<?phpnamespace App\Entity;use Doctrine\ORM\Mapping as ORM;use Doctrine

1. <?php
2.  
3. namespace App\Entity;
4.  
5. use Doctrine\ORM\Mapping as ORM;
6. use Doctrine\DBAL\Driver\Connection;
7. use http\Params;
8. use Symfony\Component\HttpFoundation\Session\Session;
9. use Symfony\Component\HttpFoundation\Request;
10.  
11. /**
12. * User
13. *
14. * @ORM\Table(name="user")
15. * @ORM\Entity
16. */
17. class User
18. {
19. /**
20. * @var int
21. *
22. * @ORM\Column(name="user_sid", type="integer", nullable=false)
23. * @ORM\Id
24. * @ORM\GeneratedValue(strategy="IDENTITY")
25. */
26. private $userSid;
27.  
28. /**
29. * @var string|null
30. *
31. * @ORM\Column(name="first_name", type="string", length=40, nullable=true)
32. */
33. private $firstName;
34.  
35. /**
36. * @var string|null
37. *
38. * @ORM\Column(name="last_name", type="string", length=40, nullable=true)
39. */
40. private $lastName;
41.  
42. /**
43. * @var string|null
44. *
45. * @ORM\Column(name="password", type="string", length=255, nullable=true)
46. */
47. private $password;
48.  
49. /**
50. * @var int|null
51. *
52. * @ORM\Column(name="position_sid", type="integer", nullable=true)
53. */
54. private $positionSid;
55.  
56. /**
57. * @var string|null
58. *
59. * @ORM\Column(name="email", type="string", length=64, nullable=true)
60. */
61. private $email;
62.  
63. /**
64. * @var int|null
65. *
66. * @ORM\Column(name="available_days", type="integer", nullable=true)
67. */
68. private $availableDays;
69.  
70. /**
71. * @var int|null
72. *
73. * @ORM\Column(name="role_sid", type="integer", nullable=true)
74. */
75. private $roleSid;
76.  
77. /**
78. * @var int|null
79. *
80. * @ORM\Column(name="contract_id", type="integer", nullable=true)
81. */
82. private $contractId;
83.  
84. /**
85. * @var bool|null
86. *
87. * @ORM\Column(name="deleted", type="boolean", nullable=true)
88. */
89. private $deleted = '0';
90.  
91. private $conn;
92. private $request;
93. public $session;
94.  
95.  
96. public function __construct(Connection $conn, Request $request)
97. {
98. $this->conn = $conn;
99. $this->request = $request;
100. $this->session = $request->getSession();
101. $this->session->start();
102.  
103. }
104.  
105.  
106. public function isLogged()
107. {
108. $session = $this->request->getSession();
109. $session->start();
110.  
111. if ($session->get('logged') == TRUE) {
112. return TRUE;
113. }
114. return FALSE;
115. }
116.  
117.  
118. public function userExists($email)
119. {
120.  
121. $sql = "SELECT count(*) as count, user_sid FROM user WHERE `email`=:email";
122. $stmt = $this->conn->prepare($sql);
123. $stmt->execute(['email' => $email]);
124.  
125. return ($stmt->fetch());
126. }
127.  
128. public function hasPasswordMatch($pass, $id)
129. {
130. $sql = "SELECT password FROM user WHERE `user_sid`=:id";
131. $stmt = $this->conn->prepare($sql);
132. $stmt->execute(['id' => $id]);
133. $dbPass = $stmt->fetch()['password'];
134.  
135. return $dbPass === hash('sha256',$pass);
136. }
137.  
138. public function getUserFirstName($id)
139. {
140. $id = (int) $id;
141. $sql = "SELECT first_name FROM user WHERE `user_sid`=:id LIMIT 1";
142. $stmt = $this->conn->prepare($sql);
143. $stmt->execute(['id' => $id]);
144. #var_dump($stmt->fetchAll());
145. return $stmt->fetchAll()[0]['first_name'];
146. }
147.  
148. public function isAdmin($id)
149. {
150. $id = (int) $id;
151. $sql = "SELECT role_sid FROM user WHERE `user_sid`=:id LIMIT 1";
152. $stmt = $this->conn->prepare($sql);
153. $stmt->execute(['id' => $id]);
154. if ($stmt->fetch()['role_sid'] == 1) {
155. return TRUE;
156. }
157. return FALSE;
158. }
159.  
160. public function insertUser($firstName,
161. $lastName,
162. $email,
163. $password,
164. $confirmPassword,
165. $availableDays,
166. $contractID,
167. $positionSID,
168. $roleSID)
169. {
170.  
171.  
172. $firstName = trim($firstName);
173. $lastName = trim($lastName);
174. $email = trim($email);
175. // $password = $password;
176. $availableDays = (int) $availableDays;
177. $contractID = (int) $contractID;
178. $positionSID = (int) $positionSID;
179.  
180. $error = $this->validateUserData($firstName, $lastName, $email, $password, $confirmPassword, $availableDays, $contractID, $positionSID, 'insert', $this->conn);
181.  
182. if (count($error) != 0) {
183.  
184. /*
185. * Foreach all errors collected by array and displaying them throught flash.
186. */
187. $errorLog = "Some problems appears: ";
188. foreach ($error as $err) {
189. $errorLog .= $err . ' ';
190. }
191.  
192. return array('status' => FALSE, 'error' => $errorLog);
193.  
194. } else {
195.  
196. $sql = <<<SQL
197. INSERT INTO user (
198. `first_name`,
199. `last_name`,
200. `password`,
201. `position_sid`,
202. `email`,
203. `available_days`,
204. `role_sid`,
205. `contract_id`
206. )
207. VALUES
208. (
209. :firstname,
210. :lastname,
211. :password,
212. :positionSid,
213. :email,
214. :availableDays,
215. :roleSid,
216. :contractId
217. )
218. SQL;
219. $password = hash('sha256', $password);
220. $stmt = $this->conn->prepare($sql);
221. $stmt->execute(['firstname' => $firstName, 'lastname' => $lastName, 'password' => $password,
222. 'email' => $email, 'availableDays' => $availableDays, 'positionSid' => $positionSID,
223. 'roleSid' => $roleSID, 'contractId' => $contractID]);
224. return array('status' => TRUE, 'error' => "No errors");
225. }
226. }
227.  
228.  
229. /*public function login($email, $password, Connection $conn){
230. if($this->userExists($email, $password, $conn) == 1){
231.  
232. }
233. }*/
234.  
235.  
236. public function getAllEmployees()
237. {
238. $sql = "select user_sid,first_name ,last_name, email, available_days,
239. contract_id,deleted from user where role_sid = 2;";
240. $stmt = $this->conn->prepare($sql);
241. $stmt->execute();
242. return $stmt->fetchAll();
243. }
244.  
245. public function deleteEmployee(int $userSid)
246. {
247. $sql = "update user set deleted = 1 where user_sid = :user_sid";
248. $stmt = $this->conn->prepare($sql);
249. $stmt->execute(["user_sid" => $userSid]);
250. }
251.  
252. public function getInfo(int $id)
253. {
254. $id = (int) $id;
255. $sql = "select user_sid,first_name ,last_name, email, available_days,
256. contract_id, user.role_sid, role.role_name, pos.position_name from user
257. LEFT JOIN `role` ON user.role_sid = role.role_sid
258. LEFT JOIN `position` AS pos ON user.position_sid = pos.position_sid
259. where user_sid = :id;";
260. $stmt = $this->conn->prepare($sql);
261. $stmt->execute(['id' => $id]);
262. return $stmt->fetchAll();
263. }
264.  
265.  
266. public function activateEmployee(int $userSid)
267. {
268. $sql = "update `user` set deleted = 0 where user_sid = :user_sid";
269. $stmt = $this->conn->prepare($sql);
270. $stmt->execute(["user_sid" => $userSid]);
271. }
272.  
273. public function updateUser($firstName, $lastName, $email, $password, $confirmPassword, $availableDays,
274. $contractID, $positionSID, $roleSID, $userSID)
275. {
276. $error = $this->validateUserData($firstName, $lastName, $email, $password, $confirmPassword,
277. $availableDays, $contractID, $positionSID, 'edit');
278.  
279. if (count($error) != 0) {
280.  
281. /*
282. * Foreach all errors collected by array and displaying them through flash.
283. */
284. $errorLog = "Some problems appears: ";
285. foreach ($error as $err) {
286. $errorLog .= $err . ' ';
287. }
288.  
289. return array('status' => FALSE, 'error' => $errorLog);
290.  
291. } else {
292. if ($password == '' && $confirmPassword == '') {
293. $sql = "update `user` set first_name = :firstName, last_name = :lastName, email = :email,
294. available_days = :availableDays, contract_id = :contractID, position_sid = :positionSID,
295. role_sid = :roleSID where user_sid = :userSID";
296. $stmt = $this->conn->prepare($sql);
297. $stmt->execute(['firstName' => $firstName, 'lastName' => $lastName, 'email' => $email,
298. 'availableDays' => $availableDays, 'positionSID' => $positionSID,
299. 'roleSID' => $roleSID, 'contractID' => $contractID, 'userSID' => $userSID]);
300. } else {
301. $sql = "update `user` set first_name = :firstName, last_name = :lastName, email = :email,
302. password = :password,available_days = :availableDays, position_sid = :positionSID,
303. role_sid = :roleSID, contract_id = :contractID where user_sid = :userSID";
304. $stmt = $this->conn->prepare($sql);
305. $password = hash('sha256',$this->password);
306. $stmt->execute(['firstName' => $firstName, 'lastName' => $lastName, 'email' => $email,
307. 'password' => $password, 'availableDays' => $availableDays, 'positionSID' => $positionSID,
308. 'roleSID' => $roleSID, 'contractID' => $contractID, 'userSID' => $userSID]);
309. }
310. return array('status' => TRUE, 'error' => "No errors");
311. }
312. }
313.  
314. public function getUser(int $id)
315. {
316. $sql = "select user.*,pos.position_name from `user` left join `position` as pos
317. on `user`.position_sid = pos.position_sid where user_sid = :id limit 1";
318. $stmt = $this->conn->prepare($sql);
319. $stmt->execute(["id" => $id]);
320. return $stmt->fetchAll()[0];
321.  
322. }
323.  
324.  
325. public function isEmailAdded($email)
326. {
327. $sql = "SELECT count(*) as count FROM user WHERE email=:email";
328. $stmt = $this->conn->prepare($sql);
329. $stmt->execute(['email' => $email]);
330. $count = $stmt->fetchAll()[0]['count'];
331. if ((int) $count > 0) {
332. return TRUE;
333. } else {
334. return FALSE;
335. }
336. }
337.  
338.  
339. public function validateUserData($firstName, $lastName, $email, $password, $confirmPassword,
340. $availableDays, $contractID, $positionSID, $type)
341. {
342. $error = array();
343.  
344. if ($firstName == NULL || $firstName == "") {
345. $error[] = "Add first name.";
346. }
347. if ($lastName == NULL || $lastName == "") {
348. $error[] = "Add last name.";
349. }
350. if ($email == NULL || $email == "") {
351. $error[] = "Add email address.";
352. }
353. if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
354. $error[] = "Enter valid email.";
355. }
356. if ($type == 'insert') {
357. if ($this->isEmailAdded($email)) {
358. $error[] = "Email is already taken.";
359. }
360. if ($positionSID == NULL || $positionSID == "") {
361. $error[] = "Add position.";
362. }
363.  
364. if ($password == NULL) {
365. $error[] = "Add password.";
366. }
367. if ($confirmPassword == NULL || $password != $confirmPassword) {
368. $error[] = "Passwords does not match.";
369. }
370. } else if ($type == 'edit') {
371. if ($password == '' && $confirmPassword == '') {
372. if ($positionSID == NULL || $positionSID == "") {
373. $error[] = "Add position.";
374. }
375. } else {
376. if ($password == NULL) {
377. $error[] = "Add password.";
378. }
379. if ($confirmPassword == NULL || $password != $confirmPassword) {
380. $error[] = "Passwords does not match.";
381. }
382. }
383. }
384. if ($availableDays == NULL) {
385. $error[] = "Add available days.";
386. }
387. if (!filter_var($availableDays, FILTER_VALIDATE_INT)) {
388. $error[] = "Enter valid available days.";
389. }
390. if ($contractID == NULL) {
391. $error[] = "Add contract id.";
392. }
393. if (!filter_var($contractID, FILTER_VALIDATE_INT)) {
394. $error[] = "Enter valid contract id.";
395. }
396.  
397. return $error;
398. }
399.  
400. }