User.php (5880B) download
1<?php
2
3namespace Model {
4 class User extends \Lollipop\DatabaseObject
5 {
6 public static function get_table(): string
7 {
8 return "user";
9 }
10
11 public static function get_primary(): string
12 {
13 return "email";
14 }
15
16 public static function get_password_field(): string
17 {
18 return "password";
19 }
20 public static function get_schema(): string
21 {
22 return "panda";
23 }
24
25 public function login_fields(): string
26 {
27 $html = "";
28 $html .= '<input type="text" name="' . $this->get_primary(). '" placeholder="' . $this->get_primary() . '">';
29 $html .= '<input type="password" name="' . $this->get_password_field() . '" placeholder="password">';
30 return $html;
31 }
32
33 public function all_fields(array $res = []): string
34 {
35 $html = "";
36 foreach($this->column_names as $field) {
37 if($field == $this->get_password_field()) {
38 $html .= '<input type="password" name="' . $field . '" placeholder="' . $field . '">';
39 } else {
40 $html .= '<input type="text" name="' . $field . '" placeholder="' . $field . '">';
41 }
42 $miss_key = 'missing_'.$field;
43 if(array_key_exists($miss_key, $res)) {
44 $html .= '<div class="form-response"><p style="color:red;"> Field: '. $field . ' cannot be empty</p></div>';
45 }
46 }
47 return $html;
48 }
49
50 public function login(): array
51 {
52 if([$this->get_primary() != "" && !$this->get_password_field() == ""]) {
53 return $this->authenticate();
54 } else {
55 return ["response" => ""];
56 }
57 }
58 public function authenticate(): array
59 //this function return true when user is autheticated uses set_globals to set $_SESSION variables
60 {
61 //check if the email exists in db
62 if(!$this->load($_POST[$this->get_primary()])) {
63 //email does not exist
64 return ["response" => "{$this->get_primary()}: {$_POST[$this->get_primary()]} does not exists in db"];
65 } else {
66 if(password_verify($_POST[$this->get_password_field()], $this->{$this->get_password_field()})) {
67 //authenticated -> set $_SESSION variables
68 $this->set_globals();
69 return [];
70 } else {
71 //password did not match
72 return ["response" => "incorrect password"];
73 }
74 }
75 }
76
77 private function set_globals()
78 //this function sets Session variables
79 {
80 $user_permissions = [];
81 //foreach field in database which is not password add to session
82 foreach($this->getData() as $key => $data) {
83 if($key != $this->get_password_field()) {
84 $_SESSION[$key] = $data;
85 }
86 }
87 //get permissions form db and set sessions_permissions
88 $p = $this->db->all_where(PermissionUser::class, [$this->get_primary() => $this->{$this->get_primary()}]);
89 foreach($p as $permission) {
90 $user_permissions[] = $permission->id;
91 }
92 $_SESSION['user_permissions'] = $user_permissions;
93 }
94
95 public function add_user(): array
96 {
97 $missing_fields = \Lollipop\Utils::missing_fields($this->notNullable());
98
99 if(sizeof($missing_fields) == 0) {
100 return $this->add_data_db();
101 } else {
102 return $missing_fields;
103 }
104 }
105
106 private function add_data_db(): array
107 {
108 $user_credentials = [];
109 $response["success"] = false;
110 if($this->load($_POST[$this->get_primary()])) {
111 $response["response"] = "<p style=\"color:red;\">this email address is already taken: {$_POST[$this->get_primary()]} </p>";
112 return $response;
113 } else {
114 if($_POST[$this->get_password_field()]) {
115 $_POST[$this->get_password_field()] = password_hash($_POST[$this->get_password_field()], PASSWORD_DEFAULT);
116 }
117 foreach($this->get_col_names_no_ai() as $col) {
118 if($_POST[$col] != "") {
119 $this->$col = $_POST[$col];
120 $user_credentials[$col] = $_POST[$col];
121 }
122 }
123 if($this->add()) {
124 $response["response"] = "<p style=\"color:green;\">succes</p>";
125 $response += $user_credentials;
126 $response["success"] = true;
127 return $response;
128 } else {
129 $response["response"] = "<p style=\"color:red;\">could not add user to database</p>";
130 return $response;
131 }
132 }
133 }
134 public function update_user(): bool
135 {
136 $missing_fields = \Lollipop\Utils::missing_fields_sans_pw($this->notNullable());
137 if(sizeof($missing_fields) == 0) {
138 foreach($_POST as $key => $post) {
139 if(in_array($key, $this->get_column_names())) {
140 if($key == $this->get_password_field()) {
141 $this->{$key} = password_hash($_POST[$key], PASSWORD_DEFAULT);
142 } else {
143 $this->{$key} = $post;
144 }
145 }
146 }
147 return $this->save();
148 }
149 return false;
150 }
151 }
152}