1a25f0a04SGreg Roach<?php 2a25f0a04SGreg Roach/** 3a25f0a04SGreg Roach * webtrees: online genealogy 46bdf7674SGreg Roach * Copyright (C) 2017 webtrees development team 5a25f0a04SGreg Roach * This program is free software: you can redistribute it and/or modify 6a25f0a04SGreg Roach * it under the terms of the GNU General Public License as published by 7a25f0a04SGreg Roach * the Free Software Foundation, either version 3 of the License, or 8a25f0a04SGreg Roach * (at your option) any later version. 9a25f0a04SGreg Roach * This program is distributed in the hope that it will be useful, 10a25f0a04SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of 11a25f0a04SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12a25f0a04SGreg Roach * GNU General Public License for more details. 13a25f0a04SGreg Roach * You should have received a copy of the GNU General Public License 14a25f0a04SGreg Roach * along with this program. If not, see <http://www.gnu.org/licenses/>. 15a25f0a04SGreg Roach */ 1676692c8bSGreg Roachnamespace Fisharebest\Webtrees; 17a25f0a04SGreg Roach 18a25f0a04SGreg Roach/** 1976692c8bSGreg Roach * Provide an interface to the wt_user table. 20a25f0a04SGreg Roach */ 21a25f0a04SGreg Roachclass User { 22a25f0a04SGreg Roach /** @var string The primary key of this user. */ 23a25f0a04SGreg Roach private $user_id; 24a25f0a04SGreg Roach 25a25f0a04SGreg Roach /** @var string The login name of this user. */ 26a25f0a04SGreg Roach private $user_name; 27a25f0a04SGreg Roach 28a25f0a04SGreg Roach /** @var string The real (display) name of this user. */ 29a25f0a04SGreg Roach private $real_name; 30a25f0a04SGreg Roach 31a25f0a04SGreg Roach /** @var string The email address of this user. */ 32a25f0a04SGreg Roach private $email; 33a25f0a04SGreg Roach 34*15d603e7SGreg Roach /** @var string[] Cached copy of the wt_user_setting table. */ 35*15d603e7SGreg Roach private $preferences = []; 36a25f0a04SGreg Roach 37a25f0a04SGreg Roach /** @var User[] Only fetch users from the database once. */ 3813abd6f3SGreg Roach private static $cache = []; 39a25f0a04SGreg Roach 40a25f0a04SGreg Roach /** 41a25f0a04SGreg Roach * Find the user with a specified user_id. 42a25f0a04SGreg Roach * 43cbc1590aSGreg Roach * @param int|null $user_id 44a25f0a04SGreg Roach * 45a25f0a04SGreg Roach * @return User|null 46a25f0a04SGreg Roach */ 47a25f0a04SGreg Roach public static function find($user_id) { 48a25f0a04SGreg Roach if (!array_key_exists($user_id, self::$cache)) { 49a25f0a04SGreg Roach $row = Database::prepare( 50a25f0a04SGreg Roach "SELECT SQL_CACHE user_id, user_name, real_name, email FROM `##user` WHERE user_id = ?" 5113abd6f3SGreg Roach )->execute([$user_id])->fetchOneRow(); 52a25f0a04SGreg Roach if ($row) { 5306ef8e02SGreg Roach self::$cache[$user_id] = new self($row); 54a25f0a04SGreg Roach } else { 55a25f0a04SGreg Roach self::$cache[$user_id] = null; 56a25f0a04SGreg Roach } 57a25f0a04SGreg Roach } 58a25f0a04SGreg Roach 59a25f0a04SGreg Roach return self::$cache[$user_id]; 60a25f0a04SGreg Roach } 61a25f0a04SGreg Roach 62a25f0a04SGreg Roach /** 63a982a56eSGreg Roach * Find the user with a specified user_name. 64a982a56eSGreg Roach * 65a982a56eSGreg Roach * @param string $user_name 66a982a56eSGreg Roach * 67a982a56eSGreg Roach * @return User|null 68a982a56eSGreg Roach */ 69a982a56eSGreg Roach public static function findByUserName($user_name) { 70a982a56eSGreg Roach $user_id = Database::prepare( 71a982a56eSGreg Roach "SELECT SQL_CACHE user_id FROM `##user` WHERE user_name = :user_name" 7213abd6f3SGreg Roach )->execute([ 73a982a56eSGreg Roach 'user_name' => $user_name, 7413abd6f3SGreg Roach ])->fetchOne(); 75a982a56eSGreg Roach 76a982a56eSGreg Roach return self::find($user_id); 77a982a56eSGreg Roach } 78a982a56eSGreg Roach 79a982a56eSGreg Roach /** 80a982a56eSGreg Roach * Find the user with a specified email address. 81a982a56eSGreg Roach * 82a982a56eSGreg Roach * @param string $email 83a982a56eSGreg Roach * 84a982a56eSGreg Roach * @return User|null 85a982a56eSGreg Roach */ 86a982a56eSGreg Roach public static function findByEmail($email) { 87a982a56eSGreg Roach $user_id = Database::prepare( 88a982a56eSGreg Roach "SELECT SQL_CACHE user_id FROM `##user` WHERE email = :email" 8913abd6f3SGreg Roach )->execute([ 90a982a56eSGreg Roach 'email' => $email, 9113abd6f3SGreg Roach ])->fetchOne(); 92a982a56eSGreg Roach 93a982a56eSGreg Roach return self::find($user_id); 94a982a56eSGreg Roach } 95a982a56eSGreg Roach 96a982a56eSGreg Roach /** 97a982a56eSGreg Roach * Find the user with a specified user_name or email address. 98a25f0a04SGreg Roach * 99a25f0a04SGreg Roach * @param string $identifier 100a25f0a04SGreg Roach * 101a25f0a04SGreg Roach * @return User|null 102a25f0a04SGreg Roach */ 103a25f0a04SGreg Roach public static function findByIdentifier($identifier) { 104a25f0a04SGreg Roach $user_id = Database::prepare( 105a25f0a04SGreg Roach "SELECT SQL_CACHE user_id FROM `##user` WHERE ? IN (user_name, email)" 10613abd6f3SGreg Roach )->execute([$identifier])->fetchOne(); 107a25f0a04SGreg Roach 108a25f0a04SGreg Roach return self::find($user_id); 109a25f0a04SGreg Roach } 110a25f0a04SGreg Roach 111a25f0a04SGreg Roach /** 112a25f0a04SGreg Roach * Find the user with a specified genealogy record. 113a25f0a04SGreg Roach * 114a25f0a04SGreg Roach * @param Individual $individual 115a25f0a04SGreg Roach * 116a25f0a04SGreg Roach * @return User|null 117a25f0a04SGreg Roach */ 118a5adda01SGreg Roach public static function findByGenealogyRecord(Individual $individual) { 119a25f0a04SGreg Roach $user_id = Database::prepare( 120a25f0a04SGreg Roach "SELECT SQL_CACHE user_id" . 121a25f0a04SGreg Roach " FROM `##user_gedcom_setting`" . 122a5adda01SGreg Roach " WHERE gedcom_id = :tree_id AND setting_name = 'gedcomid' AND setting_value = :xref" 12313abd6f3SGreg Roach )->execute([ 124a5adda01SGreg Roach 'tree_id' => $individual->getTree()->getTreeId(), 125cbc1590aSGreg Roach 'xref' => $individual->getXref(), 12613abd6f3SGreg Roach ])->fetchOne(); 127a25f0a04SGreg Roach 128a25f0a04SGreg Roach return self::find($user_id); 129a25f0a04SGreg Roach } 130a25f0a04SGreg Roach 131a25f0a04SGreg Roach /** 132a25f0a04SGreg Roach * Find the latest user to register. 133a25f0a04SGreg Roach * 134a25f0a04SGreg Roach * @return User|null 135a25f0a04SGreg Roach */ 136a25f0a04SGreg Roach public static function findLatestToRegister() { 137a25f0a04SGreg Roach $user_id = Database::prepare( 138a25f0a04SGreg Roach "SELECT SQL_CACHE u.user_id" . 139a25f0a04SGreg Roach " FROM `##user` u" . 140a25f0a04SGreg Roach " LEFT JOIN `##user_setting` us ON (u.user_id=us.user_id AND us.setting_name='reg_timestamp') " . 141a25f0a04SGreg Roach " ORDER BY us.setting_value DESC LIMIT 1" 142a25f0a04SGreg Roach )->execute()->fetchOne(); 143a25f0a04SGreg Roach 144a25f0a04SGreg Roach return self::find($user_id); 145a25f0a04SGreg Roach } 146a25f0a04SGreg Roach 147a25f0a04SGreg Roach /** 148a25f0a04SGreg Roach * Create a new user. 149a25f0a04SGreg Roach * 150a25f0a04SGreg Roach * The calling code needs to check for duplicates identifiers before calling 151a25f0a04SGreg Roach * this function. 152a25f0a04SGreg Roach * 153a25f0a04SGreg Roach * @param string $user_name 154a25f0a04SGreg Roach * @param string $real_name 155a25f0a04SGreg Roach * @param string $email 156a25f0a04SGreg Roach * @param string $password 157a25f0a04SGreg Roach * 158a25f0a04SGreg Roach * @return User 159a25f0a04SGreg Roach */ 160a25f0a04SGreg Roach public static function create($user_name, $real_name, $email, $password) { 161a25f0a04SGreg Roach Database::prepare( 162a25f0a04SGreg Roach "INSERT INTO `##user` (user_name, real_name, email, password) VALUES (:user_name, :real_name, :email, :password)" 16313abd6f3SGreg Roach )->execute([ 164a25f0a04SGreg Roach 'user_name' => $user_name, 165a25f0a04SGreg Roach 'real_name' => $real_name, 166a25f0a04SGreg Roach 'email' => $email, 167015c99a2SGreg Roach 'password' => password_hash($password, PASSWORD_DEFAULT), 16813abd6f3SGreg Roach ]); 169a25f0a04SGreg Roach 170a25f0a04SGreg Roach // Set default blocks for this user 17106ef8e02SGreg Roach $user = self::findByIdentifier($user_name); 172a25f0a04SGreg Roach Database::prepare( 173a25f0a04SGreg Roach "INSERT INTO `##block` (`user_id`, `location`, `block_order`, `module_name`)" . 174a25f0a04SGreg Roach " SELECT :user_id , `location`, `block_order`, `module_name` FROM `##block` WHERE `user_id` = -1" 17513abd6f3SGreg Roach )->execute(['user_id' => $user->getUserId()]); 176cbc1590aSGreg Roach 177a25f0a04SGreg Roach return $user; 178a25f0a04SGreg Roach } 179a25f0a04SGreg Roach 180a25f0a04SGreg Roach /** 181a25f0a04SGreg Roach * Get a count of all users. 182a25f0a04SGreg Roach * 183cbc1590aSGreg Roach * @return int 184a25f0a04SGreg Roach */ 185a25f0a04SGreg Roach public static function count() { 186a25f0a04SGreg Roach return (int) Database::prepare( 187a25f0a04SGreg Roach "SELECT SQL_CACHE COUNT(*)" . 188a25f0a04SGreg Roach " FROM `##user`" . 189a25f0a04SGreg Roach " WHERE user_id > 0" 190a25f0a04SGreg Roach )->fetchOne(); 191a25f0a04SGreg Roach } 192a25f0a04SGreg Roach 193a25f0a04SGreg Roach /** 194a25f0a04SGreg Roach * Get a list of all users. 195a25f0a04SGreg Roach * 196a25f0a04SGreg Roach * @return User[] 197a25f0a04SGreg Roach */ 198a25f0a04SGreg Roach public static function all() { 19913abd6f3SGreg Roach $users = []; 200a25f0a04SGreg Roach 201a25f0a04SGreg Roach $rows = Database::prepare( 202a25f0a04SGreg Roach "SELECT SQL_CACHE user_id, user_name, real_name, email" . 203a25f0a04SGreg Roach " FROM `##user`" . 204a25f0a04SGreg Roach " WHERE user_id > 0" . 205a25f0a04SGreg Roach " ORDER BY user_name" 206a25f0a04SGreg Roach )->fetchAll(); 207a25f0a04SGreg Roach 208a25f0a04SGreg Roach foreach ($rows as $row) { 20906ef8e02SGreg Roach $users[] = new self($row); 210a25f0a04SGreg Roach } 211a25f0a04SGreg Roach 212a25f0a04SGreg Roach return $users; 213a25f0a04SGreg Roach } 214a25f0a04SGreg Roach 215a25f0a04SGreg Roach /** 216a25f0a04SGreg Roach * Get a list of all administrators. 217a25f0a04SGreg Roach * 218a25f0a04SGreg Roach * @return User[] 219a25f0a04SGreg Roach */ 220a25f0a04SGreg Roach public static function allAdmins() { 221a25f0a04SGreg Roach $rows = Database::prepare( 222a25f0a04SGreg Roach "SELECT SQL_CACHE user_id, user_name, real_name, email" . 223a25f0a04SGreg Roach " FROM `##user`" . 224a25f0a04SGreg Roach " JOIN `##user_setting` USING (user_id)" . 225a25f0a04SGreg Roach " WHERE user_id > 0" . 226a25f0a04SGreg Roach " AND setting_name = 'canadmin'" . 227a25f0a04SGreg Roach " AND setting_value = '1'" 228a25f0a04SGreg Roach )->fetchAll(); 229a25f0a04SGreg Roach 23013abd6f3SGreg Roach $users = []; 231a25f0a04SGreg Roach foreach ($rows as $row) { 23206ef8e02SGreg Roach $users[] = new self($row); 233a25f0a04SGreg Roach } 234a25f0a04SGreg Roach 235a25f0a04SGreg Roach return $users; 236a25f0a04SGreg Roach } 237a25f0a04SGreg Roach 238a25f0a04SGreg Roach /** 239a25f0a04SGreg Roach * Get a list of all verified uses. 240a25f0a04SGreg Roach * 241a25f0a04SGreg Roach * @return User[] 242a25f0a04SGreg Roach */ 243a25f0a04SGreg Roach public static function allVerified() { 244a25f0a04SGreg Roach $rows = Database::prepare( 245a25f0a04SGreg Roach "SELECT SQL_CACHE user_id, user_name, real_name, email" . 246a25f0a04SGreg Roach " FROM `##user`" . 247a25f0a04SGreg Roach " JOIN `##user_setting` USING (user_id)" . 248a25f0a04SGreg Roach " WHERE user_id > 0" . 249a25f0a04SGreg Roach " AND setting_name = 'verified'" . 250a25f0a04SGreg Roach " AND setting_value = '1'" 251a25f0a04SGreg Roach )->fetchAll(); 252a25f0a04SGreg Roach 25313abd6f3SGreg Roach $users = []; 254a25f0a04SGreg Roach foreach ($rows as $row) { 25506ef8e02SGreg Roach $users[] = new self($row); 256a25f0a04SGreg Roach } 257a25f0a04SGreg Roach 258a25f0a04SGreg Roach return $users; 259a25f0a04SGreg Roach } 260a25f0a04SGreg Roach 261a25f0a04SGreg Roach /** 262a25f0a04SGreg Roach * Get a list of all users who are currently logged in. 263a25f0a04SGreg Roach * 264a25f0a04SGreg Roach * @return User[] 265a25f0a04SGreg Roach */ 266a25f0a04SGreg Roach public static function allLoggedIn() { 267a25f0a04SGreg Roach $rows = Database::prepare( 268a25f0a04SGreg Roach "SELECT SQL_NO_CACHE DISTINCT user_id, user_name, real_name, email" . 269a25f0a04SGreg Roach " FROM `##user`" . 270a25f0a04SGreg Roach " JOIN `##session` USING (user_id)" 271a25f0a04SGreg Roach )->fetchAll(); 272a25f0a04SGreg Roach 27313abd6f3SGreg Roach $users = []; 274a25f0a04SGreg Roach foreach ($rows as $row) { 27506ef8e02SGreg Roach $users[] = new self($row); 276a25f0a04SGreg Roach } 277a25f0a04SGreg Roach 278a25f0a04SGreg Roach return $users; 279a25f0a04SGreg Roach } 280a25f0a04SGreg Roach 281a25f0a04SGreg Roach /** 282a25f0a04SGreg Roach * Create a new user object from a row in the database. 283a25f0a04SGreg Roach * 284a25f0a04SGreg Roach * @param \stdclass $user A row from the wt_user table 285a25f0a04SGreg Roach */ 286a25f0a04SGreg Roach public function __construct(\stdClass $user) { 287a25f0a04SGreg Roach $this->user_id = $user->user_id; 288a25f0a04SGreg Roach $this->user_name = $user->user_name; 289a25f0a04SGreg Roach $this->real_name = $user->real_name; 290a25f0a04SGreg Roach $this->email = $user->email; 291a25f0a04SGreg Roach } 292a25f0a04SGreg Roach 293a25f0a04SGreg Roach /** 294a25f0a04SGreg Roach * Delete a user 295a25f0a04SGreg Roach */ 296ffd703eaSGreg Roach public function delete() { 297a25f0a04SGreg Roach // Don't delete the logs. 29813abd6f3SGreg Roach Database::prepare("UPDATE `##log` SET user_id=NULL WHERE user_id =?")->execute([$this->user_id]); 299a25f0a04SGreg Roach // Take over the user’s pending changes. (What else could we do with them?) 30013abd6f3SGreg Roach Database::prepare("DELETE FROM `##change` WHERE user_id=? AND status='rejected'")->execute([$this->user_id]); 30113abd6f3SGreg Roach Database::prepare("UPDATE `##change` SET user_id=? WHERE user_id=?")->execute([Auth::id(), $this->user_id]); 30213abd6f3SGreg Roach Database::prepare("DELETE `##block_setting` FROM `##block_setting` JOIN `##block` USING (block_id) WHERE user_id=?")->execute([$this->user_id]); 30313abd6f3SGreg Roach Database::prepare("DELETE FROM `##block` WHERE user_id=?")->execute([$this->user_id]); 30413abd6f3SGreg Roach Database::prepare("DELETE FROM `##user_gedcom_setting` WHERE user_id=?")->execute([$this->user_id]); 30513abd6f3SGreg Roach Database::prepare("DELETE FROM `##gedcom_setting` WHERE setting_value=? AND setting_name IN ('CONTACT_USER_ID', 'WEBMASTER_USER_ID')")->execute([$this->user_id]); 30613abd6f3SGreg Roach Database::prepare("DELETE FROM `##user_setting` WHERE user_id=?")->execute([$this->user_id]); 30713abd6f3SGreg Roach Database::prepare("DELETE FROM `##message` WHERE user_id=?")->execute([$this->user_id]); 30813abd6f3SGreg Roach Database::prepare("DELETE FROM `##user` WHERE user_id=?")->execute([$this->user_id]); 309a25f0a04SGreg Roach } 310a25f0a04SGreg Roach 311a25f0a04SGreg Roach /** Validate a supplied password 312a25f0a04SGreg Roach * @param string $password 313a25f0a04SGreg Roach * 314cbc1590aSGreg Roach * @return bool 315a25f0a04SGreg Roach */ 316a25f0a04SGreg Roach public function checkPassword($password) { 317a25f0a04SGreg Roach $password_hash = Database::prepare( 318a25f0a04SGreg Roach "SELECT password FROM `##user` WHERE user_id = ?" 31913abd6f3SGreg Roach )->execute([$this->user_id])->fetchOne(); 320a25f0a04SGreg Roach 321015c99a2SGreg Roach if (password_verify($password, $password_hash)) { 322015c99a2SGreg Roach if (password_needs_rehash($password_hash, PASSWORD_DEFAULT)) { 323a25f0a04SGreg Roach $this->setPassword($password); 324a25f0a04SGreg Roach } 325cbc1590aSGreg Roach 326a25f0a04SGreg Roach return true; 327a25f0a04SGreg Roach } else { 328a25f0a04SGreg Roach return false; 329a25f0a04SGreg Roach } 330a25f0a04SGreg Roach } 331a25f0a04SGreg Roach 332a25f0a04SGreg Roach /** 333a25f0a04SGreg Roach * Get the numeric ID for this user. 334a25f0a04SGreg Roach * 335a25f0a04SGreg Roach * @return string 336a25f0a04SGreg Roach */ 337a25f0a04SGreg Roach public function getUserId() { 338a25f0a04SGreg Roach return $this->user_id; 339a25f0a04SGreg Roach } 340a25f0a04SGreg Roach 341a25f0a04SGreg Roach /** 342a25f0a04SGreg Roach * Get the login name for this user. 343a25f0a04SGreg Roach * 344a25f0a04SGreg Roach * @return string 345a25f0a04SGreg Roach */ 346a25f0a04SGreg Roach public function getUserName() { 347a25f0a04SGreg Roach return $this->user_name; 348a25f0a04SGreg Roach } 349a25f0a04SGreg Roach 350a25f0a04SGreg Roach /** 351a25f0a04SGreg Roach * Set the login name for this user. 352a25f0a04SGreg Roach * 353a25f0a04SGreg Roach * @param string $user_name 354a25f0a04SGreg Roach * 355a25f0a04SGreg Roach * @return $this 356a25f0a04SGreg Roach */ 357a25f0a04SGreg Roach public function setUserName($user_name) { 358a25f0a04SGreg Roach if ($this->user_name !== $user_name) { 359a25f0a04SGreg Roach $this->user_name = $user_name; 360a25f0a04SGreg Roach Database::prepare( 361a25f0a04SGreg Roach "UPDATE `##user` SET user_name = ? WHERE user_id = ?" 36213abd6f3SGreg Roach )->execute([$user_name, $this->user_id]); 363a25f0a04SGreg Roach } 364a25f0a04SGreg Roach 365a25f0a04SGreg Roach return $this; 366a25f0a04SGreg Roach } 367a25f0a04SGreg Roach 368a25f0a04SGreg Roach /** 369a25f0a04SGreg Roach * Get the real name of this user. 370a25f0a04SGreg Roach * 371a25f0a04SGreg Roach * @return string 372a25f0a04SGreg Roach */ 373a25f0a04SGreg Roach public function getRealName() { 374a25f0a04SGreg Roach return $this->real_name; 375a25f0a04SGreg Roach } 376a25f0a04SGreg Roach 377a25f0a04SGreg Roach /** 378524c0fabSGreg Roach * Get the real name of this user, for display on screen. 379524c0fabSGreg Roach * 380524c0fabSGreg Roach * @return string 381524c0fabSGreg Roach */ 382524c0fabSGreg Roach public function getRealNameHtml() { 383524c0fabSGreg Roach return '<span dir="auto">' . Filter::escapeHtml($this->real_name) . '</span>'; 384524c0fabSGreg Roach } 385524c0fabSGreg Roach 386524c0fabSGreg Roach /** 387a25f0a04SGreg Roach * Set the real name of this user. 388a25f0a04SGreg Roach * 389a25f0a04SGreg Roach * @param string $real_name 390a25f0a04SGreg Roach * 391a25f0a04SGreg Roach * @return User 392a25f0a04SGreg Roach */ 393a25f0a04SGreg Roach public function setRealName($real_name) { 394a25f0a04SGreg Roach if ($this->real_name !== $real_name) { 395a25f0a04SGreg Roach $this->real_name = $real_name; 396a25f0a04SGreg Roach Database::prepare( 397a25f0a04SGreg Roach "UPDATE `##user` SET real_name = ? WHERE user_id = ?" 39813abd6f3SGreg Roach )->execute([$real_name, $this->user_id]); 399a25f0a04SGreg Roach } 400a25f0a04SGreg Roach 401a25f0a04SGreg Roach return $this; 402a25f0a04SGreg Roach } 403a25f0a04SGreg Roach 404a25f0a04SGreg Roach /** 405a25f0a04SGreg Roach * Get the email address of this user. 406a25f0a04SGreg Roach * 407a25f0a04SGreg Roach * @return string 408a25f0a04SGreg Roach */ 409a25f0a04SGreg Roach public function getEmail() { 410a25f0a04SGreg Roach return $this->email; 411a25f0a04SGreg Roach } 412a25f0a04SGreg Roach 413a25f0a04SGreg Roach /** 414a25f0a04SGreg Roach * Set the email address of this user. 415a25f0a04SGreg Roach * 416a25f0a04SGreg Roach * @param string $email 417a25f0a04SGreg Roach * 418a25f0a04SGreg Roach * @return User 419a25f0a04SGreg Roach */ 420a25f0a04SGreg Roach public function setEmail($email) { 421a25f0a04SGreg Roach if ($this->email !== $email) { 422a25f0a04SGreg Roach $this->email = $email; 423a25f0a04SGreg Roach Database::prepare( 424a25f0a04SGreg Roach "UPDATE `##user` SET email = ? WHERE user_id = ?" 42513abd6f3SGreg Roach )->execute([$email, $this->user_id]); 426a25f0a04SGreg Roach } 427a25f0a04SGreg Roach 428a25f0a04SGreg Roach return $this; 429a25f0a04SGreg Roach } 430a25f0a04SGreg Roach 431a25f0a04SGreg Roach /** 432a25f0a04SGreg Roach * Set the password of this user. 433a25f0a04SGreg Roach * 434a25f0a04SGreg Roach * @param string $password 435a25f0a04SGreg Roach * 436a25f0a04SGreg Roach * @return User 437a25f0a04SGreg Roach */ 438a25f0a04SGreg Roach public function setPassword($password) { 439a25f0a04SGreg Roach Database::prepare( 440015c99a2SGreg Roach "UPDATE `##user` SET password = :password WHERE user_id = :user_id" 441015c99a2SGreg Roach )->execute([ 442015c99a2SGreg Roach 'password' => password_hash($password, PASSWORD_DEFAULT), 443015c99a2SGreg Roach 'user_id' => $this->user_id, 444015c99a2SGreg Roach ]); 445a25f0a04SGreg Roach 446a25f0a04SGreg Roach return $this; 447a25f0a04SGreg Roach } 448a25f0a04SGreg Roach 449a25f0a04SGreg Roach /** 450a25f0a04SGreg Roach * Fetch a user option/setting from the wt_user_setting table. 451a25f0a04SGreg Roach * 452a25f0a04SGreg Roach * Since we'll fetch several settings for each user, and since there aren’t 453a25f0a04SGreg Roach * that many of them, fetch them all in one database query 454a25f0a04SGreg Roach * 455a25f0a04SGreg Roach * @param string $setting_name 456*15d603e7SGreg Roach * @param string $default 457a25f0a04SGreg Roach * 458*15d603e7SGreg Roach * @return string 459a25f0a04SGreg Roach */ 460*15d603e7SGreg Roach public function getPreference($setting_name, $default = '') { 461*15d603e7SGreg Roach if (empty($this->preferences) && $this->user_id !== null) { 462a25f0a04SGreg Roach $this->preferences = Database::prepare( 463*15d603e7SGreg Roach "SELECT SQL_CACHE setting_name, setting_value" . 464*15d603e7SGreg Roach " FROM `##user_setting`" . 465*15d603e7SGreg Roach " WHERE user_id = :user_id" 466*15d603e7SGreg Roach )->execute([ 467*15d603e7SGreg Roach 'user_id' => $this->user_id, 468*15d603e7SGreg Roach ])->fetchAssoc(); 469a25f0a04SGreg Roach } 470a25f0a04SGreg Roach 471*15d603e7SGreg Roach if (!array_key_exists($setting_name, $this->preferences)) { 472*15d603e7SGreg Roach $this->preferences[$setting_name] = $default; 473a25f0a04SGreg Roach } 474*15d603e7SGreg Roach 475*15d603e7SGreg Roach return $this->preferences[$setting_name]; 476a25f0a04SGreg Roach } 477a25f0a04SGreg Roach 478a25f0a04SGreg Roach /** 479a25f0a04SGreg Roach * Update a setting for the user. 480a25f0a04SGreg Roach * 481a25f0a04SGreg Roach * @param string $setting_name 482a25f0a04SGreg Roach * @param string $setting_value 483a25f0a04SGreg Roach * 484a25f0a04SGreg Roach * @return User 485a25f0a04SGreg Roach */ 486a25f0a04SGreg Roach public function setPreference($setting_name, $setting_value) { 487a25f0a04SGreg Roach if ($this->user_id && $this->getPreference($setting_name) !== $setting_value) { 488a25f0a04SGreg Roach Database::prepare("REPLACE INTO `##user_setting` (user_id, setting_name, setting_value) VALUES (?, ?, LEFT(?, 255))") 48913abd6f3SGreg Roach ->execute([$this->user_id, $setting_name, $setting_value]); 490*15d603e7SGreg Roach 491a25f0a04SGreg Roach $this->preferences[$setting_name] = $setting_value; 492a25f0a04SGreg Roach } 493a25f0a04SGreg Roach 494a25f0a04SGreg Roach return $this; 495a25f0a04SGreg Roach } 496a25f0a04SGreg Roach} 497