ptut-vhost/build/database/repo/user.php

<?php

	namespace database\repo;
	use \database\core\Repo_i;

	class user extends Repo_i{


		/* (1) Return all users in database
		*
		* @return users<array>			The user list
		*								FALSE on error
		*
		---------------------------------------------------------*/
		public function getAll(){

			/* (1) Statement */
			$st = $this->pdo->query("SELECT * FROM `user` ORDER BY `username` ASC");

			/* (2) Fetched data */
			return $st->fetchAll();

		}


		/* (2) Return a user by its `id_user`
		*
		* @id_user<int>					The user UID
		*
		* @return user<array>			The user if found
		*								FALSE on error
		*
		---------------------------------------------------------*/
		public function getById(int $id_user){

			/* (1) Prepare Statement */
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `id_user` = :id_user LIMIT 1");

			/* (2) Bind variables */
			$pst->bindParam(':id_user', $id_user, \PDO::PARAM_INT);

			/* (3) Execute */
			if( !$pst->execute() ) return false; // if error -> send FALSE

			/* (4) Fetched data */
			return $pst->fetch();

		}


		/* (3) Return a user by its `mail`
		*
		* @mail<String>					The user mail address
		*
		* @return user<array>			The user if found
		*								FALSE on error
		*
		---------------------------------------------------------*/
		public function getByMail(String $mail){

			/* (1) Prepare Statement */
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `mail` = :mail LIMIT 1");

			/* (2) Bind variables */
			$pst->bindParam(':mail', $mail, \PDO::PARAM_STR, 50);

			/* (3) Execute */
			if( !$pst->execute() ) return false; // if error -> send FALSE

			/* (4) Fetched data */
			return $pst->fetch();

		}


		/* (4) Return a user by its `username`
		*
		* @username<String>				The user username
		*
		* @return user<array>			The user if found
		*								FALSE on error
		*
		---------------------------------------------------------*/
		public function getByUsername(String $username){

			/* (1) Prepare Statement */
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `username` = :username LIMIT 1");

			/* (2) Bind variables */
			$pst->bindParam(':username', $username, \PDO::PARAM_STR, 20);

			/* (3) Execute */
			if( !$pst->execute() ) return false; // if error -> send FALSE

			/* (4) Fetched data */
			return $pst->fetch();

		}


		/* (5) Return a user by its `token`
		*
		* @token<String>				The user token
		*
		* @return user<array>			The user if found
		*								FALSE on error
		*
		---------------------------------------------------------*/
		public function getByToken(String $token){

			/* (1) Prepare Statement */
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `token` is not NULL AND `token` = :token LIMIT 1");

			/* (2) Bind variables */
			$pst->bindParam(':token', $token, \PDO::PARAM_STR, 128);

			/* (3) Execute */
			if( !$pst->execute() ) return false; // if error -> send FALSE

			/* (4) Fetched data */
			return $pst->fetch();

		}


		/* (6) Check the password of a user
		*
		* @id_user<String>				The user UID
		* @password<String>				The password to test
		*
		* @return valid<bool>			Whether the password is valid or not
		*
		---------------------------------------------------------*/
		public function checkPassword(int $id_user, String $password){

			/* (1) Hash the password */
			$hash = \secure_hash($password, $id_user, 'user-pass');

			/* (2) Prepare Statement */
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `id_user` = :id_user AND `pass` = :pass LIMIT 1");

			/* (3) Bind variables */
			$pst->bindParam(':id_user', $id_user, \PDO::PARAM_INT);
			$pst->bindParam(':pass',    $hash,    \PDO::PARAM_STR, 128);

			/* (4) Execute */
			if( !$pst->execute() ) return false; // if error -> send FALSE

			/* (5) If no data -> means invalid password */
			if( !is_array($pst->fetch()) )
				return false;

			/* (6) If here -> means password is ok */
			return true;

		}


		/* (6) Set the password for a user
		*
		* @id_user<String>				The user UID
		* @password<String>				The password to set
		*
		* @return set<bool>				Whether the password has been set or not
		*
		---------------------------------------------------------*/
		public function setPassword(int $id_user, String $password){

			/* (1) Hash the password */
			$hash = \secure_hash($password, $id_user, 'user-pass');

			/* (2) Prepare Statement */
			$pst = $this->pdo->prepare("UPDATE `user` SET `pass` = :pass WHERE `id_user` = :id_user");

			/* (3) Bind variables */
			$pst->bindParam(':pass',    $hash,    \PDO::PARAM_STR, 128);
			$pst->bindParam(':id_user', $id_user, \PDO::PARAM_INT);

			/* (4) Execute -> dispatch status */
			return $pst->execute();

		}

		/* (7) Creates a new user
		*
		* @username<String>				The username (must be unique)
		* @mail<String>					The mail address (must be unique)
		* @password<String>				The password
		*
		* @return id_created<int>		UID of the created user
		* 								FALSE on error
		*
		---------------------------------------------------------*/
		public function create(String $username, String $mail, String $password){


			/* (1) Check @username + @mail are unique
			---------------------------------------------------------*/
			/* (1) If @username already exists -> abort */
			if( is_array($this->getByUsername($username)) )
				return false;

			/* (2) If @mail already exists -> abort */
			if( is_array($this->getByMail($mail)) )
				return false;


			/* (2) Create the user (without password)
			---------------------------------------------------------*/
			/* (1) Create a random token */
			$token = \secure_hash(uniqid(), 'user-token');

			/* (2) Prepare Statement */
			$pst = $this->pdo->prepare("INSERT INTO `user`(`id_user`, `username`, `mail`, `pass`, `token`) VALUES(DEFAULT, :username, :mail, NULL, :token)");

			/* (3) Bind variables */
			$pst->bindParam(':username', $username, \PDO::PARAM_STR, 20);
			$pst->bindParam(':mail',     $mail,     \PDO::PARAM_STR, 50);
			$pst->bindParam(':token',    $token,    \PDO::PARAM_STR, 128);

			/* (4) Execute -> if error return FALSE */
			if( !$pst->execute() ) return false;


			/* (2) Set the password (needed @id_user)
			---------------------------------------------------------*/
			/* (1) Get last inserted id */
			$fetch_user = $this->getByUsername($username);

			/* (2) If nothing found -> error */
			if( !is_array($fetch_user) || !isset($fetch_user['id_user']) || !is_numeric($fetch_user['id_user']) )
				return false;

			/* (3) Extract @id_user */
			$id_user = intval($fetch_user['id_user']);

			/* (4) Repo self call */
			if( !$this->setPassword($id_user, $password) )
				return false;

			/* (5) Return @id_user */
			return $id_user;

		}


	}
+commit 1 2018-02-17 17:18:58 +00:00			`<?php`

			`namespace database\repo;`
			`use \database\core\Repo_i;`

			`class user extends Repo_i{`


			`/* (1) Return all users in database`
			`*`
			`* @return users<array> The user list`
			`* FALSE on error`
			`*`
			`---------------------------------------------------------*/`
			`public function getAll(){`

			`/* (1) Statement */`
			$st = $this->pdo->query("SELECT * FROM `user` ORDER BY `username` ASC");

			`/* (2) Fetched data */`
			`return $st->fetchAll();`

			`}`


			/* (2) Return a user by its `id_user`
			`*`
			`* @id_user<int> The user UID`
			`*`
			`* @return user<array> The user if found`
			`* FALSE on error`
			`*`
			`---------------------------------------------------------*/`
			`public function getById(int $id_user){`

			`/* (1) Prepare Statement */`
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `id_user` = :id_user LIMIT 1");

			`/* (2) Bind variables */`
			`$pst->bindParam(':id_user', $id_user, \PDO::PARAM_INT);`

			`/* (3) Execute */`
			`if( !$pst->execute() ) return false; // if error -> send FALSE`

			`/* (4) Fetched data */`
			`return $pst->fetch();`

			`}`


			/* (3) Return a user by its `mail`
			`*`
			`* @mail<String> The user mail address`
			`*`
			`* @return user<array> The user if found`
			`* FALSE on error`
			`*`
			`---------------------------------------------------------*/`
			`public function getByMail(String $mail){`

			`/* (1) Prepare Statement */`
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `mail` = :mail LIMIT 1");

			`/* (2) Bind variables */`
			`$pst->bindParam(':mail', $mail, \PDO::PARAM_STR, 50);`

			`/* (3) Execute */`
			`if( !$pst->execute() ) return false; // if error -> send FALSE`

			`/* (4) Fetched data */`
			`return $pst->fetch();`

			`}`


			/* (4) Return a user by its `username`
			`*`
			`* @username<String> The user username`
			`*`
			`* @return user<array> The user if found`
			`* FALSE on error`
			`*`
			`---------------------------------------------------------*/`
			`public function getByUsername(String $username){`

			`/* (1) Prepare Statement */`
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `username` = :username LIMIT 1");

			`/* (2) Bind variables */`
			`$pst->bindParam(':username', $username, \PDO::PARAM_STR, 20);`

			`/* (3) Execute */`
			`if( !$pst->execute() ) return false; // if error -> send FALSE`

			`/* (4) Fetched data */`
			`return $pst->fetch();`

			`}`


			/* (5) Return a user by its `token`
			`*`
			`* @token<String> The user token`
			`*`
			`* @return user<array> The user if found`
			`* FALSE on error`
			`*`
			`---------------------------------------------------------*/`
			`public function getByToken(String $token){`

			`/* (1) Prepare Statement */`
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `token` is not NULL AND `token` = :token LIMIT 1");

			`/* (2) Bind variables */`
			`$pst->bindParam(':token', $token, \PDO::PARAM_STR, 128);`

			`/* (3) Execute */`
			`if( !$pst->execute() ) return false; // if error -> send FALSE`

			`/* (4) Fetched data */`
			`return $pst->fetch();`

			`}`


			`/* (6) Check the password of a user`
			`*`
			`* @id_user<String> The user UID`
			`* @password<String> The password to test`
			`*`
			`* @return valid<bool> Whether the password is valid or not`
			`*`
			`---------------------------------------------------------*/`
			`public function checkPassword(int $id_user, String $password){`

			`/* (1) Hash the password */`
			`$hash = \secure_hash($password, $id_user, 'user-pass');`

			`/* (2) Prepare Statement */`
			$pst = $this->pdo->prepare("SELECT * FROM `user` WHERE `id_user` = :id_user AND `pass` = :pass LIMIT 1");

			`/* (3) Bind variables */`
			`$pst->bindParam(':id_user', $id_user, \PDO::PARAM_INT);`
			`$pst->bindParam(':pass', $hash, \PDO::PARAM_STR, 128);`

			`/* (4) Execute */`
			`if( !$pst->execute() ) return false; // if error -> send FALSE`

			`/* (5) If no data -> means invalid password */`
			`if( !is_array($pst->fetch()) )`
			`return false;`

			`/* (6) If here -> means password is ok */`
			`return true;`

			`}`


			`/* (6) Set the password for a user`
			`*`
			`* @id_user<String> The user UID`
			`* @password<String> The password to set`
			`*`
			`* @return set<bool> Whether the password has been set or not`
			`*`
			`---------------------------------------------------------*/`
			`public function setPassword(int $id_user, String $password){`

			`/* (1) Hash the password */`
			`$hash = \secure_hash($password, $id_user, 'user-pass');`

			`/* (2) Prepare Statement */`
			$pst = $this->pdo->prepare("UPDATE `user` SET `pass` = :pass WHERE `id_user` = :id_user");

			`/* (3) Bind variables */`
			`$pst->bindParam(':pass', $hash, \PDO::PARAM_STR, 128);`
			`$pst->bindParam(':id_user', $id_user, \PDO::PARAM_INT);`

			`/* (4) Execute -> dispatch status */`
			`return $pst->execute();`

			`}`

			`/* (7) Creates a new user`
			`*`
			`* @username<String> The username (must be unique)`
			`* @mail<String> The mail address (must be unique)`
			`* @password<String> The password`
			`*`
			`* @return id_created<int> UID of the created user`
			`* FALSE on error`
			`*`
			`---------------------------------------------------------*/`
			`public function create(String $username, String $mail, String $password){`


			`/* (1) Check @username + @mail are unique`
			`---------------------------------------------------------*/`
			`/* (1) If @username already exists -> abort */`
			`if( is_array($this->getByUsername($username)) )`
			`return false;`

			`/* (2) If @mail already exists -> abort */`
			`if( is_array($this->getByMail($mail)) )`
			`return false;`



			`/* (2) Create the user (without password)`
			`---------------------------------------------------------*/`
			`/* (1) Create a random token */`
			`$token = \secure_hash(uniqid(), 'user-token');`

			`/* (2) Prepare Statement */`
			$pst = $this->pdo->prepare("INSERT INTO `user`(`id_user`, `username`, `mail`, `pass`, `token`) VALUES(DEFAULT, :username, :mail, NULL, :token)");

			`/* (3) Bind variables */`
			`$pst->bindParam(':username', $username, \PDO::PARAM_STR, 20);`
			`$pst->bindParam(':mail', $mail, \PDO::PARAM_STR, 50);`
			`$pst->bindParam(':token', $token, \PDO::PARAM_STR, 128);`

			`/* (4) Execute -> if error return FALSE */`
			`if( !$pst->execute() ) return false;`


			`/* (2) Set the password (needed @id_user)`
			`---------------------------------------------------------*/`
			`/* (1) Get last inserted id */`
			`$fetch_user = $this->getByUsername($username);`

			`/* (2) If nothing found -> error */`
			`if( !is_array($fetch_user) \|\| !isset($fetch_user['id_user']) \|\| !is_numeric($fetch_user['id_user']) )`
			`return false;`

			`/* (3) Extract @id_user */`
			`$id_user = intval($fetch_user['id_user']);`

			`/* (4) Repo self call */`
			`if( !$this->setPassword($id_user, $password) )`
			`return false;`

			`/* (5) Return @id_user */`
			`return $id_user;`

			`}`




			`}`