diff options
| author | Camil Staps | 2016-07-27 16:48:53 +0200 |
|---|---|---|
| committer | Camil Staps | 2016-07-27 17:08:12 +0200 |
| commit | 21455bfd1004c4a3153050ac5995b8dc680c2042 (patch) | |
| tree | b448f9d94cd9b6addb6d6b391001c418243cc13d /classes/user.php | |
| parent | Removed error reporting (diff) | |
Class names start with a capital
Diffstat (limited to 'classes/user.php')
| -rw-r--r-- | classes/user.php | 198 |
1 files changed, 0 insertions, 198 deletions
diff --git a/classes/user.php b/classes/user.php deleted file mode 100644 index f6c6322..0000000 --- a/classes/user.php +++ /dev/null @@ -1,198 +0,0 @@ -<?php -/** - * Provides the user class, an interface to the user table in the database - * - * @author Camil Staps - * - * BusinessAdmin: administrative software for small companies - * Copyright (C) 2015 Camil Staps (ViviSoft) - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -/** - * An interface to the user table in the database - */ -class user { - /** - * @var pdo $pdo The PDO class for database communication - * @var int $id The id of the user - * @var string $username The username of the user - * @var string $password The (hashed) password of the user - */ - protected $pdo, $id, $username, $password; - - /** - * Generate a random password - * - * @return string The password - */ - public static function generateRandomPassword() { - return preg_replace('/[^\w]/', '', - base64_encode(bin2hex(openssl_random_pseudo_bytes(4)))); - } - - /** - * Hash a password - * - * @param string $password The password to be hashed - * @param int $cost The password cost - * - * @return string The hashed password - */ - public static function hash($password, $cost=null) { - return password_hash( - $password, - constants::password_algo, - ['cost' => is_null($cost) ? constants::password_cost : $cost] - ); - } - - /** - * Create a new instance - * - * @param PDO $pdo The PDO class, to access the database - * @param int $id The id of the user to fetch - * - * @throws PDOException If something went wrong with the database - * @throws Exception If the user could not be found - */ - public function __construct($pdo, $id) { - $this->pdo = $pdo; - - $stmt = $this->pdo->prepare("SELECT * FROM `".constants::db_prefix."user` WHERE `id`=?"); - $stmt->execute(array($id)); - if ($stmt->rowCount() == 0) { - throw new Exception("The user with id '$id' could not be found."); - } - $user = $stmt->fetch(PDO::FETCH_ASSOC); - - $this->id = $user['id']; - $this->username = $user['username']; - $this->password = $user['password']; - } - - //------------------------------------------------------------------------------ - // Getters and setters - //------------------------------------------------------------------------------ - - /** - * Get the ID of the user - * - * @return int The ID - */ - public function getId() { - return $this->id; - } - - /** - * Get the username of the user - * - * @return string The username - */ - public function getUsername() { - return $this->username; - } - - /** - * Set the username of the user - * - * @param string $username The new username for the user - * - * @throws PDOException If something went wrong with the database - * - * @return bool True on succes, false on failure - */ - public function setName($username) { - $stmt = $this->pdo->prepare("UPDATE `".constants::db_prefix."user` SET `username`=? WHERE `id`=?"); - $stmt->execute(array($username, $this->id)); - if ($stmt->rowCount() == 1) { - $this->username = $username; - return true; - } else { - return false; - } - } - - /** - * Set the password of the user - * - * @param string $password The new password for the user - * - * @throws PDOException If something went wrong with the database - * - * @return bool True on succes, false on failure - */ - public function setPassword($password) { - $password = self::hash($password); - $stmt = $this->pdo->prepare("UPDATE `".constants::db_prefix."user` SET `password`=? WHERE `id`=?"); - $stmt->execute(array($password, $this->id)); - if ($stmt->rowCount() == 1) { - $this->password = $password; - return true; - } else { - return false; - } - } - - //------------------------------------------------------------------------------ - // Other functions - //------------------------------------------------------------------------------ - - /** - * Check if a user has administrator rights - * - * @return bool True iff the user has administrator rights - */ - public function isAdmin() { - return in_array($this->getId(), constants::user_admins); - } - - /** - * Verify a password - * - * @param string $password The password to verify - * - * @return bool True iff the password can be accepted - */ - public function verifyPassword($password) { - if (!password_verify($password, $this->password)) { - return false; - } - if (password_needs_rehash($this->password, constants::password_algo, - ['cost' => constants::password_cost])) { - $this->setPassword($password); - } - return true; - } - - /** - * Remove this user from the database - * - * If this doesn't succeed (i.e. false is returned), that means the user was removed manually or by another instance of this class - * - * @throws PDOException If something went wrong with the database - * - * @return bool True on success, false on failure - */ - public function delete() { - $stmt = $this->pdo->prepare("DELETE FROM `".constants::db_prefix."user` WHERE `id`=?"); - $stmt->execute(array($this->id)); - if ($stmt->rowCount() != 1) { - return false; - } else { - return true; - } - } -} |