PBBFA23AHR/kurs-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
kurs-app/Model/UserModel.php

177 lines
5.4 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
namespace Blog\Model;
use Blog\Model\Database;
use PDOException;
use Random\RandomException;
class UserModel extends Database
{
/**
* @throws RandomException
*/
public function createUser($values){
$salt = bin2hex(random_bytes(16));
$hash = hash('sha256', $values["password"] . $salt);
$guid = $this->createUUID();
$pdo = $this->linkDB();
$sql = "INSERT INTO user (`id`, `name`,`vorname`,`email`,`passwort`,`salt`,`role`)
VALUES (:guid, :name, :firstname, :email, :password, :salt, :role)";
try {
$sth = $pdo->prepare($sql);
$sth->execute([
":guid" => $guid,
":name" => $values["lastname"],
":firstname" => $values["name"],
":email" => $values["email"],
":password" => $hash,
":salt" => $salt,
":role" => $values["role"]
]);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
return true;
}
public function getUserByEmail($email){
$pdo = $this->linkDB();
$sql = "SELECT * FROM user WHERE email = :email";
$sth = $pdo->prepare($sql);
$sth->execute([":email" => $email]);
return $sth->fetch();
}
public function getUserById($id){
$pdo = $this->linkDB();
$sql = "SELECT * FROM user WHERE id = :id";
$sth = $pdo->prepare($sql);
$sth->execute([":id" => $id]);
return $sth->fetch();
}
public function deleteUser($id){
$pdo = $this->linkDB();
$sql = "DELETE FROM user WHERE id = :id";
$sth = $pdo->prepare($sql);
$sth->bindParam(":id", $id);
$sth->execute();
}
public function updateUserData($id, $values){
$pdo = $this->linkDB();
$fields = [];
$params = [':id' => $id];
if(!empty($values["password"])){
$salt = bin2hex(random_bytes(16));
$hash = hash('sha256', $values["password"] . $salt);
$fields["password"] = "´passwort´ = :password";
$fields["salt"] = "´salt´ = :salt";
$params[":password"] = $hash;
$params[":salt"] = $salt;
}
foreach (['name','vorname','email'] as $col) {
if (isset($values[$col])) {
$fields[] = "`{$col}` = :{$col}";
$params[":{$col}"] = $values[$col];
}
}
$sql = "UPDATE user
SET " . implode(", ", $fields) . "
where id = :id";
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die;
}
}
private function writeNewAddress($values) {
$guid = $this->createUUID();
$sql = "INSERT INTO ort (`id`, `stadt`, `strasse`, `plz`) VALUES (
:guid, :stadt, :strasse, :plz);";
$pdo = $this->linkDB();
try {
$sth = $pdo->prepare($sql);
$sth->execute(array(":guid" => $guid,
":stadt" => $values["stadt"],
":strasse" => $values["strasse"],
":plz" => $values["plz"],
));
return $guid;
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
}
public function writeNewCourse($values, $kursleiterId)
{
// Bleibt übrig wenn Adresse erstellt wird aber Kurs nicht weil Error
$addressId = $this->writeNewAddress($values);
$guid = $this->createUUID();
$sql = "INSERT INTO kurs (`id`, `name`, `preis`, `dauer`, `rabatt`, `kategorie`, `beschreibung`, `kurseleiter`, `ort_id`) VALUES (
:guid, :name, :preis, :dauer, :rabatt, :kategorie, :beschreibung, :kurseleiter, :ort_id);";
$pdo = $this->linkDB();
try {
$sth = $pdo->prepare($sql);
$sth->execute(array(":guid" => $guid,
":name" => $values["name"],
":preis" => $values["preis"],
":dauer" => $values["dauer"],
":rabatt" => $values["rabatt"],
":kategorie" => $values["kategorie"],
":beschreibung" => $values["beschreibung"],
":kurseleiter" => $kursleiterId,
"ort_id" => $addressId
));
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
die;
}
return true;
}
public function getMyCourses() {
$sql = "SELECT k.id, k.name, k.preis, k.dauer, k.rabatt, k.kategorie, k.beschreibung, o.stadt, o.strasse, o.plz, b.note, b.kommentar
FROM kurs AS k
JOIN ort AS o ON o.id = k.ort_id
LEFT JOIN bewertungen AS b ON b.kurs_id = k.id
ORDER BY k.name;";
$pdo = $this->linkDB();
try {
$sth = $pdo->prepare($sql);
$sth->execute();
return $sth->fetchAll(\PDO::FETCH_ASSOC);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Lesen der Daten.", $e);
die;
}
}
}
Reference in New Issue View Git Blame Copy Permalink