meow
/
php-webservice
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c26e624480'
${ noResults }
php-webservice/lib/User.php

256 lines
9.1 KiB
PHP
Raw Blame History

<?php
require_once('DbMapping.php');
require_once('AudioBook.php');
/**
* User is mapped on the Useraccounts table. Contains user information : id, login, firstName, lastName, displayName.
*
* @property int id
* @property string $login
* @property string $sql_login
* @property string $password
* @property string $sql_password
* @property string $privatePhone
* @property string $sql_privatePhone
* @property string $officePhone
* @property string $sql_officePhone
* @property string $mobilePhone
* @property string $sql_mobilePhone
* @property string $addressId
* @property string $sql_addressId
* @property string $displayName
* @property string $sql_displayName
* @property string $firstName
* @property string $sql_firstName
* @property string $lastName
* @property string $sql_lastName
* @property string $mail
* @property string $sql_mail
*/
class User extends DbMapping
{
public static $tableName = 'Useraccounts';
public static $idColumn = 'UseraccountID';
protected static $addressTableName = 'Addresses';
protected static $addressIdColumn = 'AddressID';
protected static $wishTableName = 'Wishes';
protected static $circulationTableName = 'Circulations';
protected static $itemTableName = 'Items';
protected $wishes;
protected $circulations;
protected $oldCirculations;
protected $attributeNames = 'id login firstName lastName displayName freeOne mail addressId mobilePhone officePhone privatePhone';
protected $privateAttributeNames = 'password';
/**
* @param string $login Login for the user
* @param string $password Password for the user
* @return User|null User object if we were able to authenticate
*/
public static function authenticate($login, $password)
{
$password = str_replace("'", "''", $password);
return User::find($login, " UPPER(password) = UPPER('$password') ", false);
}
/**
* Retrieve a user by its login. Do not represent a valid authentication.
*
* Cond has to be safe because no check are made inside.
*
* @param string $login login the login name
* @param string $cond a condition to restrict the choice, optional
* @param bool $raiseError
* @return User the User object or NULL if no user found.
*/
public static function find($login, $cond = '', $raiseError = true)
{
$login = str_replace("'", "''", $login);
if(strlen($cond) > 0) {
$cond = " AND $cond";
}
$sql = sprintf("SELECT TOP 1
[FirstName] AS firstName,
[LastName] AS lastName,
[DisplayName] AS displayName,
[UserDefined1] AS freeOne,
[ActualAddressID] AS addressId,
[Email] AS mail,
[TelephoneMobile] AS mobilePhone,
[TelephonePrivate] AS privatePhone,
[Telephone] AS officePhone,
[%s] AS id,
REPLACE(UseraccountNr, ' ', '') AS login
FROM [%s] AS u
LEFT JOIN [%s] AS a ON a.[%s] = u.[ActualAddressID]
WHERE REPLACE(UseraccountNr, ' ', '') = '%s' AND disabled = 1 %s;",
self::$idColumn, self::$tableName, self::$addressTableName, self::$addressIdColumn, $login, $cond);
$results = Connection::execute($sql, $raiseError);
return $results->current() !== false ? new User($results->current()) : null;
}
public function __toString()
{
return $this->displayName;
}
/**
* Update the database. Note that new user insertion don't work in this implementation.
*/
public function save()
{
$strSQL = "UPDATE " . User::$tableName . " SET FirstName = '$this->sql_firstName', LastName = '$this->sql_lastName', ";
$strSQL .= "DisplayName = '$this->sql_displayName'";
$strSQL .= "WHERE Replace(UseraccountNr, ' ', '') = '$this->sql_login'";
Connection::execute($strSQL, true);
$strSQL = "UPDATE " . User::$addressTableName . " SET Email = '$this->sql_mail', TelephoneMobile = '$this->sql_mobilePhone', ";
$strSQL .= "Telephone = '$this->sql_officePhone', TelephonePrivate = '$this->sql_privatePhone' ";
$strSQL .= "WHERE " . User::$addressTableName . "." . User::$addressIdColumn . " = $this->sql_addressId";
Connection::execute($strSQL, true);
if ($this->password) {
$strSQL = "UPDATE " . User::$tableName . " SET Password = UPPER('$this->sql_password') ";
$strSQL .= "WHERE Replace(UseraccountNr, ' ', '') = '$this->sql_login'";
Connection::execute($strSQL, true);
}
}
public function reload()
{
$this->setAttributes(User::find($this->login)->toArray());
}
private function _getCirculations($table, $sort = "ItemNr ASC") {
$sql = sprintf("SELECT
NoticeID,
CheckOutDate,
ItemNr
FROM %s AS c, Items
WHERE
c.UseraccountId = %s
AND Items.ItemId=c.ItemId
ORDER BY %s", $table, $this->id, $sort);
$result = Connection::execute($sql);
$circulations = $result->to_array();
$books = array_map(function($c) { return $c['NoticeID']; }, $circulations);
$books = AudioBook::findBy('NoticeID', $books, true);
foreach($circulations as $c) {
$books[$c['NoticeID']]['date'] = $c['CheckOutDate'];
$books[$c['NoticeID']]['itemNr'] = $c['ItemNr'];
}
return $books;
}
public function getCirculations()
{
return $this->_getCirculations('Circulations');
}
public function getOldCirculations()
{
return $this->_getCirculations('OldCirculations', 'CheckOutDate DESC');
}
/**
* Add a book to the wish list if it is not already inside.
*
* delete the wishes cache for it to be reloaded the next time getWishes will be called.
* @param int $noticeId
* @return bool
*/
public function addWish($noticeId)
{
$noticeId = str_replace("'", "''", $noticeId);
if (!$this->hasWish($noticeId)) {
// recover last id
$idSQL = "SELECT WishID from Counters";
$idResult = Connection::execute($idSQL, true);
// return print_r($idResult, 1);
if ($row = $idResult->next()) {
// get new value
$newWishID = $row['WishID'] + 1;
// update counter
$idSQL = "UPDATE Counters SET WishID=" . $newWishID;
Connection::execute($idSQL, true);
$table = User::$wishTableName;
$employee_id = Configuration::get('www_employee_id');
$library_id = Configuration::get('www_library_id');
$strSQL = "INSERT INTO $table (WishID, " . AudioBook::$idColumn . ", " . User::$idColumn . ", CreationDate, EmployeeID, BranchOfficeID, Remark, ModificationDate)";
$strSQL .= " VALUES($newWishID, $noticeId, $this->id, GETDATE(), $employee_id, $library_id, '', GETDATE())";
// return $strSQL;
Connection::execute($strSQL);
// $this->wishes = NULL;
return true;
} else {
return false;
}
}
return false;
}
/**
* Return true if the book is in the wish list
* @param int $noticeId
* @return bool
*/
public function hasWish($noticeId)
{
foreach ($this->getWishes() as $book) {
if ($book['id'] == $noticeId) {
return true;
}
}
return false;
}
/**
* Wishes are all the books that this user want to read.
* @param int $limit
* @return AudioBook[]
*/
public function getWishes($limit = 50)
{
if (!$this->wishes) {
$sql = "SELECT TOP $limit
NoticeID
FROM ".User::$wishTableName."
WHERE ".User::$idColumn . " = $this->id
ORDER BY CreationDate desc";
$result = Connection::execute($sql);
$ids = array();
while ($row = $result->next()) {
$ids[] = $row['NoticeID'];
}
$this->wishes = AudioBook::findBy('NoticeID', $ids, true);
}
return $this->wishes;
}
/**
* Remove a book from the wish list
* @param int $noticeId
*/
public function deleteWish($noticeId)
{
$noticeId = str_replace("'", "''", $noticeId);
$table = User::$wishTableName;
$strSQL = "DELETE FROM $table";
$strSQL .= " WHERE NoticeID = $noticeId AND " . User::$idColumn . " = $this->id;";
Connection::execute($strSQL, true);
}
}
Reference in New Issue View Git Blame Copy Permalink