2016-04-12 12:27:54 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace manager\repo;
|
|
|
|
|
use \manager\Database;
|
2016-04-14 12:59:21 +00:00
|
|
|
use \manager\sessionManager;
|
2016-04-12 12:27:54 +00:00
|
|
|
|
2016-04-14 10:45:54 +00:00
|
|
|
class user{
|
2016-04-12 12:27:54 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/* VERIFICATION DU LOGIN/PASSWORD D'UN UTILISATEUR
|
|
|
|
|
*
|
|
|
|
|
* @login<String> Username ou Adresse mail de l'utilisateur
|
|
|
|
|
* @password<String> Password de l'utilisateur
|
|
|
|
|
*
|
|
|
|
|
* @return id_user<int> Retourne l'id de l'utilisateur si ses credentials sont bons
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
public static function login($login, $password){
|
|
|
|
|
/* [0] Gestion des INPUT
|
|
|
|
|
=========================================================*/
|
2016-04-17 10:34:24 +00:00
|
|
|
$checker = Database::check('varchar(3,50)', $login);
|
2016-04-12 12:27:54 +00:00
|
|
|
$checker = $checker && Database::check('text', $password);
|
|
|
|
|
|
|
|
|
|
// Si les parametres sont incorrects, on retourne une erreur
|
|
|
|
|
if( !$checker ) return false;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* [1] On verifie son login/password dans la BDD
|
|
|
|
|
=========================================================*/
|
2016-04-12 14:30:14 +00:00
|
|
|
$check = Database::getPDO()->prepare("SELECT id_user, login, permission
|
2016-04-12 12:27:54 +00:00
|
|
|
FROM users
|
|
|
|
|
WHERE ( login = :username OR mail = :mail ) AND password = :password");
|
|
|
|
|
$check->execute(array(
|
|
|
|
|
':username' => $login,
|
|
|
|
|
':mail' => $login,
|
2016-04-14 12:59:21 +00:00
|
|
|
':password' => sessionManager::sha1($password)
|
2016-04-12 12:27:54 +00:00
|
|
|
));
|
|
|
|
|
$result = $check->fetch();
|
|
|
|
|
|
|
|
|
|
/* [2] Gestion du retour
|
|
|
|
|
=========================================================*/
|
|
|
|
|
// Si on a rien trouve, on retourne une erreur
|
|
|
|
|
if( $result === false ) return false;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// On retourne le resultat
|
2016-04-14 10:45:54 +00:00
|
|
|
return Database::delNumeric( $result );
|
2016-04-12 12:27:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2016-04-14 10:45:54 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* RETOURNE LES DONNEES D'UN UTILISATEUR D'ID DONNE
|
|
|
|
|
*
|
|
|
|
|
* @id_user<int> UID de l'utilisateur en question
|
|
|
|
|
*
|
|
|
|
|
* @return user<Array> Tableau contenant les donnees de l'utilisateur s'il existe sinon retourne FALSE
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
public static function getById($id_user){
|
|
|
|
|
/* [1] On effectue la requete
|
|
|
|
|
=========================================================*/
|
|
|
|
|
$getUser = Database::getPDO()->prepare("SELECT id_user, login, mail, permission
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE id_user = :id_user");
|
|
|
|
|
$getUser->execute(array( ':id_user' => $id_user ));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* [2] On recupere le resultat de la requete
|
|
|
|
|
=========================================================*/
|
|
|
|
|
$userData = $getUser->fetch();
|
|
|
|
|
|
|
|
|
|
// Si l'utilisateur n'existe pas, on retourne FALSE
|
|
|
|
|
if( $userData === false ) return false;
|
|
|
|
|
|
|
|
|
|
/* [3] Gestion du retour
|
|
|
|
|
=========================================================*/
|
2016-04-14 12:59:21 +00:00
|
|
|
return Database::delNumeric( $userData, true );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* RETOURNE LES DONNEES DE TOUS LES UTILISATEURS
|
|
|
|
|
*
|
|
|
|
|
* @return users<Array> Tableau contenant les donnees des utilisateurs, retourne FALSE si erreur
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
public static function getAll(){
|
|
|
|
|
/* [1] On effectue la requete
|
|
|
|
|
=========================================================*/
|
|
|
|
|
$getUsers = Database::getPDO()->query("SELECT id_user, login, mail, permission
|
|
|
|
|
FROM users
|
|
|
|
|
ORDER BY login ASC");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* [2] On recupere le resultat de la requete
|
|
|
|
|
=========================================================*/
|
|
|
|
|
$usersData = $getUsers->fetchAll();
|
|
|
|
|
|
|
|
|
|
// Si l'utilisateur n'existe pas, on retourne FALSE
|
|
|
|
|
if( $usersData === false ) return false;
|
|
|
|
|
|
|
|
|
|
/* [3] Gestion du retour
|
|
|
|
|
=========================================================*/
|
|
|
|
|
return Database::delNumeric( $usersData );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* CREE UN UTILISATEUR
|
|
|
|
|
*
|
|
|
|
|
* @login<String> Login (identifiant) de l'utilisateur
|
|
|
|
|
* @password<String> Password de l'utilisateur
|
|
|
|
|
* @mail<String> Adresse mail de l'utilisateur
|
|
|
|
|
* @reference<int> Reference vers une Personne (sinon NULL)
|
|
|
|
|
* @permissions<Array> Liste des permissions de l'utilisateur
|
|
|
|
|
*
|
|
|
|
|
* @return id_user<int> Renvoie l'id de l'utilisateur cree ou FALSE si erreur
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
public static function create($login, $password, $mail, $reference, $permissions){
|
|
|
|
|
/* [0] Verification et formattage des INPUT
|
|
|
|
|
=========================================================*/
|
|
|
|
|
$checkInput = Database::check('sha1', $password);
|
2016-04-17 10:34:24 +00:00
|
|
|
$checkInput = $checkInput && ( Database::check('id', $reference) || $reference === null );
|
2016-04-14 12:59:21 +00:00
|
|
|
$checkInput = $checkInput && Database::check('array', $permissions);
|
|
|
|
|
|
|
|
|
|
// Si erreur en entree, on retourne FAUX
|
|
|
|
|
if( !$checkInput ) return false;
|
|
|
|
|
|
|
|
|
|
// On formatte les permissions (array -> string)
|
|
|
|
|
$permissions = implode(',', $permissions);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* [1] On verifie que le login/mail et reference sont uniques
|
|
|
|
|
=========================================================*/
|
|
|
|
|
$checkUnique = Database::getPDO()->prepare("SELECT id_user
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE login = :login
|
|
|
|
|
OR mail = :mail
|
|
|
|
|
OR ( reference = :reference AND reference is not NULL )");
|
|
|
|
|
$checkUnique->execute(array(
|
|
|
|
|
':login' => $login,
|
|
|
|
|
':mail' => $mail,
|
|
|
|
|
':reference' => $reference
|
|
|
|
|
));
|
|
|
|
|
$unique = $checkUnique->fetch() === false;
|
|
|
|
|
|
|
|
|
|
// Si un utilisateur a le meme LOGIN/MAIL ou REFERENCE, on retourne une erreur
|
|
|
|
|
if( !$unique ) return false;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* [2] Creation de l'utilisateur
|
|
|
|
|
=========================================================*/
|
|
|
|
|
/* (1) Si reference NULL */
|
|
|
|
|
if( $reference == null ){
|
|
|
|
|
|
|
|
|
|
$create = Database::getPDO()->prepare("INSERT INTO users(id_user, login, password, mail, reference, permission)
|
|
|
|
|
VALUES(DEFAULT, :login, :password, :mail, NULL, :permission)");
|
|
|
|
|
$create->execute(array(
|
|
|
|
|
':login' => $login,
|
|
|
|
|
':password' => $password,
|
|
|
|
|
':mail' => $mail,
|
|
|
|
|
':permission' => $permissions
|
|
|
|
|
));
|
|
|
|
|
|
|
|
|
|
/* (2) Si reference est defini */
|
|
|
|
|
}else{
|
|
|
|
|
|
|
|
|
|
$create = Database::getPDO()->prepare("INSERT INTO users(id_user, login, password, mail, reference, permission)
|
|
|
|
|
VALUES(DEFAULT, :login, :password, :mail, :reference, :permission)");
|
|
|
|
|
$create->execute(array(
|
|
|
|
|
':login' => $login,
|
|
|
|
|
':password' => $password,
|
|
|
|
|
':mail' => $mail,
|
|
|
|
|
':reference' => (int) $reference,
|
|
|
|
|
':permission' => $permissions
|
|
|
|
|
));
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* [3] Verification de la creation + recuperation id
|
|
|
|
|
=========================================================*/
|
|
|
|
|
$checkCreate = Database::getPDO()->prepare("SELECT id_user
|
|
|
|
|
FROM users
|
|
|
|
|
WHERE login = :login
|
|
|
|
|
AND password = :password
|
|
|
|
|
AND mail = :mail
|
|
|
|
|
AND ( reference = :reference OR reference is NULL )
|
|
|
|
|
AND permission = :permission");
|
|
|
|
|
$checkCreate->execute(array(
|
|
|
|
|
':login' => $login,
|
|
|
|
|
':password' => $password,
|
|
|
|
|
':mail' => $mail,
|
|
|
|
|
':reference' => (int) $reference,
|
|
|
|
|
':permission' => $permissions
|
|
|
|
|
));
|
|
|
|
|
|
|
|
|
|
// On recupere l'id de l'utilisateur
|
|
|
|
|
$id_user = $checkCreate->fetch();
|
|
|
|
|
|
|
|
|
|
// Si erreur, on retourne FALSE
|
|
|
|
|
if( $id_user === false ) return false;
|
|
|
|
|
|
|
|
|
|
/* [4] Gestion du retour
|
|
|
|
|
=========================================================*/
|
|
|
|
|
return $id_user['id_user'];
|
2016-04-14 10:45:54 +00:00
|
|
|
}
|
|
|
|
|
|
2016-04-14 16:49:07 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* SUPRESSION D'UN UTILISATEUR D'ID DONNE
|
|
|
|
|
*
|
|
|
|
|
* @id_user<int> UID de l'utilisateur en question
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
public static function remove($id_user){
|
|
|
|
|
/* [1] On effectue la suppression
|
|
|
|
|
=========================================================*/
|
|
|
|
|
$getUser = Database::getPDO()->prepare("DELETE FROM users WHERE id_user = :id_user");
|
|
|
|
|
$getUser->execute(array( ':id_user' => $id_user ));
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-12 12:27:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
?>
|
