createUUID(); $pdo = $this->linkDB(); $sql = "INSERT INTO user (`id`, `name`,`vorname`,`email`,`passwort`,`salt`,`role`) VALUES (:guid, :name, :firstname, :email, :password, :salt, :role)"; try { $sth = $pdo->prepare($sql); $sth->execute([ ":guid" => $guid, ":name" => $values["lastname"], ":firstname" => $values["name"], ":email" => $values["email"], ":password" => $hash, ":salt" => $salt, ":role" => $values["role"] ]); } catch (PDOException $e) { new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e); die; } return true; } public function getUserByEmail($email){ $pdo = $this->linkDB(); $sql = "SELECT * FROM user WHERE email = :email"; $sth = $pdo->prepare($sql); $sth->execute([":email" => $email]); return $sth->fetch(); } public function getUserById($id){ $pdo = $this->linkDB(); $sql = "SELECT * FROM user WHERE id = :id"; $sth = $pdo->prepare($sql); $sth->execute([":id" => $id]); return $sth->fetch(); } public function deleteUser($id){ $pdo = $this->linkDB(); $sql = "DELETE FROM user WHERE id = :id"; $sth = $pdo->prepare($sql); $sth->bindParam(":id", $id); $sth->execute(); } public function updateUserData($id, $values){ $pdo = $this->linkDB(); $fields = []; $params = [':id' => $id]; if(!empty($values["password"])){ $salt = bin2hex(random_bytes(16)); $hash = hash('sha256', $values["password"] . $salt); $fields["password"] = "´passwort´ = :password"; $fields["salt"] = "´salt´ = :salt"; $params[":password"] = $hash; $params[":salt"] = $salt; } foreach (['name','vorname','email'] as $col) { if (isset($values[$col])) { $fields[] = "`{$col}` = :{$col}"; $params[":{$col}"] = $values[$col]; } } $sql = "UPDATE user SET " . implode(", ", $fields) . " where id = :id"; try { $sth = $pdo->prepare($sql); $sth->execute($params); } catch (PDOException $e) { new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e); die; } } }