105 lines
2.9 KiB
PHP
105 lines
2.9 KiB
PHP
<?php
|
||
|
||
namespace Blog\Model;
|
||
|
||
use Blog\Model\Database;
|
||
use PDOException;
|
||
use Random\RandomException;
|
||
|
||
class UserModel extends Database
|
||
{
|
||
/**
|
||
* @throws RandomException
|
||
*/
|
||
public function createUser($values){
|
||
|
||
$salt = bin2hex(random_bytes(16));
|
||
|
||
$hash = hash('sha256', $values["password"] . $salt);
|
||
|
||
$guid = $this->createUUID();
|
||
|
||
$pdo = $this->linkDB();
|
||
|
||
$sql = "INSERT INTO user (`id`, `name`,`vorname`,`email`,`passwort`,`salt`,`role`)
|
||
VALUES (:guid, :name, :firstname, :email, :password, :salt, :role)";
|
||
|
||
try {
|
||
$sth = $pdo->prepare($sql);
|
||
$sth->execute([
|
||
":guid" => $guid,
|
||
":name" => $values["lastname"],
|
||
":firstname" => $values["name"],
|
||
":email" => $values["email"],
|
||
":password" => $hash,
|
||
":salt" => $salt,
|
||
":role" => $values["role"]
|
||
]);
|
||
} catch (PDOException $e) {
|
||
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
|
||
die;
|
||
}
|
||
|
||
return true;
|
||
}
|
||
|
||
public function getUserByEmail($email){
|
||
$pdo = $this->linkDB();
|
||
$sql = "SELECT * FROM user WHERE email = :email";
|
||
$sth = $pdo->prepare($sql);
|
||
$sth->execute([":email" => $email]);
|
||
return $sth->fetch();
|
||
}
|
||
|
||
public function getUserById($id){
|
||
$pdo = $this->linkDB();
|
||
$sql = "SELECT * FROM user WHERE id = :id";
|
||
$sth = $pdo->prepare($sql);
|
||
$sth->execute([":id" => $id]);
|
||
return $sth->fetch();
|
||
}
|
||
|
||
public function deleteUser($id){
|
||
$pdo = $this->linkDB();
|
||
$sql = "DELETE FROM user WHERE id = :id";
|
||
$sth = $pdo->prepare($sql);
|
||
$sth->bindParam(":id", $id);
|
||
$sth->execute();
|
||
}
|
||
|
||
public function updateUserData($id, $values){
|
||
$pdo = $this->linkDB();
|
||
$fields = [];
|
||
$params = [':id' => $id];
|
||
|
||
if(!empty($values["password"])){
|
||
$salt = bin2hex(random_bytes(16));
|
||
$hash = hash('sha256', $values["password"] . $salt);
|
||
$fields["password"] = "´passwort´ = :password";
|
||
$fields["salt"] = "´salt´ = :salt";
|
||
$params[":password"] = $hash;
|
||
$params[":salt"] = $salt;
|
||
}
|
||
|
||
foreach (['name','vorname','email'] as $col) {
|
||
if (isset($values[$col])) {
|
||
$fields[] = "`{$col}` = :{$col}";
|
||
$params[":{$col}"] = $values[$col];
|
||
}
|
||
}
|
||
|
||
$sql = "UPDATE user
|
||
SET " . implode(", ", $fields) . "
|
||
where id = :id";
|
||
|
||
try {
|
||
$sth = $pdo->prepare($sql);
|
||
$sth->execute($params);
|
||
} catch (PDOException $e) {
|
||
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
|
||
die;
|
||
}
|
||
|
||
}
|
||
|
||
} |