-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathUser.php
More file actions
114 lines (83 loc) · 3.81 KB
/
User.php
File metadata and controls
114 lines (83 loc) · 3.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
// __DIR__ is a *magic constant* with the directory path containing this file.
// This allows us to correctly require_once Model.php, no matter where this file is being required from.
require_once __DIR__ . '/Model.php';
require_once __DIR__.'/adlister_credentials.php';
class User extends Model
{
/** Insert a new entry into the database */
protected function insert()
{
// @TODO: Use prepared statements to ensure data security
// @TODO: You will need to iterate through all the attributes to build the prepared query
// @TODO: After the insert, add the id back to the attributes array
// so the object properly represents a DB record
$insertData = self::$dbc->prepare('INSERT INTO users(name, email, password) VALUES (:name, :email, :password)');
$insertData->bindValue(':name', $this->attributes['name'], PDO::PARAM_STR);
$insertData->bindValue(':email', $this->attributes['email'], PDO::PARAM_STR);
$insertData->bindValue(':password', password_hash($this->attributes['password'], PASSWORD_DEFAULT), PDO::PARAM_STR);
$insertData->execute();
$insertedId = self::$dbc->lastInsertId();
$insertData = self::$dbc->prepare('SELECT * FROM users WHERE id = ?');
$insertData->execute([$insertedId]);
}
/** Update existing entry in the database */
protected function update()
{
// @TODO: Use prepared statements to ensure data security
// @TODO: You will need to iterate through all the attributes to build the prepared query
$updateData = self::$dbc->prepare('UPDATE users(name, email, password) VALUES (:name, :email, :password) WHERE id = :id');
$updateData->bindValue(':name', $this->attributes['name'], PDO::PARAM_STR);
$updateData->bindValue(':email', $this->attributes['email'], PDO::PARAM_STR);
$updateData->bindValue(':password', password_hash($this->attributes['password'], PASSWORD_DEFAULT), PDO::PARAM_STR);
$updateData->bindValue(':id', $this->attributes['id'], PDO::PARAM_INT);
$updateData->execute();
}
/**
* Find a single record in the DB based on its id
*
* @param int $id id of the user entry in the database
*
* @return User An instance of the User class with attributes array set to values from the database
*/
public static function find($id)
{
// Get connection to the database
self::dbConnect();
// @TODO: Create select statement using prepared statements
// @TODO: Store the result in a variable named $result
$findData = self::$dbc->prepare('SELECT * FROM users WHERE id = ?');
$result = $findData->execute([$id]);
$result = $findData->fetch(PDO::FETCH_ASSOC);
// The following code will set the attributes on the calling object based on the result variable's contents
$instance = null;
if ($result) {
$instance = new static($result);
}
return $instance;
}
/**
* Find all records in a table
*
* @return User[] Array of instances of the User class with attributes set to values from database
*/
public static function all()
{
self::dbConnect();
// @TODO: Learning from the find method, return all the matching records
$allData = self::$dbc->prepare('SELECT * FROM users');
$result = $allData->execute();
$result = $allData->fetchAll(PDO::FETCH_ASSOC);
$instance = null;
if ($result) {
$instance = new static($result);
}
return $instance;
}
public static function delete($id)
{
self::dbConnect();
$deleteData = self::$dbc->prepare('DELETE FROM users WHERE id = ?');
$deleteData->execute([$id]);
}
}