Untitled

<?php

class User
{

    public function validateEmail($email){
        $email = filter_var($email, FILTER_SANITIZE_EMAIL);
        return filter_var($email, FILTER_VALIDATE_EMAIL);
    }

    private function guidv4($data) {
        // obtained from StackOverflow
        // http://stackoverflow.com/questions/2040240/php-function-to-generate-v4-uuid
        // usage:  echo guidv4(openssl_random_pseudo_bytes(16));

        assert(strlen($data) == 16);

        $data[6] = chr(ord($data[6]) & 0x0f | 0x40); // set version to 0100
        $data[8] = chr(ord($data[8]) & 0x3f | 0x80); // set bits 6-7 to 10

        return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4));
    }

    private function checkPasswordLength($password){
        return strlen($password);
    }

    private function doPasswordsMatch($password, $verify) {
         return $password == $verify;
    }

    private function hashPassword($password){
        return password_hash($password, PASSWORD_DEFAULT);
    }

    private function doesUserExist($email){
        return DB::run("SELECT id FROM users WHERE email = ?", [$email])->rowCount();

    }

    public function getUserValidationKey($email){
        return DB::run("SELECT validation_key FROM users WHERE email = ?", [$email])->fetch();
    }

    public function validateUser($email, $password, $verify){
              if ($this->doesUserExist($email) == 1) {
            $error = "email already exists";
        } elseif ($this->validateEmail($email) === false) {
            $error = "email not valid";
        } elseif ($this->doPasswordsMatch($password, $verify) === false) {
            $error = "passwords didn't match";
        } elseif ($this->checkPasswordLength($password) < 6) {
            $error = "password must be 6 or more characters";
        }

        if (isset($error)) {
            $_SESSION['message']        = $error;
            $_SESSION['message-type']   = 'error';
            return false;
        }
        return true;
    }

    public function activateUserByKey($key) {
        return DB::run("UPDATE users SET validated = 1 WHERE validation_key = ?", [$key])->rowCount();
    }


    public function createUser($email, $password){
        $email    = $this->validateEmail($email);
        $hash     = $this->hashPassword($password);
        $uuid     = $this->guidv4(openssl_random_pseudo_bytes(16));

        if(DB::run("INSERT INTO users (email, password, validation_key) VALUES (?, ?, ?)", [$email, $hash, $uuid])) {
            return true;
        }

        // should log an error somewhere if this fails
        return false;
    }


    public function userLogin($email, $password) {
        $user = DB::run("SELECT id, email, name, password, is_admin FROM users WHERE email = ? LIMIT 1", [$email])->fetch();

        if (password_verify($password, $user['password']) == true) {
            $_SESSION['user_id'] = $user['id'];
            $_SESSION['name'] = $user['name'];
            $_SESSION['email'] = $user['email'];
            $_SESSION['is_admin'] = $user['is_admin'];
            $_SESSION['message'] = "You have been logged in";
            $_SESSION['message-type'] = "info";
            $result = true;
        } else {
            $_SESSION['user_id'] = 0;
            $_SESSION['name'] = 0;
            $_SESSION['email'] = 0;
            $_SESSION['is_admin'] = 0;
            $_SESSION['message'] = "The username/password combination you provided could not be found";
            $_SESSION['message-type'] = "error";
            $result = false;
        }
        return $result;
    }
}