ID = $ID; $this->connected = FALSE; $req = $GLOBALS['bdd']->prepare('SELECT * FROM membres WHERE ID=?'); $req->execute(array($ID)); if($rep = $req->fetch()){ $this->valid = TRUE; $this->pseudo = $rep['pseudo']; $this->adminLevel = $rep['adminLevel']; $this->dateCreation = $rep['dateCreation']; $this->hashedPassword = $rep['hashedPassword']; $this->decodeData($rep['data']); }else{ $this->valid = FALSE; } } public function connect($password) { $this->connected = password_verify ($password, $this->hashedPassword ); return $this->connected; } public function __toString(){ $out = 'Membre\n'; $out .= '\tID:' . $this->ID . '\n'; $out .= '\tPseudo:' . $this->pseudo . '\n'; $out .= '\tAdmin level:' . $this->adminLevel . '\n'; $out .= '\tDate of creation:' . $this->dateCreation . '\n'; $out .= '\tRequired banner:' . $this->requiredBanner . '\n'; $out .= '\tPersonnal message:' . $this->personnalMessage . '\n'; return $out; } public function isConnected(){ return $this->connected; } public function exists(){ return $this->valid; } private function decodeData($data) { $jsonData = json_decode ( $data ,TRUE); // Set the data's required_banner if it is defined , otherwise sets the DEFAULT_BANNER $this->requiredBanner = $jsonData ['requiredBanner'] ?? self::DEFAULT_BANNER; $this->personnalMessage = $jsonData ['personnalMessage'] ?? NULL; } //Getters public function getID(){ return $this->ID; } public function getPseudo(){ return $this->pseudo; } public function getAdminLevel() { return $this->adminLevel; } public function getDateCreation(){ return $this->dateCreation; } public function getRequiredBanner() { return $this->requiredBanner; } public function getPersonnalMessage(){ return $this->personnalMessage; } //Useful getters public function isAdminLevelLowerThan($max){ return $this->adminLevel<$max; } public function isAdminLevelGreaterThan($min){ return $this->adminLevel>$min; } public function isAdminLevelLowerOrEqualThan($max){ return $this->adminLevel<$max; } public function isAdminLevelGreaterOrEqualThan($min){ return $this->adminLevel>$max; } public function hasPersonnalMessage() { return isset ( $this->personnalMessage ); } public function showPersonnalMessage() { $msg = $this->personnalMessage; $this->setPersonnalMessage = NULL; return $msg; } //Setters public function changePassword($newPassword){ if(strlen($newPassword)>255) return Membre::PASSWORD_TOO_LONG; $req = $GLOBALS['bdd']->prepare('UPDATE membres SET hashedPassword=? WHERE ID=?'); $req->execute(array(password_hash ( $newPassword, PASSWORD_DEFAULT ),$this->ID)); return Membre::PASSWORD_CHANGED; } public function setAttribute($attribute,$value,$valueType){ $json=FALSE; switch ($attribute){ case 'ID': if($valueType !== '0'){ echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute; exit; } $value = intval($value); break; case 'pseudo': if($valueType !== '"'){ echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.strval($value).'"'; break; case 'hashedPseudo': if($valueType !== '"'){ echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.strval($value).'"'; break; case 'adminLevel': if($valueType !== '0'){ echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute; exit; } $value = intval($value); break; case 'dateCreation': if($valueType !== '"'){ echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.$value.'"'; break; case 'requiredBanner'://FIXME jsonMysqlProblem $json=TRUE; if($valueType !== '"'){ echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.strval($value).'"'; break; case 'personnalMessage': $json=TRUE; if($valueType !== '"'){ echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.strval($value).'"'; break; default: echo 'Undefined attribute "'.$attribute.'" for the class Membre'; exit; } $restrictionValues[] = $value; if($json){ //TODO Set command for json }else{ $command = 'UPDATE membres SET ' . $attribute . '=' . $value . ' WHERE ID=' . $this->ID; } echo $command.'
'; $req = $GLOBALS['bdd']->prepare($command); $req->execute(array()); if($req->errorInfo()[0] != 0){ echo 'Eine MYSQL Exception hat geworft. Einschuldigung'; exit; } } /** * * @return Objects which matchs the specified restrictions */ public static function getFromAttributes($restrictions){ $whereCommands = array(); $restrictionValues = array(); foreach ($restrictions as $restriction){ $whereCommand = NULL; $attribute = $restriction[0]; $json = FALSE; $operator = NULL; $value = NULL; try { switch ($attribute){ case 'ID': if($restriction[2][0] !== '0'){ echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute; exit; } $value = intval($restriction[2][1]); $operator = Utility::getIntegerSqlOperator($restriction[1]); break; case 'pseudo': if($restriction[2][0] !== '"'){ echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.strval($restriction[2][1]).'"'; $operator = Utility::getStringSqlOperator($restriction[1]); break; case 'hashedPseudo': if($restriction[2][0] !== '"'){ echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.strval($restriction[2][1]).'"'; $operator = Utility::getStringSqlOperator($restriction[1]); break; case 'adminLevel': if($restriction[2][0] !== '0'){ echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute; exit; } $value = intval($restriction[2][1]); $operator = Utility::getIntegerSqlOperator($restriction[1]); break; case 'dateCreation': if($restriction[2][0] !== '"'){//TODO add type date echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.$restriction[2][1].'"'; $operator = Utility::getDateSqlOperator($restriction[1]); break; case 'requiredBanner'://FIXME jsonMysqlProblem $json=TRUE; if($restriction[2][0] !== '"'){ echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.strval($restriction[2][1]).'"'; $operator = Utility::getStringSqlOperator($restriction[1]); break; case 'personnalMessage': $json=TRUE; if($restriction[2][0] !== '"'){ echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute; exit; } $value = '"'.strval($restriction[2][1]).'"'; $operator = Utility::getStringSqlOperator($restriction[1]); break; default: echo 'Undefined attribute "'.$attribute.'" for the class Membre'; exit; } }catch(InvalidOperatorException $e){ echo $e->getMessage().' when reading attribute "'.$attribute.'"'; exit; } $restrictionValues[] = $value; if($json){ $whereCommand = '((data->"$.'.$attribute.'" IS NOT NULL) AND (data->"$.'.$attribute.'" '.$operator.' ? ))'; }else{ $whereCommand = $attribute . ' ' . $operator . ' ' . $value; } $whereCommands[] = $whereCommand; } $wherePart = ""; if(count($whereCommands) >0) $wherePart = 'WHERE '.implode(' AND ',$whereCommands); $command = 'SELECT * FROM membres '.$wherePart; $req = $GLOBALS['bdd']->prepare($command); $req->execute($restrictionValues); //echo $command.'
'; if($req->errorInfo()[0] != 0) echo 'Erreur SQL, veuillez verifier les selecteurs'; $out = array(); while($rep = $req->fetch()) $out[] = new Membre($rep['ID']); //Choose return value switch(count($out)){ case 0: return NULL; case 1: return $out[0]; default: return $out; } } public static function getFromPseudo($pseudo){ return Membre::getFromAttributes(array(['pseudo','=',['"',$pseudo]])); } public static function getFromAdminLevel($level){ return Membre::getFromAttributes(array(['adminLevel','=',['0',$level]])); } public static function getFromDateCreation($date){ return Membre::getFromAttributes(array(['dateCreation','=',['0',$date]])); } public static function getCreatedLaterThan($date){ return Membre::getFromAttributes(array(['dateCreation','>',['"',$date]])); } public static function getCreatedEarlierThan($date){ return Membre::getFromAttributes(array(['dateCreation','<',['"',$date]])); } public static function getAdminGreaterThan($min){ return Membre::getFromAttributes(array(['adminLevel','>',['0',$min]])); } public static function getAdminLowerThan($max){ return Membre::getFromAttributes(array(['adminLevel','<',['0',$max]])); } public static function me(){ if(!isset($_SESSION['session_id'])) return NULL; $me = new Membre($_SESSION['session_id']); if(!$me->exists()) return NULL; return $me; } //Membre creator public static function registerPerson($pseudo, $mdp) { if (Membre::getFromPseudo($pseudo)) return Membre::USED_USERNAME; $req = $GLOBALS ['bdd']->prepare ('INSERT INTO membres(pseudo,mdp,date_creation) VALUES (?,?,NOW())'); $req->execute (array($pseudo,password_hash( $mdp, PASSWORD_DEFAULT))); return Membre::PERSON_REGISTERED; } //Operateurs public function __is_identical($copain){ return $this->getID() == $copain->getID(); } //Outputs texts //changePassword const PASSWORD_TOO_LONG = 'Le mot de passe est trop long ! (Max : 255 caractères)'; const PASSWORD_CHANGED = 'Le mot de passe a bien été changé'; //registerPerson const USED_USERNAME = 'Le pseudonyme est déjà utilisé'; const PERSON_REGISTERED = 'Le membre a bien été inscrit !'; }