
public function createMemberAccount($memberData) {
try {
// Generate username from first name and last name
$firstName = $memberData['first_name'];
$lastName = $memberData['last_name'];
$baseUsername = strtolower(substr($firstName, 0, 1) . $lastName);
// Ensure username is unique
$username = $this->generateUniqueUsername($baseUsername);
// Generate random password
$password = $this->generateRandomPassword();
$passwordHash = password_hash($password, PASSWORD_DEFAULT);
// Insert member account
$stmt = $this->db->prepare("
INSERT INTO member_accounts (
member_id, username, email, password_hash, full_name, phone,
area_id, district_id, assembly_id
) VALUES (
:member_id, :username, :email, :password_hash, :full_name, :phone,
:area_id, :district_id, :assembly_id
)
");
$fullName = $firstName . ' ' . $lastName;
$result = $stmt->execute([
'member_id' => $memberData['member_id'],
'username' => $username,
'email' => $memberData['email'],
'password_hash' => $passwordHash,
'full_name' => $fullName,
'phone' => $memberData['phone'] ?? null,
'area_id' => $memberData['area_id'] ?? null,
'district_id' => $memberData['district_id'] ?? null,
'assembly_id' => $memberData['assembly_id'] ?? null
]);
if ($result) {
return [
'success' => true,
'username' => $username,
'password' => $password,
'account_id' => $this->db->lastInsertId()
];
}
return ['success' => false, 'message' => 'Failed to create member account'];
} catch (Exception $e) {
return ['success' => false, 'message' => $e->getMessage()];
}
}
/**
* Authenticate member login
*/
public function authenticateMember($identifier, $password) {
try {
// Check if identifier is email or username
$field = filter_var($identifier, FILTER_VALIDATE_EMAIL) ? 'email' : 'username';
$stmt = $this->db->prepare("
SELECT ma.*, m.first_name, m.last_name, m.title
FROM member_accounts ma
LEFT JOIN members m ON ma.member_id = m.id
WHERE ma.{$field} = :identifier AND ma.is_active = 1
");
$stmt->execute(['identifier' => $identifier]);
$account = $stmt->fetch();
if ($account && password_verify($password, $account['password_hash'])) {
// Update last login
$this->updateLastLogin($account['id']);
return [
'success' => true,
'account' => $account
];
}
return ['success' => false, 'message' => 'Invalid credentials'];
} catch (Exception $e) {
return ['success' => false, 'message' => $e->getMessage()];
}
}
/**
* Update member account details
*/
public function updateMemberAccount($accountId, $data) {
try {
$updateFields = [];
$params = ['id' => $accountId];
if (isset($data['email'])) {
$updateFields[] = 'email = :email';
$params['email'] = $data['email'];
}
if (isset($data['phone'])) {
$updateFields[] = 'phone = :phone';
$params['phone'] = $data['phone'];
}
if (isset($data['profile_photo'])) {
$updateFields[] = 'profile_photo = :profile_photo';
$params['profile_photo'] = $data['profile_photo'];
}
if (isset($data['password']) && !empty($data['password'])) {
$updateFields[] = 'password_hash = :password_hash';
$params['password_hash'] = password_hash($data['password'], PASSWORD_DEFAULT);
}
if (empty($updateFields)) {
return ['success' => false, 'message' => 'No fields to update'];
}
$sql = "UPDATE member_accounts SET " . implode(', ', $updateFields) . " WHERE id = :id";
$stmt = $this->db->prepare($sql);
$result = $stmt->execute($params);
return [
'success' => $result,
'message' => $result ? 'Account updated successfully' : 'Failed to update account'
];
} catch (Exception $e) {
return ['success' => false, 'message' => $e->getMessage()];
}
}
/**
* Get member account by member ID
*/
public function getMemberAccountByMemberId($memberId) {
$stmt = $this->db->prepare("
SELECT * FROM member_accounts
WHERE member_id = :member_id
");
$stmt->execute(['member_id' => $memberId]);
return $stmt->fetch();
}
/**
* Get member account by ID
*/
public function getMemberAccountById($accountId) {
$stmt = $this->db->prepare("
SELECT ma.*, m.first_name, m.last_name, m.phone as member_phone, m.email as member_email
FROM member_accounts ma
LEFT JOIN members m ON ma.member_id = m.id
WHERE ma.id = :id
");
$stmt->execute(['id' => $accountId]);
return $stmt->fetch();
}
/**
* Get members without accounts
*/
public function getMembersWithoutAccounts() {
$stmt = $this->db->query("
SELECT m.id, m.first_name, m.last_name, m.email, m.phone
FROM members m
LEFT JOIN member_accounts ma ON m.id = ma.member_id
WHERE ma.id IS NULL AND m.email IS NOT NULL AND m.email != ''
ORDER BY m.first_name, m.last_name
");
return $stmt->fetchAll();
}
/**
* Generate unique username
*/
private function generateUniqueUsername($baseUsername) {
$username = $baseUsername;
$counter = 1;
while ($this->usernameExists($username)) {
$username = $baseUsername . $counter;
$counter++;
}
return $username;
}
/**
* Check if username exists
*/
private function usernameExists($username) {
$stmt = $this->db->prepare("SELECT id FROM member_accounts WHERE username = :username");
$stmt->execute(['username' => $username]);
return $stmt->fetch() !== false;
}
/**
* Generate random password
*/
private function generateRandomPassword($length = 8) {
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
return substr(str_shuffle($chars), 0, $length);
}
/**
* Update last login timestamp
*/
private function updateLastLogin($accountId) {
$stmt = $this->db->prepare("UPDATE member_accounts SET last_login = NOW() WHERE id = :id");
$stmt->execute(['id' => $accountId]);
}
/**
* Check if member is logged in
*/
public static function isMemberLoggedIn() {
return isset($_SESSION['member_id']) && !empty($_SESSION['member_id']);
}
/**
* Get current member data
*/
public static function getCurrentMember() {
if (!self::isMemberLoggedIn()) {
return null;
}
$db = Database::getInstance()->getConnection();
$stmt = $db->prepare("
SELECT ma.*, m.first_name, m.last_name, m.phone as member_phone, m.email as member_email
FROM member_accounts ma
LEFT JOIN members m ON ma.member_id = m.id
WHERE ma.id = :id
");
$stmt->execute(['id' => $_SESSION['member_account_id']]);
return $stmt->fetch();
}
/**
* Member logout
*/
public static function memberLogout() {
unset($_SESSION['member_id']);
unset($_SESSION['member_account_id']);
unset($_SESSION['member_username']);
unset($_SESSION['member_full_name']);
}
}
?>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists