createUUID(); $pdo = $this->linkDB(); $sql = "INSERT INTO user (`id`, `name`,`vorname`,`email`,`passwort`,`salt`,`role`) VALUES (:guid, :name, :firstname, :email, :password, :salt, :role)"; try { $sth = $pdo->prepare($sql); $sth->execute([ ":guid" => $guid, ":name" => $values["lastname"], ":firstname" => $values["name"], ":email" => $values["email"], ":password" => $hash, ":salt" => $salt, ":role" => $values["role"] ]); } catch (PDOException $e) { new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e); die; } return true; } public function getUserByEmail($email){ $pdo = $this->linkDB(); $sql = "SELECT * FROM user WHERE email = :email"; $sth = $pdo->prepare($sql); $sth->execute([":email" => $email]); return $sth->fetch(); } public function getUserById($id){ $pdo = $this->linkDB(); $sql = "SELECT * FROM user WHERE id = :id"; $sth = $pdo->prepare($sql); $sth->execute([":id" => $id]); return $sth->fetch(); } public function deleteUser($id){ $pdo = $this->linkDB(); $sql = "DELETE FROM user WHERE id = :id"; $sth = $pdo->prepare($sql); $sth->bindParam(":id", $id); $sth->execute(); } public function updateUserData($id, $values){ $pdo = $this->linkDB(); $fields = []; $params = [':id' => $id]; if(!empty($values["password"])){ $salt = bin2hex(random_bytes(16)); $hash = hash('sha256', $values["password"] . $salt); $fields["password"] = "´passwort´ = :password"; $fields["salt"] = "´salt´ = :salt"; $params[":password"] = $hash; $params[":salt"] = $salt; } foreach (['name','vorname','email'] as $col) { if (isset($values[$col])) { $fields[] = "`{$col}` = :{$col}"; $params[":{$col}"] = $values[$col]; } } $sql = "UPDATE user SET " . implode(", ", $fields) . " where id = :id"; try { $sth = $pdo->prepare($sql); $sth->execute($params); } catch (PDOException $e) { new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e); die; } } private function writeNewAddress($values) { $guid = $this->createUUID(); $sql = "INSERT INTO ort (`id`, `stadt`, `strasse`, `plz`) VALUES ( :guid, :stadt, :strasse, :plz);"; $pdo = $this->linkDB(); try { $sth = $pdo->prepare($sql); $sth->execute(array(":guid" => $guid, ":stadt" => $values["stadt"], ":strasse" => $values["strasse"], ":plz" => $values["plz"], )); return $guid; } catch (PDOException $e) { new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e); die; } } public function writeNewCourse($values, $kursleiterId) { // Bleibt übrig wenn Adresse erstellt wird aber Kurs nicht weil Error $addressId = $this->writeNewAddress($values); $guid = $this->createUUID(); $sql = "INSERT INTO kurs (`id`, `name`, `preis`, `dauer`, `rabatt`, `kategorie`, `beschreibung`, `kurseleiter`, `ort_id`) VALUES ( :guid, :name, :preis, :dauer, :rabatt, :kategorie, :beschreibung, :kurseleiter, :ort_id);"; $pdo = $this->linkDB(); try { $sth = $pdo->prepare($sql); $sth->execute(array(":guid" => $guid, ":name" => $values["name"], ":preis" => $values["preis"], ":dauer" => $values["dauer"], ":rabatt" => $values["rabatt"], ":kategorie" => $values["kategorie"], ":beschreibung" => $values["beschreibung"], ":kurseleiter" => $kursleiterId, "ort_id" => $addressId )); } catch (PDOException $e) { new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e); die; } return true; } public function getMyCourses() { $sql = "SELECT k.id, k.name, k.preis, k.dauer, k.rabatt, k.kategorie, k.beschreibung, o.stadt, o.strasse, o.plz, b.note, b.kommentar FROM kurs AS k JOIN ort AS o ON o.id = k.ort_id LEFT JOIN bewertungen AS b ON b.kurs_id = k.id ORDER BY k.name;"; $pdo = $this->linkDB(); try { $sth = $pdo->prepare($sql); $sth->execute(); return $sth->fetchAll(\PDO::FETCH_ASSOC); } catch (PDOException $e) { new \Blog\Library\ErrorMsg("Fehler beim Lesen der Daten.", $e); die; } } }