36557-vm/auth.php

<?php
session_start();
require_once 'db/config.php';

function register($name, $email, $password, $sponsor_code) {
    $db = db();
    $sponsor_id = null;
    if ($sponsor_code) {
        $stmt = $db->prepare("SELECT id FROM users WHERE referral_code = ?");
        $stmt->execute([$sponsor_code]);
        $sponsor = $stmt->fetch();
        if (!$sponsor) {
            return 'Invalid sponsor code.';
        }
        $sponsor_id = $sponsor['id'];
    }

    $password_hash = password_hash($password, PASSWORD_BCRYPT);
    $referral_code = uniqid();

    try {
        $stmt = $db->prepare("INSERT INTO users (name, email, password, referral_code, sponsor_id, role, agent_tier) VALUES (?, ?, ?, ?, ?, 'Agent', 'Normal')");
        $stmt->execute([$name, $email, $password_hash, $referral_code, $sponsor_id]);
        return true;
    } catch (PDOException $e) {
        if ($e->errorInfo[1] == 1062) {
            return 'Email already exists.';
        }
        return $e->getMessage();
    }
}

function login($email, $password) {
    $db = db();
    $stmt = $db->prepare("SELECT * FROM users WHERE email = ?");
    $stmt->execute([$email]);
    $user = $stmt->fetch();

    if ($user && password_verify($password, $user['password'])) {
        $_SESSION['user_id'] = $user['id'];
        $_SESSION['role'] = $user['role'];
        return true;
    }
    return false;
}

function get_user_by_id($id) {
    $db = db();
    $stmt = $db->prepare("SELECT * FROM users WHERE id = ?");
    $stmt->execute([$id]);
    return $stmt->fetch();
}

function get_downline($user_id) {
    $db = db();
    $stmt = $db->prepare("SELECT * FROM users WHERE sponsor_id = ?");
    $stmt->execute([$user_id]);
    return $stmt->fetchAll();
}

function is_logged_in() {
    return isset($_SESSION['user_id']);
}

function is_admin() {
    return isset($_SESSION['role']) && $_SESSION['role'] === 'Admin';
}

function is_super_admin() {
    return isset($_SESSION['role']) && $_SESSION['role'] === 'Super Admin';
}

function is_agent() {
    return isset($_SESSION['role']) && $_SESSION['role'] === 'Agent';
}

function update_agent_tier($user_id) {
    $db = db();
    $stmt = $db->prepare("SELECT cumulative_bookings, agent_tier FROM users WHERE id = ?");
    $stmt->execute([$user_id]);
    $user = $stmt->fetch();

    if (!$user) {
        return;
    }

    $cumulative_bookings = $user['cumulative_bookings'];
    $current_tier = $user['agent_tier'];
    $new_tier = 'Normal';

    // Tier thresholds in INR
    $tier_thresholds = [
        'Diamond' => 1000000,
        'Gold' => 500000,
        'Silver' => 100000,
        'Normal' => 0
    ];

    foreach ($tier_thresholds as $tier => $threshold) {
        if ($cumulative_bookings >= $threshold) {
            $new_tier = $tier;
            break;
        }
    }

    if ($new_tier !== $current_tier) {
        $stmt = $db->prepare("UPDATE users SET agent_tier = ? WHERE id = ?");
        $stmt->execute([$new_tier, $user_id]);
    }
}