<?php
	include_once("classes.inc");
	include_once("DBUtils.inc");

	//
	// gets user information
	//
	function login($UserName, $Password) {

        $boolLogin = FALSE;

		$db = getConnection();
		if (DB::isError($db)) {
		    	die($db->getMessage());
		}

		$sql = "SELECT `UserName`, `Password`, `Role` ";
		$sql .= "FROM `User` ";
		$sql .= "WHERE `UserName` = '$UserName' AND `Password` = '$Password' ";

		$result = $db->query($sql);

		// Always check that $result is not an error
		if (DB::isError($result)) {
    		die ($result->getMessage());
		}

		if ($row = $result->fetchRow()) {

            $boolLogin = TRUE;

        } 
        
   		$result->free();

		$db->disconnect();
		
		return $boolLogin;
		
    }

	//
	// get users
	//
	function getUsers() {

		$db = getConnection();
		if (DB::isError($db)) {
		    	die($db->getMessage());
		}

		$sql = "SELECT `UserName`, `Password`, `Role` ";
		$sql .= "FROM `User` ";
		$sql .= "ORDER BY `UserName` ";

		$result = $db->query($sql);

		// Always check that $result is not an error
		if (DB::isError($result)) {
    		die ($result->getMessage());
		}

		$UserArray = array();

		while ($row = $result->fetchRow()) {

       		$userInfo = new UserInfo();
          		
			$userInfo->setUserName($row[0]);
			$userInfo->setPassword($row[1]);
			$userInfo->setRole($row[2]);
			
			$UserArray[] = $userInfo;
			
        }

		$result->free();

		$db->disconnect();

		return $UserArray;
    }
    
	//
	// gets user information
	//
	function getUser($UserName) {

		$db = getConnection();
		if (DB::isError($db)) {
		    	die($db->getMessage());
		}

		$sql = "SELECT `UserName`, `Password`, `Role` ";
		$sql .= "FROM `User` ";
		$sql .= "WHERE `UserName` = '$UserName'";

		$result = $db->query($sql);

		// Always check that $result is not an error
		if (DB::isError($result)) {
    		die ($result->getMessage());
		}

		$userInfo = new UserInfo();

		if ($row = $result->fetchRow()) {
			$userInfo->setUserName($row[0]);
			$userInfo->setPassword($row[1]);
			$userInfo->setRole($row[2]);
        }

		$result->free();

		$db->disconnect();

		return $userInfo;
    }

	//
	// create user information
	//
	function createUser($UserName, $Password, $Role) {

		$db = getConnection();
		if (DB::isError($db)) {
		    	die($db->getMessage());
		}

		$sql = "INSERT INTO `User` (`UserName`, `Password`, `Role`) " .
               "Values ('$UserName', '$Password', '$Role') ";

		$result = $db->query($sql);

		// Always check that $result is not an error
		if (DB::isError($result)) {
	    		die ($result->getMessage());
		}

		$db->disconnect();

    }
    
	//
	// update user information
	//
	function updateUser($UserName, $Password, $Role) {

		$db = getConnection();
		if (DB::isError($db)) {
		    	die($db->getMessage());
		}

		$sql = "UPDATE `User` SET " .
               "`Password` = '$Password', " .
               "`Role` = '$Role' " .
               "WHERE `$UserName` =  '$UserName' ";

		$result = $db->query($sql);

		// Always check that $result is not an error
		if (DB::isError($result)) {
	    		die ($result->getMessage());
		}

		$db->disconnect();

    }
    

	//
	// delete user information
	//
	function deleteUser($UserName) {

		$db = getConnection();
		if (DB::isError($db)) {
		    	die($db->getMessage());
		}

		$sql = "DELETE FROM `User` WHERE `UserName` = '$UserName'";

		$result = $db->query($sql);

		// Always check that $result is not an error
		if (DB::isError($result)) {
	    		die ($result->getMessage());
		}

		$db->disconnect();

    }
    
?>