coderkun/questlab
1
0
Fork 0
Code Issues 15 Pull requests Projects Releases Wiki Activity
questlab/models/UsersModel.inc
coderkun 0bb56c4e33 check logged Character for NULL
2014-04-14 15:35:05 +02:00

278 lines
5.6 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* The Legend of Z
*
* @author Oliver Hanraths <oliver.hanraths@uni-duesseldorf.de>
* @copyright 2014 Heinrich-Heine-Universität Düsseldorf
* @license http://www.gnu.org/licenses/gpl.html
* @link https://bitbucket.org/coderkun/the-legend-of-z
*/
namespace hhu\z\models;
/**
* Model of the UsersAgent to list users and get their data.
*
* @author Oliver Hanraths <oliver.hanraths@uni-duesseldorf.de>
*/
class UsersModel extends \hhu\z\Model
{
/**
* Construct a new UsersModel.
*/
public function __construct()
{
parent::__construct();
}
/**
* Get registered users.
*
* @return array Users
*/
public function getUsers()
{
return $this->db->query(
'SELECT id, created, username, url, surname, prename, email '.
'FROM users '.
'ORDER BY username ASC'
);
}
/**
* Get a user and its data by its ID.
*
* @throws IdNotFoundException
* @param int $userId ID of an user
* @return array Userdata
*/
public function getUserById($userId)
{
// Get user
$user = $this->db->query(
'SELECT id, created, username, url, surname, prename, email '.
'FROM users '.
'WHERE id = ?',
'i',
$userId
);
if(empty($user)) {
throw new \nre\exceptions\IdNotFoundException($userId);
}
return $user[0];
}
/**
* Get a user and its data by its URL-username.
*
* @throws IdNotFoundException
* @param string $userUrl URL-Username of an user
* @return array Userdata
*/
public function getUserByUrl($userUrl)
{
// Get user
$user = $this->db->query(
'SELECT id, created, username, url, surname, prename, email '.
'FROM users '.
'WHERE url = ?',
's',
$userUrl
);
if(empty($user)) {
throw new \nre\exceptions\IdNotFoundException($userUrl);
}
return $user[0];
}
/**
* Log a user in if its credentials are valid.
*
* @throws DatamodelException
* @param string $username The name of the user to log in
* @param string $password Plaintext password of the user to log in
*/
public function login($username, $password)
{
$data = $this->db->query('SELECT id, password FROM users WHERE username = ?', 's', $username);
if(!empty($data))
{
$data = $data[0];
if($this->verify($password, $data['password'])) {
return $data['id'];
}
}
return null;
}
/**
* Create a new user.
*
* @param string $username Username of the user to create
* @param string $email EMail-Address of the user to create
* @param string $password Password of the user to create
* @return int ID of the newly created user
*/
public function createUser($username, $prename, $surname, $email, $password)
{
$userId = null;
$this->db->setAutocommit(false);
try {
// Create user
$this->db->query(
'INSERT INTO users '.
'(username, url, surname, prename, email, password) '.
'VALUES '.
'(?, ?, ?, ?, ?, ?)',
'ssssss',
$username,
\nre\core\Linker::createLinkParam($username),
$surname,
$prename,
$email,
$this->hash($password)
);
$userId = $this->db->getInsertId();
// Add role “user”
$this->db->query(
'INSERT INTO users_userroles '.
'(user_id, userrole_id) '.
'SELECT ?, userroles.id '.
'FROM userroles '.
'WHERE userroles.name = ?',
'is',
$userId,
'user'
);
}
catch(Exception $e) {
$this->db->rollback();
$this->db->setAutocommit(true);
throw $e;
}
$this->db->setAutocommit(true);
return $userId;
}
/**
* Edit a user.
*
* @throws DatamodelException
* @param int $userId ID of the user to delete
* @param string $username New name of user
* @param string $email Changed email-address of user
* @param string $password Changed plaintext password of user
*/
public function editUser($userId, $username, $prename, $surname, $email, $password)
{
$this->db->setAutocommit(false);
try {
// Update user data
$this->db->query(
'UPDATE users '.
'SET username = ?, url = ?, prename = ?, surname = ?, email = ? '.
'WHERE id = ?',
'sssssi',
$username,
\nre\core\Linker::createLinkParam($username),
$prename,
$surname,
$email,
$userId
);
// Set new password
if(!empty($password))
{
$this->db->query(
'UPDATE users '.
'SET password = ? '.
'WHERE id = ?',
'si',
$this->hash($password),
$userId
);
}
}
catch(Exception $e) {
$this->db->rollback();
$this->db->setAutocommit(true);
throw $e;
}
$this->db->setAutocommit(true);
}
/**
* Delete a user.
*
* @param int $userId ID of the user to delete
*/
public function deleteUser($userId)
{
$this->db->query('DELETE FROM users WHERE id = ?', 'i', $userId);
}
/**
* Hash a password.
*
* @param string $password Plaintext password
* @return string Hashed password
*/
public function hash($password)
{
if(!function_exists('password_hash')) {
\hhu\z\lib\Password::load();
}
return password_hash($password, PASSWORD_DEFAULT);
}
/**
* Verify a password.
*
* @param string $password Plaintext password to verify
* @param string $hash Hashed password to match with
* @return boolean Verified
*/
private function verify($password, $hash)
{
if(!function_exists('password_verify')) {
\hhu\z\lib\Password::load();
}
return password_verify($password, $hash);
}
}
?>
Reference in a new issue View git blame Copy permalink