386 lines
11 KiB
PHP
386 lines
11 KiB
PHP
<?php
|
|
class Membre {
|
|
const DEFAULT_BANNER = "pictures/bande.png";
|
|
|
|
protected $ID;
|
|
protected $pseudo;
|
|
protected $hashedPassword;
|
|
protected $adminLevel;
|
|
protected $dateCreation;
|
|
protected $requiredBanner;
|
|
protected $personnalMessage;
|
|
|
|
protected $connected;
|
|
protected $valid;
|
|
|
|
public function __construct($ID) {
|
|
$this->ID = $ID;
|
|
$this->connected = FALSE;
|
|
$req = $GLOBALS['bdd']->prepare('SELECT * FROM membres WHERE ID=?');
|
|
$req->execute(array($ID));
|
|
if($rep = $req->fetch()){
|
|
$this->valid = TRUE;
|
|
$this->pseudo = $rep['pseudo'];
|
|
$this->adminLevel = $rep['adminLevel'];
|
|
$this->dateCreation = $rep['dateCreation'];
|
|
$this->hashedPassword = $rep['hashedPassword'];
|
|
$this->decodeData($rep['data']);
|
|
}else{
|
|
$this->valid = FALSE;
|
|
}
|
|
}
|
|
|
|
public function connect($password) {
|
|
$this->connected = password_verify ($password, $this->hashedPassword );
|
|
return $this->connected;
|
|
|
|
}
|
|
|
|
public function __toString(){
|
|
$out = 'Membre\n';
|
|
$out .= '\tID:' . $this->ID . '\n';
|
|
$out .= '\tPseudo:' . $this->pseudo . '\n';
|
|
$out .= '\tAdmin level:' . $this->adminLevel . '\n';
|
|
$out .= '\tDate of creation:' . $this->dateCreation . '\n';
|
|
$out .= '\tRequired banner:' . $this->requiredBanner . '\n';
|
|
$out .= '\tPersonnal message:' . $this->personnalMessage . '\n';
|
|
return $out;
|
|
}
|
|
|
|
public function isConnected(){
|
|
return $this->connected;
|
|
}
|
|
|
|
public function exists(){
|
|
return $this->valid;
|
|
}
|
|
|
|
private function decodeData($data) {
|
|
$jsonData = json_decode ( $data ,TRUE);
|
|
// Set the data's required_banner if it is defined , otherwise sets the DEFAULT_BANNER
|
|
$this->requiredBanner = $jsonData ['requiredBanner'] ?? self::DEFAULT_BANNER;
|
|
$this->personnalMessage = $jsonData ['personnalMessage'] ?? NULL;
|
|
}
|
|
|
|
|
|
//Getters
|
|
public function getID(){
|
|
return $this->ID;
|
|
}
|
|
|
|
public function getPseudo(){
|
|
return $this->pseudo;
|
|
}
|
|
|
|
public function getAdminLevel() {
|
|
return $this->adminLevel;
|
|
}
|
|
|
|
public function getDateCreation(){
|
|
return $this->dateCreation;
|
|
}
|
|
|
|
public function getRequiredBanner() {
|
|
return $this->requiredBanner;
|
|
}
|
|
|
|
public function getPersonnalMessage(){
|
|
return $this->personnalMessage;
|
|
}
|
|
|
|
|
|
//Useful getters
|
|
public function isAdminLevelLowerThan($max){
|
|
return $this->adminLevel<$max;
|
|
}
|
|
|
|
public function isAdminLevelGreaterThan($min){
|
|
return $this->adminLevel>$min;
|
|
}
|
|
|
|
public function isAdminLevelLowerOrEqualThan($max){
|
|
return $this->adminLevel<$max;
|
|
}
|
|
|
|
public function isAdminLevelGreaterOrEqualThan($min){
|
|
return $this->adminLevel>$max;
|
|
}
|
|
|
|
public function hasPersonnalMessage() {
|
|
return isset ( $this->personnalMessage );
|
|
}
|
|
|
|
public function showPersonnalMessage() {
|
|
$msg = $this->personnalMessage;
|
|
$this->setPersonnalMessage = NULL;
|
|
return $msg;
|
|
}
|
|
|
|
//Setters
|
|
public function changePassword($newPassword){
|
|
if(strlen($newPassword)>255)
|
|
return Membre::PASSWORD_TOO_LONG;
|
|
$req = $GLOBALS['bdd']->prepare('UPDATE membres SET hashedPassword=? WHERE ID=?');
|
|
$req->execute(array(password_hash ( $newPassword, PASSWORD_DEFAULT ),$this->ID));
|
|
return Membre::PASSWORD_CHANGED;
|
|
}
|
|
|
|
public function setAttribute($attribute,$value,$valueType){
|
|
$json=FALSE;
|
|
switch ($attribute){
|
|
case 'ID':
|
|
if($valueType !== '0'){
|
|
echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = intval($value);
|
|
break;
|
|
case 'pseudo':
|
|
if($valueType !== '"'){
|
|
echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.strval($value).'"';
|
|
break;
|
|
case 'hashedPseudo':
|
|
if($valueType !== '"'){
|
|
echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.strval($value).'"';
|
|
break;
|
|
case 'adminLevel':
|
|
if($valueType !== '0'){
|
|
echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = intval($value);
|
|
break;
|
|
case 'dateCreation':
|
|
if($valueType !== '"'){
|
|
echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.$value.'"';
|
|
break;
|
|
case 'requiredBanner'://FIXME jsonMysqlProblem
|
|
$json=TRUE;
|
|
if($valueType !== '"'){
|
|
echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.strval($value).'"';
|
|
break;
|
|
case 'personnalMessage':
|
|
$json=TRUE;
|
|
if($valueType !== '"'){
|
|
echo 'Error : the type "'.$valueType.'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.strval($value).'"';
|
|
break;
|
|
default:
|
|
echo 'Undefined attribute "'.$attribute.'" for the class Membre';
|
|
exit;
|
|
}
|
|
|
|
$restrictionValues[] = $value;
|
|
if($json){
|
|
//TODO Set command for json
|
|
}else{
|
|
$command = 'UPDATE membres SET ' . $attribute . '=' . $value . ' WHERE ID=' . $this->ID;
|
|
}
|
|
echo $command.'</br>';
|
|
$req = $GLOBALS['bdd']->prepare($command);
|
|
$req->execute(array());
|
|
if($req->errorInfo()[0] != 0){
|
|
echo 'Eine MYSQL Exception hat geworft. Einschuldigung';
|
|
exit;
|
|
}
|
|
}
|
|
|
|
|
|
/**
|
|
*
|
|
* @return Objects which matchs the specified restrictions
|
|
*/
|
|
public static function getFromAttributes($restrictions){
|
|
$whereCommands = array();
|
|
$restrictionValues = array();
|
|
foreach ($restrictions as $restriction){
|
|
$whereCommand = NULL;
|
|
$attribute = $restriction[0];
|
|
$json = FALSE;
|
|
$operator = NULL;
|
|
$value = NULL;
|
|
try {
|
|
switch ($attribute){
|
|
case 'ID':
|
|
if($restriction[2][0] !== '0'){
|
|
echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = intval($restriction[2][1]);
|
|
$operator = Utility::getIntegerSqlOperator($restriction[1]);
|
|
break;
|
|
case 'pseudo':
|
|
if($restriction[2][0] !== '"'){
|
|
echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.strval($restriction[2][1]).'"';
|
|
$operator = Utility::getStringSqlOperator($restriction[1]);
|
|
break;
|
|
case 'hashedPseudo':
|
|
if($restriction[2][0] !== '"'){
|
|
echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.strval($restriction[2][1]).'"';
|
|
$operator = Utility::getStringSqlOperator($restriction[1]);
|
|
break;
|
|
case 'adminLevel':
|
|
if($restriction[2][0] !== '0'){
|
|
echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = intval($restriction[2][1]);
|
|
$operator = Utility::getIntegerSqlOperator($restriction[1]);
|
|
break;
|
|
case 'dateCreation':
|
|
if($restriction[2][0] !== '"'){//TODO add type date
|
|
echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.$restriction[2][1].'"';
|
|
$operator = Utility::getDateSqlOperator($restriction[1]);
|
|
break;
|
|
case 'requiredBanner'://FIXME jsonMysqlProblem
|
|
$json=TRUE;
|
|
if($restriction[2][0] !== '"'){
|
|
echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.strval($restriction[2][1]).'"';
|
|
$operator = Utility::getStringSqlOperator($restriction[1]);
|
|
break;
|
|
case 'personnalMessage':
|
|
$json=TRUE;
|
|
if($restriction[2][0] !== '"'){
|
|
echo 'Error : the type "'.$restriction[2][0].'" is not allowed for the attribute '.$attribute;
|
|
exit;
|
|
}
|
|
$value = '"'.strval($restriction[2][1]).'"';
|
|
$operator = Utility::getStringSqlOperator($restriction[1]);
|
|
break;
|
|
default:
|
|
echo 'Undefined attribute "'.$attribute.'" for the class Membre';
|
|
exit;
|
|
}
|
|
}catch(InvalidOperatorException $e){
|
|
echo $e->getMessage().' when reading attribute "'.$attribute.'"';
|
|
exit;
|
|
}
|
|
|
|
$restrictionValues[] = $value;
|
|
if($json){
|
|
$whereCommand = '((data->"$.'.$attribute.'" IS NOT NULL) AND (data->"$.'.$attribute.'" '.$operator.' ? ))';
|
|
}else{
|
|
$whereCommand = $attribute . ' ' . $operator . ' ' . $value;
|
|
}
|
|
$whereCommands[] = $whereCommand;
|
|
}
|
|
$wherePart = "";
|
|
if(count($whereCommands) >0)
|
|
$wherePart = 'WHERE '.implode(' AND ',$whereCommands);
|
|
|
|
$command = 'SELECT * FROM membres '.$wherePart;
|
|
$req = $GLOBALS['bdd']->prepare($command);
|
|
$req->execute($restrictionValues);
|
|
//echo $command.'</br>';
|
|
if($req->errorInfo()[0] != 0)
|
|
echo 'Erreur SQL, veuillez verifier les selecteurs';
|
|
$out = array();
|
|
while($rep = $req->fetch())
|
|
$out[] = new Membre($rep['ID']);
|
|
|
|
//Choose return value
|
|
switch(count($out)){
|
|
case 0:
|
|
return NULL;
|
|
case 1:
|
|
return $out[0];
|
|
default:
|
|
return $out;
|
|
}
|
|
}
|
|
|
|
public static function getFromPseudo($pseudo){
|
|
return Membre::getFromAttributes(array(['pseudo','=',['"',$pseudo]]));
|
|
}
|
|
|
|
public static function getFromAdminLevel($level){
|
|
return Membre::getFromAttributes(array(['adminLevel','=',['0',$level]]));
|
|
}
|
|
|
|
public static function getFromDateCreation($date){
|
|
return Membre::getFromAttributes(array(['dateCreation','=',['0',$date]]));
|
|
}
|
|
|
|
public static function getCreatedLaterThan($date){
|
|
return Membre::getFromAttributes(array(['dateCreation','>',['"',$date]]));
|
|
}
|
|
|
|
public static function getCreatedEarlierThan($date){
|
|
return Membre::getFromAttributes(array(['dateCreation','<',['"',$date]]));
|
|
}
|
|
|
|
public static function getAdminGreaterThan($min){
|
|
return Membre::getFromAttributes(array(['adminLevel','>',['0',$min]]));
|
|
}
|
|
|
|
public static function getAdminLowerThan($max){
|
|
return Membre::getFromAttributes(array(['adminLevel','<',['0',$max]]));
|
|
}
|
|
|
|
public static function me(){
|
|
if(!isset($_SESSION['session_id']))
|
|
return NULL;
|
|
$me = new Membre($_SESSION['session_id']);
|
|
if(!$me->exists())
|
|
return NULL;
|
|
return $me;
|
|
}
|
|
|
|
|
|
//Membre creator
|
|
public static function registerPerson($pseudo, $mdp) {
|
|
if (Membre::getFromPseudo($pseudo))
|
|
return Membre::USED_USERNAME;
|
|
$req = $GLOBALS ['bdd']->prepare ('INSERT INTO membres(pseudo,mdp,date_creation) VALUES (?,?,NOW())');
|
|
$req->execute (array($pseudo,password_hash( $mdp, PASSWORD_DEFAULT)));
|
|
return Membre::PERSON_REGISTERED;
|
|
}
|
|
|
|
//Operateurs
|
|
public function __is_identical($copain){
|
|
return $this->getID() == $copain->getID();
|
|
}
|
|
|
|
|
|
//Outputs texts
|
|
|
|
//changePassword
|
|
const PASSWORD_TOO_LONG = 'Le mot de passe est trop long ! (Max : 255 caractères)';
|
|
const PASSWORD_CHANGED = 'Le mot de passe a bien été changé';
|
|
|
|
//registerPerson
|
|
const USED_USERNAME = 'Le pseudonyme est déjà utilisé';
|
|
const PERSON_REGISTERED = 'Le membre a bien été inscrit !';
|
|
}
|
|
|
|
|
|
|
|
|
|
|