2021-03-24 21:35:59 +01:00
|
|
|
<?php
|
2021-04-06 21:14:59 +02:00
|
|
|
require_once('dao.php');
|
|
|
|
include_once('user_dto.php');
|
|
|
|
|
2021-03-24 21:35:59 +01:00
|
|
|
class UserDAO extends DAO {
|
|
|
|
|
|
|
|
//Constants:
|
2021-04-06 12:00:31 +02:00
|
|
|
private const _USER = "user";
|
|
|
|
private const _MANAGER = "manager";
|
|
|
|
private const _ADMIN = "admin";
|
2021-03-24 21:35:59 +01:00
|
|
|
|
|
|
|
//Attributes:
|
|
|
|
|
|
|
|
//Constructor:
|
2021-04-06 12:00:31 +02:00
|
|
|
function __construct($bd_name){
|
2021-04-06 21:14:59 +02:00
|
|
|
parent::__construct($bd_name);
|
2021-03-24 21:35:59 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
//Methods:
|
|
|
|
|
|
|
|
//Encrypt password with SHA254
|
|
|
|
private function encryptPass($password){
|
|
|
|
$password = hash('sha256', $password);
|
|
|
|
|
|
|
|
return $password;
|
|
|
|
}
|
|
|
|
|
|
|
|
//Create a new User:
|
|
|
|
public function createUser($id, $username, $email, $password, $rol){
|
|
|
|
$password = $this->encryptPass($password);
|
|
|
|
$sql = sprintf( "INSERT INTO users( id, username, email, passwd, rol)
|
|
|
|
VALUES ( '%s', '%s', '%s', '%s', '%s')",
|
|
|
|
$id, $username, $email, $password, $rol );
|
|
|
|
|
|
|
|
return $sql;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
//Returns a query to check if the user name exists:
|
|
|
|
public function selectUser($username){
|
|
|
|
$sql = sprintf( "SELECT * FROM users WHERE username = '%s'", $username );
|
|
|
|
|
2021-04-06 21:14:59 +02:00
|
|
|
//return $sql;
|
|
|
|
return $result = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
|
|
|
|
}
|
|
|
|
|
|
|
|
//Returns a query to check if the user pass matches:
|
|
|
|
public function selectPass($password){
|
2021-04-07 14:59:26 +02:00
|
|
|
//$sql = sprintf( "SELECT * FROM users WHERE passwd = '%s'", $password );
|
|
|
|
$sql = sprintf( "SELECT * FROM users WHERE user = '%s' AND pass = '%s'", $username, $password);
|
2021-04-06 21:14:59 +02:00
|
|
|
|
|
|
|
//return $sql;
|
|
|
|
return $result = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
|
2021-03-24 21:35:59 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
//Returns a query to get the user's data:
|
|
|
|
public function userData($id){
|
|
|
|
$sql = sprintf( "SELECT * FROM users WHERE id = '%d'", $id );
|
|
|
|
|
2021-04-06 21:14:59 +02:00
|
|
|
//return $sql;
|
|
|
|
return $result = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
|
2021-03-24 21:35:59 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
//Create a new User Data Transfer Object:
|
|
|
|
public function loadUser($id, $username, $email, $password, $rol){
|
|
|
|
return new UserDTO($id, $username, $email, $password, $rol);
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2021-04-07 14:59:26 +02:00
|
|
|
?>
|