1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
|
<?php
include_once './includes/Database.php';
const USER_LEVEL_MODERATOR = 'moderator';
function generate_invite_code(): string
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$result = '';
for ($i = 0; $i < 8; $i++) {
$result .= $characters[rand(0, strlen($characters) - 1)];
}
return $result;
}
class User
{
public $id;
public $name;
public $password;
public $date_registered;
public $level = 'user';
public $invite_code;
public $generation;
private $has_value = false;
// Can't use a constructor here because we have two possible ways to get the user from the database
// and PHP does not allow function overloading.
public function get_by_id($id)
{
$sql = "SELECT user_name, user_password, user_date_registered, user_level, user_invite_code, user_generation FROM users WHERE user_id = ?;";
$result = Database::get()->query($sql, "i", $id);
if (empty($result)) {
return;
}
$this->id = $id;
$this->name = $result[0]['user_name'];
$this->password = $result[0]['user_password'];
$this->date_registered = $result[0]['user_date_registered'];
$this->level = $result[0]['user_level'];
$this->invite_code = $result[0]['user_invite_code'];
$this->generation = $result[0]['user_generation'];
$this->has_value = true;
}
// TODO: Duplicated code, there should be a common database read function for all models
public function get_by_name($name)
{
$sql = "SELECT user_id, user_password, user_date_registered, user_level, user_invite_code, user_generation FROM users WHERE user_name = ?;";
$result = Database::get()->query($sql, "s", $name);
if (empty($result)) {
return;
}
$this->id = $result[0]['user_id'];
$this->name = $name;
$this->password = $result[0]['user_password'];
$this->date_registered = $result[0]['user_date_registered'];
$this->level = $result[0]['user_level'];
$this->invite_code = $result[0]['user_invite_code'];
$this->generation = $result[0]['user_generation'];
$this->has_value = true;
}
public function get_by_invite_code($invite_code)
{
$sql = "SELECT user_id, user_name, user_password, user_date_registered, user_level, user_generation FROM users WHERE user_invite_code = ?;";
$result = Database::get()->query($sql, "s", $invite_code);
if (empty($result)) {
return;
}
$this->id = $result[0]['user_id'];
$this->name = $result[0]['user_name'];
$this->password = $result[0]['user_password'];
$this->date_registered = $result[0]['user_date_registered'];
$this->level = $result[0]['user_level'];
$this->invite_code = $invite_code;
$this->generation = $result[0]['user_generation'];
$this->has_value = true;
}
public function has_value(): bool
{
return $this->has_value;
}
public static function register(string $username, string $password, int $generation)
{
$sql = "INSERT INTO users(user_name, user_password, user_date_registered, user_invite_code, user_generation) VALUES(?, ?, NOW(), ?, ?);";
$pass_hash = password_hash($password, PASSWORD_DEFAULT);
$invite_code = generate_invite_code();
Database::get()->query($sql, "sssi", $username, $pass_hash, $invite_code, $generation);
}
public function update_invite_code()
{
$sql = "UPDATE users SET user_invite_code = ? WHERE user_id = ?";
Database::get()->query($sql, "si", generate_invite_code(), $this->id);
}
public function change_password(string $pass_hash)
{
if (!Session::get()->is_signed_in()) {
trigger_error('You are not signed in.');
return;
}
if (Session::get()->get_current_user()->id != $this->id) {
trigger_error("You can't change another user's password.");
return;
}
$sql = "UPDATE users SET user_password = ? WHERE user_id = ?;";
Database::get()->query($sql, "si", $pass_hash, $this->id);
}
public function get_threads(): array
{
$sql = "SELECT thread_id FROM threads WHERE thread_author = ? ORDER BY thread_last_post_date DESC";
$result = Database::get()->query($sql, "i", $this->id);
$threads = array();
foreach ($result as $row) {
$thread = new Thread($row['thread_id']);
if ($thread->has_value())
array_push($threads, $thread);
}
return $threads;
}
public static function username_exists(string $username): bool
{
$sql = "SELECT * FROM users WHERE user_name = ?;";
$result = Database::get()->query($sql, "s", $username);
return !empty($result);
}
public static function invite_code_exists($invite_code): bool
{
$sql = "SELECT * FROM users WHERE user_invite_code = ?;";
$result = Database::get()->query($sql, "s", $invite_code);
return !empty($result);
}
}
|
