PHP - UserRole - Function - OOP

Question

I am trying to make my own custom CMS, I can register users and can login aswel, Now I am trying to make a function for user roles,

File: class.user.php

function getUserrole() {
    $username = htmlentities($_SESSION['user_session']);
    $stmt = $this->db->prepare('SELECT * FROM users WHERE user_name = :username');
    $stmt->bindParam(':user_name', $username);
    $stmt->execute();

    $row = $stmt->fetch(PDO::FETCH_ASSOC);

    $userrole = $row['user_role'];

    if($userrole == 3) {
        return $userrole = 3;
    }

    if($userrole == 2) {
        return $userrole = 2;
    }

    if($userrole == 1) {
        return $userrole = 1;
    }

    if($userrole == 0) {
        return $userrole = 0;
    }
}

File: Home.php

<?php 
    $userrole = getUserrole();
    if($userrole == 1) {
        echo "Hi Admin";
    }

    else {
        echo "You are not a admin";
    }
?>

When I try to do this, the error shows up:

Fatal error: Call to undefined function getUserrole() in /Applications/MAMP/htdocs/test/home.php on line 24

I can see something wrong and I was hoping you guys could help me out here:)

Entire class.user.php :

<?php
class USER
{
    private $db;

    function __construct($DB_con)
    {
        $this->db = $DB_con;
    }

    public function register($uname,$umail,$upass)
    {
        try
        {
            $new_password = password_hash($upass, PASSWORD_DEFAULT);

            $stmt = $this->db->prepare("INSERT INTO users(user_name,user_email,user_pass) 
                                                       VALUES(:uname, :umail, :upass)");

            $stmt->bindparam(":uname", $uname);
            $stmt->bindparam(":umail", $umail);
            $stmt->bindparam(":upass", $new_password);                                        

            $stmt->execute();   

            return $stmt;   
        }
        catch(PDOException $e)
        {
            echo $e->getMessage();
        }               
    }

    public function login($uname,$umail,$upass)
    {
        try
        {
            $stmt = $this->db->prepare("SELECT * FROM users WHERE user_name=:uname OR user_email=:umail LIMIT 1");
            $stmt->execute(array(':uname'=>$uname, ':umail'=>$umail));
            $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
            if($stmt->rowCount() > 0)
            {
                if(password_verify($upass, $userRow['user_pass']))
                {
                    $_SESSION['user_session'] = $userRow['user_id'];
                    return true;
                }
                else
                {
                    return false;
                }
            }
        }
        catch(PDOException $e)
        {
            echo $e->getMessage();
        }
    }

    public function is_loggedin()
    {
        if(isset($_SESSION['user_session']))
        {
            return true;
        }
    }

    public function redirect($url)
    {
        header("Location: $url");
    }

    public function logout()
    {
        session_destroy();
        unset($_SESSION['user_session']);
        return true;
    }


function getUserrole() {
    $username = htmlentities($_SESSION['user_session']);
    $stmt = $this->db->prepare('SELECT * FROM users WHERE user_name = :username');
    $stmt->bindParam(':user_name', $username);
    $stmt->execute();

    $row = $stmt->fetch(PDO::FETCH_ASSOC);

    $userrole = $row['user_role'];

    if($userrole == 3) {
        return $userrole = 3;
    }

    if($userrole == 2) {
        return $userrole = 2;
    }

    if($userrole == 1) {
        return $userrole = 1;
    }

    if($userrole == 0) {
        return $userrole = 0;
    }
} 

}
?>

Is `getUserrole()` in an actual class, or is it just a function? Did you include or require `class.user.php` in `Home.php`? — Daan, Jun 29 '15 at 14:52
it's a function in a class ;) I include dbconfig.php Inside dbconfig.php I include class.user.php — , Jun 29 '15 at 14:54
If it's a function within a class, you must define the class name first? Like: $class->getUserrole() — sanderbee, Jun 29 '15 at 14:55
You need to initialize the class first and call the method `getUserrole` on that object. Besides change `return $userrole = 3;` to `return 3;` — Daan, Jun 29 '15 at 14:55
I just started with OOP and I am not familiar to things like -> yet, Could you explain @sanderbee ? like this? $userrole = $user->getUserrole(); — , Jun 29 '15 at 14:57
The "->" operator means that you're accessing a method of an object and not just a random function. Also, you need to instanciate the object with the "new" operator in order for you to be able to access the methods of said object. The answer below by sanderbee illustrates exactly what I just explained — Osuwariboy, Jun 29 '15 at 15:07

score 0 · Answer 1 · answered Jun 29 '15 at 15:02

0

Require the class within your home.php, init it and than call the function

<?php 

require_once 'class.user.php';
$userClass = new USER(<yourdbcon>);

$userrole = $userClass->getUserrole();
if($userrole == 1) {
    echo "Hi Admin";
}

else {
    echo "You are not a admin";
}

?>

answered Jun 29 '15 at 15:02

sanderbee

694
7
24

could you explain why $userClass? the class in class.user.php is named USER – Jun 29 '15 at 15:07
Its the holder of the object (USER). You can name it anything you like. Read this if you like: http://code.tutsplus.com/tutorials/object-oriented-php-for-beginners--net-12762 – sanderbee Jun 29 '15 at 15:09
I see:) there is a problem with the function aswel, I think something with this, $stmt->execute(); when I remove it, the script has no errors, but returns value 0 while in database my user is user_role 1, the error I get when $stmt->execute(); is in the function: – Jun 29 '15 at 15:21
Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[HY093]: Invalid parameter number: parameter was not defined' in /Applications/MAMP/htdocs/test/class.user.php:85 Stack trace: #0 /Applications/MAMP/htdocs/test/class.user.php(85): PDOStatement->execute() #1 /Applications/MAMP/htdocs/test/home.php(41): USER->getUserrole() #2 {main} thrown in /Applications/MAMP/htdocs/test/class.user.php on line 85 – Jun 29 '15 at 15:21
I think you need to create the db connection object first and then pass it as an argument to the object of the USER class. It'd be helpful if you could update your question with the code for the DB connection class and how you are using it in your application. – Maximus2012 Jun 29 '15 at 15:45
@Katherina, Parameters username and user_name don't match in your example: $stmt = $this->db->prepare('SELECT * FROM users WHERE user_name = :username'); $stmt->bindParam(':user_name', $username); – sanderbee Jun 30 '15 at 06:43

PHP - UserRole - Function - OOP

1 Answers1