first blood
This commit is contained in:
Gilles Crettenand
282
lib/User.php
Normal file
282
lib/User.php
Normal file
@@ -0,0 +1,282 @@
|
||||
<?php
|
||||
require_once('DbMapping.php');
|
||||
require_once('AudioBook.php');
|
||||
|
||||
/**
|
||||
* User is mapped on the Useraccounts table. Contains user information : id, login, firstName, lastName, displayName.
|
||||
*
|
||||
* @property int id
|
||||
* @property string $login
|
||||
* @property string $sql_login
|
||||
* @property string $password
|
||||
* @property string $sql_password
|
||||
* @property string $privatePhone
|
||||
* @property string $sql_privatePhone
|
||||
* @property string $officePhone
|
||||
* @property string $sql_officePhone
|
||||
* @property string $mobilePhone
|
||||
* @property string $sql_mobilePhone
|
||||
* @property string $addressId
|
||||
* @property string $sql_addressId
|
||||
* @property string $displayName
|
||||
* @property string $sql_displayName
|
||||
* @property string $firstName
|
||||
* @property string $sql_firstName
|
||||
* @property string $lastName
|
||||
* @property string $sql_lastName
|
||||
* @property string $mail
|
||||
* @property string $sql_mail
|
||||
*/
|
||||
class User extends DbMapping
|
||||
{
|
||||
public static $tableName = 'Useraccounts';
|
||||
public static $idColumn = 'UseraccountID';
|
||||
|
||||
protected static $addressTableName = 'Addresses';
|
||||
protected static $addressIdColumn = 'AddressID';
|
||||
protected static $wishTableName = 'Wishes';
|
||||
protected static $circulationTableName = 'Circulations';
|
||||
protected static $itemTableName = 'Items';
|
||||
|
||||
protected $wishes;
|
||||
protected $circulations;
|
||||
protected $oldCirculations;
|
||||
|
||||
protected $attributeNames = 'id login firstName lastName displayName freeOne mail addressId mobilePhone officePhone privatePhone';
|
||||
protected $privateAttributeNames = 'password';
|
||||
|
||||
/**
|
||||
* @param string $login Login for the user
|
||||
* @param string $password Password for the user
|
||||
* @return User|null User object if we were able to authenticate
|
||||
*/
|
||||
public static function authenticate($login, $password)
|
||||
{
|
||||
$password = str_replace("'", "''", $password);
|
||||
return User::find($login, " UPPER(password) = UPPER('$password') ", false);
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve a user by its login. Do not represent a valid authentication.
|
||||
*
|
||||
* Cond has to be safe because no check are made inside.
|
||||
*
|
||||
* @param string $login login the login name
|
||||
* @param string $cond a condition to restrict the choice, optional
|
||||
* @param bool $raiseError
|
||||
* @return User the User object or NULL if no user found.
|
||||
*/
|
||||
public static function find($login, $cond = '', $raiseError = true)
|
||||
{
|
||||
$login = str_replace("'", "''", $login);
|
||||
if(strlen($cond) > 0) {
|
||||
$cond = " AND $cond";
|
||||
}
|
||||
|
||||
$sql = sprintf("SELECT TOP 1
|
||||
[FirstName] AS firstName,
|
||||
[LastName] AS lastName,
|
||||
[DisplayName] AS displayName,
|
||||
[UserDefined1] AS freeOne,
|
||||
[ActualAddressID] AS addressId,
|
||||
[Email] AS mail,
|
||||
[TelephoneMobile] AS mobilePhone,
|
||||
[TelephonePrivate] AS privatePhone,
|
||||
[Telephone] AS officePhone,
|
||||
[%s] AS id,
|
||||
REPLACE(UseraccountNr, ' ', '') AS login
|
||||
FROM [%s] AS u
|
||||
LEFT JOIN [%s] AS a ON a.[%s] = u.[ActualAddressID]
|
||||
WHERE REPLACE(UseraccountNr, ' ', '') = '%s' AND disabled = 1 %s;",
|
||||
self::$idColumn, self::$tableName, self::$addressTableName, self::$addressIdColumn, $login, $cond);
|
||||
|
||||
$results = Connection::execute($sql, $raiseError);
|
||||
return $results->current() !== false ? new User($results->current()) : null;
|
||||
}
|
||||
|
||||
public function __toString()
|
||||
{
|
||||
return $this->displayName;
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the database. Note that new user insertion don't work in this implementation.
|
||||
*/
|
||||
public function save()
|
||||
{
|
||||
$strSQL = "UPDATE " . User::$tableName . " SET FirstName = '$this->sql_firstName', LastName = '$this->sql_lastName', ";
|
||||
$strSQL .= "DisplayName = '$this->sql_displayName'";
|
||||
$strSQL .= "WHERE Replace(UseraccountNr, ' ', '') = '$this->sql_login'";
|
||||
Connection::execute($strSQL, true);
|
||||
|
||||
$strSQL = "UPDATE " . User::$addressTableName . " SET Email = '$this->sql_mail', TelephoneMobile = '$this->sql_mobilePhone', ";
|
||||
$strSQL .= "Telephone = '$this->sql_officePhone', TelephonePrivate = '$this->sql_privatePhone' ";
|
||||
$strSQL .= "WHERE " . User::$addressTableName . "." . User::$addressIdColumn . " = $this->sql_addressId";
|
||||
Connection::execute($strSQL, true);
|
||||
|
||||
if ($this->password) {
|
||||
$strSQL = "UPDATE " . User::$tableName . " SET Password = UPPER('$this->sql_password') ";
|
||||
$strSQL .= "WHERE Replace(UseraccountNr, ' ', '') = '$this->sql_login'";
|
||||
Connection::execute($strSQL, true);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
public function reload()
|
||||
{
|
||||
$this->setAttributes(User::find($this->login)->toArray());
|
||||
}
|
||||
|
||||
public function getCirculations()
|
||||
{
|
||||
if (!$this->circulations) {
|
||||
$strSQL = "SELECT NoticeId, CheckOutDate, ItemNr FROM Circulations, Items " .
|
||||
"WHERE Circulations.UseraccountId = $this->id and Items.ItemId=Circulations.ItemId " .
|
||||
"ORDER BY ItemNr asc";
|
||||
|
||||
$result = Connection::execute($strSQL);
|
||||
|
||||
$ids = array();
|
||||
$checkOutDates = array();
|
||||
$itemNrs = array();
|
||||
|
||||
while ($row = $result->next()) {
|
||||
$ids[] = $row['NoticeId'];
|
||||
$checkOutDates[] = $row['CheckOutDate'];
|
||||
$itemNrs[] = $row['ItemNr'];
|
||||
}
|
||||
$this->circulations = AudioBook::find($ids);
|
||||
|
||||
// ici je remplace le champs date du livre par la date du prêt
|
||||
$counter = 0;
|
||||
foreach ($this->circulations as &$circulation) {
|
||||
|
||||
$circulation->date = substr($checkOutDates[$counter], 0, 10);
|
||||
$circulation->itemNr = $itemNrs[$counter];
|
||||
|
||||
$counter++;
|
||||
}
|
||||
}
|
||||
return $this->circulations;
|
||||
}
|
||||
|
||||
public function getOldCirculations()
|
||||
{
|
||||
|
||||
//if(!$this->oldCirculations){
|
||||
$strSQL = "SELECT NoticeId, CheckOutDate FROM OldCirculations, Items " .
|
||||
"WHERE OldCirculations.UseraccountId = $this->id and Items.ItemId=OldCirculations.ItemId " .
|
||||
"ORDER BY CheckOutDate desc";
|
||||
|
||||
|
||||
$result = Connection::execute($strSQL);
|
||||
$ids = array();
|
||||
$checkOutDates = array();
|
||||
while ($row = $result->next()) {
|
||||
$ids[] = $row['NoticeId'];
|
||||
$checkOutDates[] = $row['CheckOutDate'];
|
||||
}
|
||||
$this->oldCirculations = AudioBook::find($ids);
|
||||
|
||||
// ici je remplace le champs date du livre par la date du prêt
|
||||
$counter = 0;
|
||||
foreach ($this->oldCirculations as &$circulation) {
|
||||
|
||||
$circulation->date = substr($checkOutDates[$counter], 0, 10);
|
||||
$counter++;
|
||||
}
|
||||
|
||||
//}
|
||||
|
||||
return $this->oldCirculations;
|
||||
}
|
||||
|
||||
/**
|
||||
* Add a book to the wish list if it is not already inside.
|
||||
*
|
||||
* delete the wishes cache for it to be reloaded the next time getWishes will be called.
|
||||
* @param int $noticeId
|
||||
* @return bool
|
||||
*/
|
||||
public function addWish($noticeId)
|
||||
{
|
||||
$noticeId = str_replace("'", "''", $noticeId);
|
||||
if (!$this->hasWish($noticeId)) {
|
||||
// recover last id
|
||||
$idSQL = "SELECT WishID from Counters";
|
||||
$idResult = Connection::execute($idSQL, true);
|
||||
// return print_r($idResult, 1);
|
||||
if ($row = $idResult->next()) {
|
||||
// get new value
|
||||
$newWishID = $row['WishID'] + 1;
|
||||
|
||||
// update counter
|
||||
$idSQL = "UPDATE Counters SET WishID=" . $newWishID;
|
||||
Connection::execute($idSQL, true);
|
||||
|
||||
$table = User::$wishTableName;
|
||||
$employee_id = Configuration::get('www_employee_id');
|
||||
$library_id = Configuration::get('www_library_id');
|
||||
$strSQL = "INSERT INTO $table (WishID, " . AudioBook::$idColumn . ", " . User::$idColumn . ", CreationDate, EmployeeID, BranchOfficeID, Remark, ModificationDate)";
|
||||
$strSQL .= " VALUES($newWishID, $noticeId, $this->id, GETDATE(), $employee_id, $library_id, '', GETDATE())";
|
||||
|
||||
// return $strSQL;
|
||||
Connection::execute($strSQL);
|
||||
|
||||
// $this->wishes = NULL;
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return true if the book is in the wish list
|
||||
* @param int $noticeId
|
||||
* @return bool
|
||||
*/
|
||||
public function hasWish($noticeId)
|
||||
{
|
||||
foreach ($this->getWishes() as $book) {
|
||||
if ($book->id == $noticeId) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Wishes are all the books that this user want to read.
|
||||
* @param int $limit
|
||||
* @return AudioBook[]
|
||||
*/
|
||||
public function getWishes($limit = 50)
|
||||
{
|
||||
if (!$this->wishes) {
|
||||
$strSQL = "SELECT TOP " . $limit . AudioBook::$idColumn . " FROM " . User::$wishTableName . " WHERE " . User::$idColumn . " = $this->id ORDER BY CreationDate desc";
|
||||
|
||||
$result = Connection::execute($strSQL);
|
||||
$ids = array();
|
||||
while ($row = $result->next()) {
|
||||
$ids[] = $row['NoticeID'];
|
||||
}
|
||||
$this->wishes = AudioBook::find($ids);
|
||||
}
|
||||
return $this->wishes;
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove a book from the wish list
|
||||
* @param int $noticeId
|
||||
*/
|
||||
public function deleteWish($noticeId)
|
||||
{
|
||||
$noticeId = str_replace("'", "''", $noticeId);
|
||||
$table = User::$wishTableName;
|
||||
$strSQL = "DELETE FROM $table";
|
||||
$strSQL .= " WHERE " . AudioBook::$idColumn . " = $noticeId AND " . User::$idColumn . " = $this->id;";
|
||||
Connection::execute($strSQL, true);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user