diff --git a/Controllers/ManageUserController.php b/Controllers/ManageUserController.php index 4695201..2aa1151 100644 --- a/Controllers/ManageUserController.php +++ b/Controllers/ManageUserController.php @@ -27,9 +27,7 @@ final class ManageUserController { $S_query = $A_getParams["query"]; - $O_userModel = new UserModel(); - $A_results = $O_userModel->searchUsers($S_query); - + $A_results = UserModel::searchUsers($S_query); var_dump($A_results); echo "Terme de recherche choisi: $S_query"; diff --git a/Controllers/UserController.php b/Controllers/UserController.php index a0c927a..aae146f 100644 --- a/Controllers/UserController.php +++ b/Controllers/UserController.php @@ -25,14 +25,13 @@ final class UserController { $S_email = Utils::getOrDie($A_postParams, "email"); $S_password = Utils::getOrDie($A_postParams, "password"); - - $O_userModel = new UserModel(); - $A_user = $O_userModel->getUserByEmail($S_email); - if ($A_user == null) { + + $O_user = UserModel::getByEmail($S_email); + if ($O_user == null) { $S_errmsg = "No user with this email"; - }else if (!password_verify($S_password, $A_user["PASS_HASH"])) { + }else if (!password_verify($S_password,$O_user->S_PASSWORD_HASH)) { $S_errmsg = "Invalid password"; - }else if ($A_user["DISABLED"]) { + }else if ($O_user->B_DISABLED) { $S_errmsg = "This account is disabled"; } @@ -42,7 +41,7 @@ final class UserController return header("Location: /user/login"); } - Session::set_login($A_user["ID"]); + Session::set_login($O_user->I_ID); header("Location: /"); @@ -54,13 +53,12 @@ final class UserController $S_username = Utils::getOrDie($A_postParams, "username"); $S_password = Utils::getOrDie($A_postParams, "password"); - $O_userModel = new UserModel(); if (!filter_var($S_email, FILTER_VALIDATE_EMAIL)) { $S_errmsg = "invalid email"; } else if( strlen($S_password) < 8 || strlen($S_password) > 150 ) { $S_errmsg = "password must be between 8 and 150 characters"; - } else if($O_userModel->isEmailInDatabase($S_email)) { + } else if(UserModel::isEmailInDatabase($S_email)) { $S_errmsg = "An user with this email is already registered"; } @@ -71,9 +69,9 @@ final class UserController } $S_password_hash = password_hash($S_password, PASSWORD_DEFAULT); - - $O_userModel->createUser($S_email, $S_username, $S_password_hash); + $O_user = new UserModel($S_email, $S_username, $S_password_hash, null, date("Y-m-d"), 0, 0); + $O_user->insert(); return header("Location: /"); } @@ -99,17 +97,17 @@ final class UserController Session::login_or_die(); - $O_userModel = new UserModel(); - $A_user = $O_userModel->getUserByID($_SESSION["ID"]); - - return View::show("user/edit", $A_user); + $O_user = UserModel::getByID($_SESSION["ID"]); + + //TODO Convert User into array + return View::show("user/edit", array("USER" => $O_user)); } public function updateAction(Array $A_urlParams = null, Array $A_postParams = null) { Session::login_or_die(); - $O_userModel = new UserModel(); + $O_user = UserModel::getByID($_SESSION["ID"]); if (isset($_FILES["profilPicture"])) { @@ -133,12 +131,13 @@ final class UserController } $fp = fopen($_FILES['profilPicture']['tmp_name'], 'rb'); - $O_userModel->updateProfilePicByID($_SESSION["ID"], $fp); + $O_user->updateProfilePic($fp); } if (isset($_POST["email"])) { $S_email = $_POST["email"]; if (!empty($S_email) && filter_var($S_email, FILTER_VALIDATE_EMAIL)) { - $O_userModel->updateEmailByID($_SESSION["ID"], $_POST["email"]); + $O_user->S_EMAIL = $_POST["email"]; + $O_user->update(); }else{ throw new HTTPSpecialCaseException(400, "invalid email"); } @@ -146,7 +145,8 @@ final class UserController if (isset($_POST["username"])) { $S_username = $_POST["username"]; if (!empty($S_username)) { - $O_userModel->updateUsernameByID($_SESSION["ID"], $_POST["username"]); + $O_user->S_USERNAME = $_POST["username"]; + $O_user->update(); }else{ throw new HTTPSpecialCaseException(400, "invalid username"); } @@ -168,8 +168,7 @@ final class UserController { Session::login_or_die(); - $O_userModel = new UserModel(); - $O_userModel->deleteByID($_SESSION["ID"]); + UserModel::deleteByID($_SESSION["ID"]); Session::destroy_session(); @@ -182,9 +181,7 @@ final class UserController $I_user_id = Utils::intOrDie($A_urlParams[0]); - - $O_userModel = new UserModel(); - $O_userModel->deleteByID($I_user_id); + UserModel::deleteByID($I_user_id); echo "Le compte à été supprimé avec succès"; @@ -194,18 +191,19 @@ final class UserController { if (count($A_urlParams) !== 1 ) throw new HTTPSpecialCaseException(404); - $O_userModel = new UserModel(); - $A_user = $O_userModel->getUserByID($A_urlParams[0]); - - if (isset($A_user) && $A_user["PROFILE_PIC"] !== null) { - header("Content-Type: image"); - echo $A_user["PROFILE_PIC"]; - } else { - header("Content-Type: image/svg+xml"); - echo file_get_contents(Constants::rootDir()."/static/img/default_user.svg"); - } - + $O_user = UserModel::getByID($A_urlParams[0]); + + if (isset($O_user)) { + $S_pfp = $O_user->getProfilePic(); + if($S_pfp !== null) { + header("Content-Type: image"); + echo $S_pfp; + return Utils::RETURN_RAW; + } + } + + header("Content-Type: image/svg+xml"); + echo file_get_contents(Constants::rootDir()."/static/img/default_user.svg"); return Utils::RETURN_RAW; } - } diff --git a/Models/RecipeModel.php b/Models/RecipeModel.php index 2e0b272..452dec2 100644 --- a/Models/RecipeModel.php +++ b/Models/RecipeModel.php @@ -25,11 +25,10 @@ final class RecipeModel $O_ingredientModel = new IngredientModel(); $A_recipe["INGREDIENTS"] = $O_ingredientModel->searchByRecipe($A_recipe["ID"]); - $O_userModel = new UserModel(); - $A_recipe["AUTHOR_USERNAME"] = $O_userModel->getUsernameByID($A_recipe["AUTHOR_ID"]); + $A_recipe["AUTHOR_USERNAME"] = UserModel::getByID($A_recipe["AUTHOR_ID"])->S_USERNAME; - $O_userModel = new DifficultyModel(); - $A_recipe["DIFFICULTY_NAME"] = $O_userModel->getByID($A_recipe["DIFFICULTY_ID"]); + $O_difficultyModel = new DifficultyModel(); + $A_recipe["DIFFICULTY_NAME"] = $O_difficultyModel->getByID($A_recipe["DIFFICULTY_ID"]); return $A_recipe; } diff --git a/Models/UserModel.php b/Models/UserModel.php index 5119335..cbbe1d2 100644 --- a/Models/UserModel.php +++ b/Models/UserModel.php @@ -2,29 +2,71 @@ final class UserModel extends UserSessionModel { + public $I_ID = null; + public $S_EMAIL = null; + public $S_USERNAME= null; + public $S_PASSWORD_HASH = null; + public $S_LAST_SEEN = null; + public $S_FIRST_SEEN = null; + public $B_ADMIN = 0; + public $B_DISABLED = 0; - public function createUser($S_email, $S_username, $S_password_hash){ + public function __construct($S_EMAIL, $S_USERNAME,$S_PASSWORD_HASH,$S_LAST_SEEN,$S_FIRST_SEEN,$B_ADMIN,$B_DISABLED) + { + $this->S_EMAIL = $S_EMAIL; + $this->S_USERNAME = $S_USERNAME; + $this->S_PASSWORD_HASH = $S_PASSWORD_HASH; + $this->S_LAST_SEEN = $S_LAST_SEEN; + $this->S_FIRST_SEEN = $S_FIRST_SEEN; + $this->B_ADMIN = $B_ADMIN; + $this->B_DISABLED = $B_DISABLED; + } + public function insert(){ $O_model = Model::get(); - $stmt = $O_model->prepare("INSERT INTO USER (EMAIL, USERNAME, PASS_HASH) VALUES(:email, :username, :password_hash)"); - $stmt->bindParam("email", $S_email); - $stmt->bindParam("username", $S_username); - $stmt->bindParam("password_hash", $S_password_hash); + $stmt = $O_model->prepare("INSERT INTO USER (EMAIL, USERNAME, PASS_HASH, FIRST_SEEN) VALUES(:email, :username, :password_hash, :first_seen)"); + $stmt->bindParam("email", $this->S_EMAIL); + $stmt->bindParam("username", $this->S_USERNAME); + $stmt->bindParam("password_hash", $this->S_PASSWORD_HASH); + $stmt->bindParam("first_seen", $this->S_FIRST_SEEN); + $stmt->execute(); + $this->I_ID = Model::get()->lastInsertId(); + } + public function update(){ + $O_model = Model::get(); + $stmt = $O_model->prepare("UPDATE USER SET EMAIL=:email, USERNAME=:username, PASSWORD_HASH=:password_hash, FIRST_SEEN:first_seen, LAST_SEEN:last_seen, ADMIN=:admin, DISABLED=:disabled) WHERE ID=:id"); + $stmt->bindParam("id", $this->I_ID); + $stmt->bindParam("email", $this->S_EMAIL); + $stmt->bindParam("username", $this->S_USERNAME); + $stmt->bindParam("password_hash", $this->S_PASSWORD_HASH); + $stmt->bindParam("first_seen", $this->S_FIRST_SEEN); + $stmt->bindParam("last_seen", $this->S_LAST_SEEN); + $stmt->bindParam("admin", $this->B_ADMIN); + $stmt->bindParam("disabled", $this->B_DISABLED); $stmt->execute(); } - public function isEmailInDatabase($S_email){ - + public function delete(){ + self::anonymise(); + $O_model = Model::get(); - $stmt = $O_model->prepare("SELECT count(*) FROM USER WHERE EMAIL=:email"); - $stmt->bindParam("email", $S_email); + $stmt = $O_model->prepare("DELETE FROM USER WHERE ID=:id"); + $stmt->bindParam("id", $this->I_ID); $stmt->execute(); - - $count = $stmt->fetch()[0]; - return $count != 0; } + public function anonymise(){ + $O_model = Model::get(); - public function getUserByID($I_id){ + $stmt = $O_model->prepare("UPDATE RECIPE SET AUTHOR_ID = NULL WHERE AUTHOR_ID = :id"); + $stmt->bindParam("id", $this->I_ID); + $stmt->execute(); + + $stmt = $O_model->prepare("UPDATE APPRECIATION SET AUTHOR_ID = NULL WHERE AUTHOR_ID = :id"); + $stmt->bindParam("id", $this->I_ID); + $stmt->execute(); + } + + public static function getByID($I_id){ $O_model = Model::get(); $stmt = $O_model->prepare("SELECT * FROM USER WHERE ID=:id"); $stmt->bindParam("id", $I_id); @@ -32,78 +74,50 @@ final class UserModel extends UserSessionModel $row = $stmt->fetch(); if ($row === false) return null; - return $row; + + $O_user = new UserModel($row["EMAIL"],$row["USERNAME"],$row["PASS_HASH"],$row["LAST_SEEN"],$row["FIRST_SEEN"],$row["ADMIN"],$row["DISABLED"]); + $O_user->I_ID = $I_id; + return $O_user; } - public function getUserByEmail($S_email){ + public static function isEmailInDatabase($S_email){ $O_model = Model::get(); - $stmt = $O_model->prepare("SELECT * FROM USER WHERE email=:email"); + $stmt = $O_model->prepare("SELECT count(*) FROM USER WHERE EMAIL=:email"); + $stmt->bindParam("email", $S_email); + $stmt->execute(); + $count = $stmt->fetch()[0]; + return $count != 0; + } + + public static function getByEmail($S_email){ + $O_model = Model::get(); + $stmt = $O_model->prepare("SELECT ID FROM USER WHERE email=:email"); $stmt->bindParam("email", $S_email); $stmt->execute(); $row = $stmt->fetch(); if ($row === false) return null; - return $row; + return UserModel::getById($row["ID"]); } - - public function getUsernameByID($I_id) - { - $O_model = Model::get(); - $stmt = $O_model->prepare("SELECT USERNAME FROM USER WHERE ID=:id"); - $stmt->bindParam("id", $I_id); - $stmt->execute(); - - $row = $stmt->fetch(); - if ($row === false) return null; - return $row["USERNAME"]; - } - - public function updateProfilePicByID($I_id, $profile_pic_fp){ + public function updateProfilePic($profile_pic_fp){ $O_model = Model::get(); $stmt = $O_model->prepare("UPDATE USER SET PROFILE_PIC=:profile_pic WHERE ID=:id"); - $stmt->bindParam("id", $I_id); + $stmt->bindParam("id", $this->I_ID); $stmt->bindParam("profile_pic", $profile_pic_fp, PDO::PARAM_LOB); $stmt->execute(); } - - public function updateEmailByID($I_id, $S_newEmail){ + + public function getProfilePic(){ $O_model = Model::get(); - $stmt = $O_model->prepare("UPDATE USER SET EMAIL=:new_email WHERE ID=:id"); - $stmt->bindParam("id", $I_id); - $stmt->bindParam("new_email", $S_newEmail); - $stmt->execute(); - } - - public function updateUsernameByID($I_id, $S_newUsername){ - $O_model = Model::get(); - $stmt = $O_model->prepare("UPDATE USER SET USERNAME=:new_username WHERE ID=:id"); - $stmt->bindParam("id", $I_id); - $stmt->bindParam("new_username", $S_newUsername); + $stmt = $O_model->prepare("SELECT PROFILE_PIC FROM USER WHERE ID=:id"); + $stmt->bindParam("id", $this->I_ID); $stmt->execute(); + $row = $stmt->fetch(); + if ($row === false) return null; + return $row["PROFILE_PIC"]; } - public function anonymiseByID($I_id){ - $O_model = Model::get(); - - $stmt = $O_model->prepare("UPDATE RECIPE SET AUTHOR_ID = NULL WHERE AUTHOR_ID = :id"); - $stmt->bindParam("id", $I_id); - $stmt->execute(); - - $stmt = $O_model->prepare("UPDATE APPRECIATION SET AUTHOR_ID = NULL WHERE AUTHOR_ID = :id"); - $stmt->bindParam("id", $I_id); - $stmt->execute(); - } - - public function deleteByID($I_id){ - self::anonymiseByID($I_id); - - $O_model = Model::get(); - $stmt = $O_model->prepare("DELETE FROM USER WHERE ID=:id"); - $stmt->bindParam("id", $I_id); - $stmt->execute(); - } - - public function searchUsers($S_query) + public static function searchUsers($S_query) { $O_model = Model::get(); $stmt = $O_model->prepare(" @@ -116,9 +130,28 @@ final class UserModel extends UserSessionModel $S_full_query = "%".$S_query."%"; $stmt->bindParam("full_query", $S_full_query); $stmt->execute(); - $rows = $stmt->fetchAll(); - return $rows; } -} + + public static function anonymiseByID($I_id){ + $O_model = Model::get(); + + $stmt = $O_model->prepare("UPDATE RECIPE SET AUTHOR_ID = NULL WHERE AUTHOR_ID = :id"); + $stmt->bindParam("id", $I_id); + $stmt->execute(); + + $stmt = $O_model->prepare("UPDATE APPRECIATION SET AUTHOR_ID = NULL WHERE AUTHOR_ID = :id"); + $stmt->bindParam("id", $I_id); + $stmt->execute(); + } + + public static function deleteByID($I_id) + { + $O_model = Model::get(); + UserModel::anonymiseByID($I_id); + $stmt = $O_model->prepare("DELETE FROM USER WHERE ID=:id"); + $stmt->bindParam("id", $I_id); + $stmt->execute(); + } +} \ No newline at end of file diff --git a/Views/user/edit.php b/Views/user/edit.php index 3bd2f13..6e8adfc 100644 --- a/Views/user/edit.php +++ b/Views/user/edit.php @@ -1,7 +1,10 @@ +
B_ADMIN) { echo "

Compte administrateur

"; echo "Gestion des utilisateurs"; } @@ -14,10 +17,10 @@ - "> + - "> +