Kilian/PHP-Course
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
PHP-Course/exam/classes/Models/User/User.php
Kilian Hofmann b3c5841e36 Image now a file
2024-07-21 18:28:19 +02:00

221 lines
5.9 KiB
PHP
Raw Blame History

<?php
namespace Khofmann\Models\User;
use Exception;
use PDO;
use Khofmann\Database\Database;
use Config\Config;
use JsonSerializable;
class User implements JsonSerializable
{
private int $id;
private string $username;
private int $status;
private string $email;
private ?string $image;
private bool $isAdmin;
protected function __construct(int $id, string $username, int $status, string $email, string $image = null, bool $isAdmin = false)
{
$this->id = $id;
$this->username = $username;
$this->status = $status;
$this->email = $email;
$this->image = $image;
$this->isAdmin = $isAdmin;
}
/*
* Statics
*/
public static function getByID(int $id): User
{
$db = Database::getInstance();
$stmt = $db->prepare(
"SELECT benutzer, status, email, image, isadmin FROM egb_benutzer WHERE id = :ID"
);
$stmt->bindValue(":ID", $id);
$stmt->execute();
$data = $stmt->fetch();
if (!$data) throw new Exception("NotFound");
return new User($id, $data["benutzer"], $data["status"], $data["email"], $data["image"], $data["isadmin"] === 1);
}
public static function getByEmail(string $email): User
{
$db = Database::getInstance();
$stmt = $db->prepare(
"SELECT id, benutzer, status, image, isadmin FROM egb_benutzer WHERE email = :EMAIL"
);
$stmt->bindValue(":EMAIL", $email);
$stmt->execute();
$data = $stmt->fetch();
if (!$data) throw new Exception("NotFound");
return new User($data["id"], $data["benutzer"], $data["status"], $email, $data["image"], $data["isadmin"] === 1);
}
public static function getByToken(string $token): User
{
$db = Database::getInstance();
$stmt = $db->prepare(
"SELECT id, benutzer, status, email, image, isadmin FROM egb_benutzer WHERE token = :TOKEN"
);
$stmt->bindValue(":TOKEN", $token);
$stmt->execute();
$data = $stmt->fetch();
if (!$data) throw new Exception("NotFound");
return new User($data["id"], $data["benutzer"], $data["status"], $data["email"], $data["image"], $data["isadmin"] === 1);
}
public static function logIn(string $email, string $password): array
{
$db = Database::getInstance();
// Get user data
$stmt = $db->prepare("SELECT * FROM egb_benutzer WHERE email LIKE :EMAIL AND status = 1");
$stmt->bindValue(":EMAIL", $email);
$stmt->execute();
$data = $stmt->fetch();
if ($data) {
$user = new User($data["id"], $data["benutzer"], $data["status"], $email, $data["image"], $data["isadmin"] === 1);
if (password_verify($password, $data["passwort"])) {
// REHASH for safety should it somehow change
if (password_needs_rehash($data["passwort"], PASSWORD_DEFAULT)) {
$newHash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $db->prepare("UPDATE egb_benutzer SET passwort = :PAS WHERE id = :ID");
$stmt->bindValue(":PAS", $newHash);
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
}
// Generate token
$stmt = $db->prepare("UPDATE egb_benutzer SET token = UUID() WHERE id = :ID");
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
// Get token
$stmt = $db->prepare("SELECT token FROM egb_benutzer WHERE id = :ID");
$stmt->bindValue(":ID", $user->getID());
$stmt->execute();
$token = $stmt->fetch(PDO::FETCH_COLUMN, 0);
// Return user and token
if ($token) {
return ["user" => $user, "token" => $token];
}
// Token generation failed
throw new Exception("Failed");
} else {
// PW wrong
throw new Exception("Invalid");
}
} else {
// User does not exist
throw new Exception("NotFound");
}
}
/*
* Members
*/
public function logOut(): bool
{
$db = Database::getInstance();
$stmt = $db->prepare("UPDATE egb_benutzer SET token = NULL WHERE id = :ID");
$stmt->bindValue(":ID", $this->id);
return $stmt->execute();
}
public function update(?string $username, ?string $password, $image = null)
{
$db = Database::getInstance();
$error = false;
if (!empty($username)) {
$stmt = $db->prepare("UPDATE egb_benutzer SET benutzer = :USR WHERE id = :ID");
$stmt->bindValue(":USR", $username);
$stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute();
}
if ($error) throw new Exception("FailedUsername");
if (!empty($password)) {
$stmt = $db->prepare("UPDATE egb_benutzer SET passwort = :PAS WHERE id = :ID");
$stmt->bindValue(":PAS", password_hash($password, PASSWORD_DEFAULT));
$stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute();
}
if ($error) throw new Exception("FailedPassword");
if (!empty($image)) {
$destinationFilename = sprintf('%s.%s', uniqid(), $image->getExtension());
$image->move(Config::getBaseFSPath() . "uploads/profilbilder/$destinationFilename");
$stmt = $db->prepare("UPDATE egb_benutzer SET image = :IMG WHERE id = :ID");
$stmt->bindValue(":IMG", $destinationFilename);
$stmt->bindValue(":ID", $this->id);
$error = !$stmt->execute();
}
if ($error) throw new Exception("FailedImage");
return true;
}
/*
* Getters
*/
public function getID(): int
{
return $this->id;
}
public function getUsername(): string
{
return $this->username;
}
public function getStatus(): int
{
return $this->status;
}
public function getEmail(): string
{
return $this->email;
}
public function getImage(): ?string
{
return $this->image;
}
public function getIsAdmin(): bool
{
return $this->isAdmin;
}
/*
* JSON
*/
public function jsonSerialize(): array
{
return [
'id' => $this->getId(),
'username' => $this->getUsername(),
'status' => $this->getStatus(),
'email' => $this->getEmail(),
'image' => $this->getImage(),
'isAdmin' => $this->getIsAdmin()
];
}
}
Reference in New Issue View Git Blame Copy Permalink