1 files changed, 59 insertions, 0 deletions

diff --git a/includes/model/User.php b/includes/model/User.php
new file mode 100644
index 0000000..1c48afb
--- /dev/null
+++ b/includes/model/User.php
@@ -0,0 +1,59 @@
+<?php
+
+const USER_LEVEL_MODERATOR = 1;
+
+class User {
+	public $id;
+	public $name = 'Unknown';
+	public $date = 0;
+	public $level = 0;
+
+	function get_by_name($name, $dbc) {
+		$sql = "SELECT user_id, user_date, user_level FROM users WHERE user_name = ?";
+		$stmt = mysqli_stmt_init($dbc);
+
+		if (!mysqli_stmt_prepare($stmt, $sql)) {
+			echo 'Failed to get user: ' . mysqli_error($dbc);
+		}
+
+		mysqli_stmt_bind_param($stmt, "s", $name);
+		mysqli_stmt_execute($stmt);
+
+		$result = mysqli_stmt_get_result($stmt);
+
+		if (mysqli_num_rows($result) == 0) {
+		} else {
+			while ($row = mysqli_fetch_assoc($result)) {
+				$this->id = $row['user_id'];
+				$this->name = $name;
+				$this->date = $row['user_date'];
+				$this->level = $row['user_level'];
+			}
+		}
+
+		mysqli_free_result($result);
+		mysqli_stmt_close($stmt);
+	}
+
+	function get_by_id($id, $dbc) {
+		$sql = "SELECT user_name, user_date, user_level FROM users WHERE user_id = " . mysqli_real_escape_string($dbc, $id);
+		$result = mysqli_query($dbc, $sql);
+	
+		if (!$result) {
+			echo 'Failed to get user: ' . mysqli_error($dbc);
+		}
+	
+		if (mysqli_num_rows($result) == 0) {
+		} else {
+			while ($row = mysqli_fetch_assoc($result)) {
+				$this->id = $id;
+				$this->name = $row['user_name'];
+				$this->date = $row['user_date'];
+				$this->level = $row['user_level'];
+			}
+		}
+	
+		mysqli_free_result($result);
+	}
+
+}
\ No newline at end of file