PHP和MySQL Web开发从新手到高手,第5天-添加辅助函数

function user_is_login(){
    if (isset($_POST[‘action‘]) and $_POST[‘action‘] == ‘login‘){
        if (!isset($_POST[‘email‘]) or $_POST[‘password‘] == ‘‘ or !isset($_POST[‘password‘]) or $_POST[‘password‘] == ‘‘){
            $GLOBALS[‘loginError‘] = ‘Please fill in user name and password.‘;
            return false;
        }
        if (database_contains_author($_POST[‘email‘], $_POST[‘password‘])){
            session_start();
            $_SESSION[‘loggedin‘] = true;
            $_SESSION[‘email‘] = $_POST[‘email‘];
            $_SESSION[‘password‘] = $_POST[‘password‘];
            return true;
        } else {
            session_start();
            unset($_SESSION[‘loggedin‘]);
            unset($_SESSION[‘email‘]);
            unset($_SESSION[‘password‘]);
            return false;
        }
    }
    
    if (isset($_POST[‘action‘]) and $_POST[‘action‘] == ‘logout‘){
        session_start();
        unset($_SESSION[‘loggedin‘]);
        unset($_SESSION[‘email‘]);
        unset($_SESSION[‘password‘]);
        header(‘Location:  ‘.$_POST[‘goto‘]);
        exit();
    }
    
    session_start();
    if (isset($_SESSION[‘loggedin‘])){
        return database_contains_author($_SESSION[‘email‘], $_SESSION[‘password‘]);
    }
    
    return false;
}

function database_contains_author($email, $password) {
    $password = get_md5_password($password);
    include ‘db.inc.php‘;
    
    try {
        $sql = ‘select count(*) from author where email = :email and password = :password‘;
        $s = $pdo->prepare($sql);
        $s->bindValue(‘:email‘, $email);
        $s->bindValue(‘:password‘, $password);
        $s->execute();
        
    } catch (PDOException $e) {
        $error = ‘Query author faild...‘.$e->getMessage();
        include ‘error.html.php‘;
        exit();
    }
    
    $row = $s->fetch();
    return  $row[0] > 0;
}

function get_md5_password($password){
    return md5($password.‘ijdb‘);
}

function user_has_role($role) {
    include ‘db.inc.php‘;
    
    try {
        $sql = ‘SELECT * FROM authorrole 
            INNER JOIN author ON author.id = authorrole.authorid 
            INNER JOIN role ON authorrole.roleid = role.id 
            WHERE author.email = :email AND role.id = :roleid‘;
    
        $s = $pdo->prepare($sql);
        $s->bindValue(‘:email‘,$_SESSION[‘email‘]);
        $s->bindValue(‘:roleid‘, $role);
        
        $s->execute();    
    } catch (PDOException $e) {
        $error = ‘Query authorrole faild...does not have right...‘.$e->getMessage();
        include ‘error.html.php‘;
        exit();
    }
    
    $row = $s->fetch();
    
    return $row[0] > 0;
}