docs/api/source-admin.model.user.user.html
| 1: | <?php |
| 2: | namespace Opencart\Admin\Model\User; |
| 3: | /** |
| 4: | * Class User |
| 5: | * |
| 6: | * @package Opencart\Admin\Model\User |
| 7: | */ |
| 8: | class User extends \Opencart\System\Engine\Model { |
| 9: | /** |
| 10: | * Add User |
| 11: | * |
| 12: | * @param array<string, mixed> $data |
| 13: | * |
| 14: | * @return int |
| 15: | */ |
| 16: | public function addUser(array $data): int { |
| 17: | $this->db->query("INSERT INTO " . DB\_PREFIX . "user SET username = '" . $this->db->escape((string)$data['username']) . "', user_group_id = '" . (int)$data['user_group_id'] . "', password = '" . $this->db->escape(password_hash(html_entity_decode($data['password'], ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "', firstname = '" . $this->db->escape((string)$data['firstname']) . "', lastname = '" . $this->db->escape((string)$data['lastname']) . "', email = '" . $this->db->escape((string)$data['email']) . "', image = '" . $this->db->escape((string)$data['image']) . "', status = '" . (bool)($data['status'] ?? 0) . "', date_added = NOW()"); |
| 18: | |
| 19: | return $this->db->getLastId(); |
| 20: | } |
| 21: | |
| 22: | /** |
| 23: | * Edit User |
| 24: | * |
| 25: | * @param int $user_id |
| 26: | * @param array<string, mixed> $data |
| 27: | * |
| 28: | * @return void |
| 29: | */ |
| 30: | public function editUser(int $user_id, array $data): void { |
| 31: | $this->db->query("UPDATE " . DB\_PREFIX . "user SET username = '" . $this->db->escape((string)$data['username']) . "', user_group_id = '" . (int)$data['user_group_id'] . "', firstname = '" . $this->db->escape((string)$data['firstname']) . "', lastname = '" . $this->db->escape((string)$data['lastname']) . "', email = '" . $this->db->escape((string)$data['email']) . "', image = '" . $this->db->escape((string)$data['image']) . "', status = '" . (bool)($data['status'] ?? 0) . "' WHERE user_id = '" . (int)$user_id . "'"); |
| 32: | |
| 33: | if ($data['password']) { |
| 34: | $this->db->query("UPDATE " . DB\_PREFIX . "user SET password = '" . $this->db->escape(password_hash(html_entity_decode($data['password'], ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "' WHERE user_id = '" . (int)$user_id . "'"); |
| 35: | } |
| 36: | } |
| 37: | |
| 38: | /** |
| 39: | * Edit Password |
| 40: | * |
| 41: | * @param int $user_id |
| 42: | * @param string $password |
| 43: | * |
| 44: | * @return void |
| 45: | */ |
| 46: | public function editPassword(int $user_id, $password): void { |
| 47: | $this->db->query("UPDATE " . DB\_PREFIX . "user SET password = '" . $this->db->escape(password_hash(html_entity_decode($password, ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "', code = '' WHERE user_id = '" . (int)$user_id . "'"); |
| 48: | } |
| 49: | |
| 50: | /** |
| 51: | * Edit Code |
| 52: | * |
| 53: | * @param string $email |
| 54: | * @param string $code |
| 55: | * |
| 56: | * @return void |
| 57: | */ |
| 58: | public function editCode(string $email, string $code): void { |
| 59: | $this->db->query("UPDATE " . DB\_PREFIX . "user SET code = '" . $this->db->escape($code) . "' WHERE LCASE(email) = '" . $this->db->escape(oc_strtolower($email)) . "'"); |
| 60: | } |
| 61: | |
| 62: | /** |
| 63: | * Delete User |
| 64: | * |
| 65: | * @param int $user_id |
| 66: | * |
| 67: | * @return void |
| 68: | */ |
| 69: | public function deleteUser(int $user_id): void { |
| 70: | $this->db->query("DELETE FROM " . DB\_PREFIX . "user WHERE user\_id = '" . (int)$user_id . "'"); |
| 71: | |
| 72: | $this->deleteAuthorizes($user_id); |
| 73: | $this->deleteLogins($user_id); |
| 74: | } |
| 75: | |
| 76: | /** |
| 77: | * Get User |
| 78: | * |
| 79: | * @param int $user_id |
| 80: | * |
| 81: | * @return array<string, mixed> |
| 82: | */ |
| 83: | public function getUser(int $user_id): array { |
| 84: | $query = $this->db->query("SELECT *, (SELECT ug.name FROM " . DB\_PREFIX . "user\_group ug WHERE ug.user\_group\_id = u.user\_group\_id) AS user_group FROM " . DB\_PREFIX . "user u WHERE u.user\_id = '" . (int)$user_id . "'"); |
| 85: | |
| 86: | return $query->row; |
| 87: | } |
| 88: | |
| 89: | /** |
| 90: | * Get User By Username |
| 91: | * |
| 92: | * @param string $username |
| 93: | * |
| 94: | * @return array<string, mixed> |
| 95: | */ |
| 96: | public function getUserByUsername(string $username): array { |
| 97: | $query = $this->db->query("SELECT * FROM " . DB\_PREFIX . "user WHERE username = '" . $this->db->escape($username) . "'"); |
| 98: | |
| 99: | return $query->row; |
| 100: | } |
| 101: | |
| 102: | /** |
| 103: | * Get User By Email |
| 104: | * |
| 105: | * @param string $email |
| 106: | * |
| 107: | * @return array<string, mixed> |
| 108: | */ |
| 109: | public function getUserByEmail(string $email): array { |
| 110: | $query = $this->db->query("SELECT DISTINCT * FROM " . DB\_PREFIX . "user WHERE LCASE(email) = '" . $this->db->escape(oc_strtolower($email)) . "'"); |
| 111: | |
| 112: | return $query->row; |
| 113: | } |
| 114: | |
| 115: | /** |
| 116: | * Get User By Code |
| 117: | * |
| 118: | * @param string $code |
| 119: | * |
| 120: | * @return array<string, mixed> |
| 121: | */ |
| 122: | public function getUserByCode(string $code): array { |
| 123: | $query = $this->db->query("SELECT * FROM " . DB\_PREFIX . "user WHERE code = '" . $this->db->escape($code) . "' AND code != ''"); |
| 124: | |
| 125: | return $query->row; |
| 126: | } |
| 127: | |
| 128: | /** |
| 129: | * Get Users |
| 130: | * |
| 131: | * @param array<string, mixed> $data |
| 132: | * |
| 133: | * @return array<int, array<string, mixed>> |
| 134: | */ |
| 135: | public function getUsers(array $data = []): array { |
| 136: | $sql = "SELECT *, CONCAT(u.firstname, ' ', u.lastname) AS name, (SELECT ug.name FROM " . DB\_PREFIX . "user\_group ug WHERE ug.user\_group\_id = u.user\_group\_id) AS user_group FROM " . DB\_PREFIX . "user u"; |
| 137: | |
| 138: | $implode = []; |
| 139: | |
| 140: | if (!empty($data['filter_username'])) { |
| 141: | $implode[] = "LCASE(u.username) LIKE '" . $this->db->escape(oc_strtolower($data['filter_username']) . '%') . "'"; |
| 142: | } |
| 143: | |
| 144: | if (!empty($data['filter_name'])) { |
| 145: | $implode[] = "LCASE(CONCAT(u.firstname, ' ', u.lastname)) LIKE '" . $this->db->escape('%' . oc_strtolower($data['filter_name']) . '%') . "'"; |
| 146: | } |
| 147: | |
| 148: | if (!empty($data['filter_email'])) { |
| 149: | $implode[] = "LCASE(u.email) LIKE '" . $this->db->escape(oc_strtolower($data['filter_email']) . '%') . "'"; |
| 150: | } |
| 151: | |
| 152: | if (!empty($data['filter_user_group_id'])) { |
| 153: | $implode[] = "u.user_group_id = '" . (int)$data['filter_user_group_id'] . "'"; |
| 154: | } |
| 155: | |
| 156: | if (!empty($data['filter_ip'])) { |
| 157: | $implode[] = "u.user_id IN (SELECT user_id FROM " . DB\_PREFIX . "user\_login WHERE ip LIKE '" . $this->db->escape('%' . oc_strtolower($data['filter_ip']) . '%') . "')"; |
| 158: | } |
| 159: | |
| 160: | if (isset($data['filter_status']) && $data['filter_status'] !== '') { |
| 161: | $implode[] = "u.status = '" . (int)$data['filter_status'] . "'"; |
| 162: | } |
| 163: | |
| 164: | if ($implode) { |
| 165: | $sql .= " WHERE " . implode(" AND ", $implode); |
| 166: | } |
| 167: | |
| 168: | $sort_data = [ |
| 169: | 'username', |
| 170: | 'name', |
| 171: | 'u.email', |
| 172: | 'user_group', |
| 173: | 'status', |
| 174: | 'ip', |
| 175: | 'u.date_added' |
| 176: | ]; |
| 177: | |
| 178: | if (isset($data['sort']) && in_array($data['sort'], $sort_data)) { |
| 179: | $sql .= " ORDER BY " . $data['sort']; |
| 180: | } else { |
| 181: | $sql .= " ORDER BY username"; |
| 182: | } |
| 183: | |
| 184: | if (isset($data['order']) && ($data['order'] == 'DESC')) { |
| 185: | $sql .= " DESC"; |
| 186: | } else { |
| 187: | $sql .= " ASC"; |
| 188: | } |
| 189: | |
| 190: | if (isset($data['start']) || isset($data['limit'])) { |
| 191: | if ($data['start'] < 0) { |
| 192: | $data['start'] = 0; |
| 193: | } |
| 194: | |
| 195: | if ($data['limit'] < 1) { |
| 196: | $data['limit'] = 20; |
| 197: | } |
| 198: | |
| 199: | $sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit']; |
| 200: | } |
| 201: | |
| 202: | $query = $this->db->query($sql); |
| 203: | |
| 204: | return $query->rows; |
| 205: | } |
| 206: | |
| 207: | /** |
| 208: | * Get Total Users |
| 209: | * |
| 210: | * @param array<string, mixed> $data |
| 211: | * |
| 212: | * @return int |
| 213: | */ |
| 214: | public function getTotalUsers(array $data = []): int { |
| 215: | $sql = "SELECT COUNT(*) AS total FROM " . DB\_PREFIX . "user u "; |
| 216: | |
| 217: | $implode = []; |
| 218: | |
| 219: | if (!empty($data['filter_username'])) { |
| 220: | $implode[] = "LCASE(u.username) LIKE '" . $this->db->escape(oc_strtolower($data['filter_username']) . '%') . "'"; |
| 221: | } |
| 222: | |
| 223: | if (!empty($data['filter_name'])) { |
| 224: | $implode[] = "LCASE(CONCAT(u.firstname, ' ', u.lastname)) LIKE '" . $this->db->escape('%' . oc_strtolower($data['filter_name']) . '%') . "'"; |
| 225: | } |
| 226: | |
| 227: | if (!empty($data['filter_email'])) { |
| 228: | $implode[] = "LCASE(u.email) LIKE '" . $this->db->escape(oc_strtolower($data['filter_email']) . '%') . "'"; |
| 229: | } |
| 230: | |
| 231: | if (!empty($data['filter_user_group_id'])) { |
| 232: | $implode[] = "u.user_group_id = '" . (int)$data['filter_user_group_id'] . "'"; |
| 233: | } |
| 234: | |
| 235: | if (!empty($data['filter_ip'])) { |
| 236: | $implode[] = "u.user_id IN (SELECT user_id FROM " . DB\_PREFIX . "user\_login WHERE ip LIKE '" . $this->db->escape('%' . oc_strtolower($data['filter_ip']) . '%') . "')"; |
| 237: | } |
| 238: | |
| 239: | if (isset($data['filter_status']) && $data['filter_status'] !== '') { |
| 240: | $implode[] = "u.status = '" . (int)$data['filter_status'] . "'"; |
| 241: | } |
| 242: | |
| 243: | if ($implode) { |
| 244: | $sql .= " WHERE " . implode(" AND ", $implode); |
| 245: | } |
| 246: | |
| 247: | $query = $this->db->query($sql); |
| 248: | |
| 249: | return (int)$query->row['total']; |
| 250: | } |
| 251: | |
| 252: | /** |
| 253: | * Get Total Users By Group ID |
| 254: | * |
| 255: | * @param int $user_group_id |
| 256: | * |
| 257: | * @return int |
| 258: | */ |
| 259: | public function getTotalUsersByGroupId(int $user_group_id): int { |
| 260: | $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB\_PREFIX . "user WHERE user\_group\_id = '" . (int)$user_group_id . "'"); |
| 261: | |
| 262: | return (int)$query->row['total']; |
| 263: | } |
| 264: | |
| 265: | /** |
| 266: | * Get Total Users By Email |
| 267: | * |
| 268: | * @param string $email |
| 269: | * |
| 270: | * @return int |
| 271: | */ |
| 272: | public function getTotalUsersByEmail(string $email): int { |
| 273: | $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB\_PREFIX . "user WHERE LCASE(email) = '" . $this->db->escape(oc_strtolower($email)) . "'"); |
| 274: | |
| 275: | return (int)$query->row['total']; |
| 276: | } |
| 277: | |
| 278: | /** |
| 279: | * Add Login |
| 280: | * |
| 281: | * @param int $user_id |
| 282: | * @param array<string, mixed> $data |
| 283: | * |
| 284: | * @return void |
| 285: | */ |
| 286: | public function addLogin(int $user_id, array $data): void { |
| 287: | $this->db->query("INSERT INTO " . DB\_PREFIX . "user\_login SET user\_id = '" . (int)$user_id . "', ip = '" . $this->db->escape($data['ip']) . "', user_agent = '" . $this->db->escape($data['user_agent']) . "', date_added = NOW()"); |
| 288: | } |
| 289: | |
| 290: | /** |
| 291: | * Delete User Logins |
| 292: | * |
| 293: | * @param int $user_id |
| 294: | * |
| 295: | * @return void |
| 296: | */ |
| 297: | public function deleteLogins(int $user_id): void { |
| 298: | $this->db->query("DELETE FROM " . DB\_PREFIX . "user\_login WHERE user\_id = '" . (int)$user_id . "'"); |
| 299: | } |
| 300: | |
| 301: | /** |
| 302: | * Get Logins |
| 303: | * |
| 304: | * @param int $user_id |
| 305: | * @param int $start |
| 306: | * @param int $limit |
| 307: | * |
| 308: | * @return array<int, array<string, mixed>> |
| 309: | */ |
| 310: | public function getLogins(int $user_id, int $start = 0, int $limit = 10): array { |
| 311: | if ($start < 0) { |
| 312: | $start = 0; |
| 313: | } |
| 314: | |
| 315: | if ($limit < 1) { |
| 316: | $limit = 10; |
| 317: | } |
| 318: | |
| 319: | $query = $this->db->query("SELECT * FROM " . DB\_PREFIX . "user\_login WHERE user\_id = '" . (int)$user_id . "' LIMIT " . (int)$start . "," . (int)$limit); |
| 320: | |
| 321: | if ($query->num_rows) { |
| 322: | return $query->rows; |
| 323: | } else { |
| 324: | return []; |
| 325: | } |
| 326: | } |
| 327: | |
| 328: | /** |
| 329: | * Get Total Logins |
| 330: | * |
| 331: | * @param int $user_id |
| 332: | * |
| 333: | * @return int |
| 334: | */ |
| 335: | public function getTotalLogins(int $user_id): int { |
| 336: | $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB\_PREFIX . "user\_login WHERE user\_id = '" . (int)$user_id . "'"); |
| 337: | |
| 338: | if ($query->num_rows) { |
| 339: | return (int)$query->row['total']; |
| 340: | } else { |
| 341: | return 0; |
| 342: | } |
| 343: | } |
| 344: | |
| 345: | /** |
| 346: | * Add Authorize |
| 347: | * |
| 348: | * @param int $user_id |
| 349: | * @param array<string, mixed> $data |
| 350: | * |
| 351: | * @return void |
| 352: | */ |
| 353: | public function addAuthorize(int $user_id, array $data): void { |
| 354: | $this->db->query("INSERT INTO " . DB\_PREFIX . "user\_authorize SET user\_id = '" . (int)$user_id . "', token = '" . $this->db->escape($data['token']) . "', ip = '" . $this->db->escape($data['ip']) . "', user_agent = '" . $this->db->escape($data['user_agent']) . "', date_added = NOW()"); |
| 355: | } |
| 356: | |
| 357: | /** |
| 358: | * Edit Authorize Status |
| 359: | * |
| 360: | * @param int $user_authorize_id |
| 361: | * @param bool $status |
| 362: | * |
| 363: | * @return void |
| 364: | */ |
| 365: | public function editAuthorizeStatus(int $user_authorize_id, bool $status): void { |
| 366: | $this->db->query("UPDATE " . DB\_PREFIX . "user\_authorize SET status = '" . (bool)$status . "' WHERE user_authorize_id = '" . (int)$user_authorize_id . "'"); |
| 367: | } |
| 368: | |
| 369: | /** |
| 370: | * Edit Authorize Total |
| 371: | * |
| 372: | * @param int $user_authorize_id |
| 373: | * @param int $total |
| 374: | * |
| 375: | * @return void |
| 376: | */ |
| 377: | public function editAuthorizeTotal(int $user_authorize_id, int $total): void { |
| 378: | $this->db->query("UPDATE " . DB\_PREFIX . "user\_authorize SET total = '" . (int)$total . "' WHERE user_authorize_id = '" . (int)$user_authorize_id . "'"); |
| 379: | } |
| 380: | |
| 381: | /** |
| 382: | * Reset User Authorizes |
| 383: | * |
| 384: | * @param int $user_id |
| 385: | * @param int $total |
| 386: | * |
| 387: | * @return void |
| 388: | */ |
| 389: | public function editAuthorizeTotalByUserId(int $user_id, int $total): void { |
| 390: | $this->db->query("UPDATE " . DB\_PREFIX . "user\_authorize SET total = '" . (int)$total . "' WHERE user_id = '" . (int)$user_id . "'"); |
| 391: | } |
| 392: | |
| 393: | /** |
| 394: | * Delete User Authorizes |
| 395: | * |
| 396: | * @param int $user_id |
| 397: | * @param int $user_authorize_id |
| 398: | * |
| 399: | * @return void |
| 400: | */ |
| 401: | public function deleteAuthorizes(int $user_id, int $user_authorize_id = 0): void { |
| 402: | $sql = "DELETE FROM " . DB\_PREFIX . "user\_authorize WHERE user\_id = '" . (int)$user_id . "'"; |
| 403: | |
| 404: | if ($user_authorize_id) { |
| 405: | $sql .= " AND user_authorize_id = '" . (int)$user_authorize_id . "'"; |
| 406: | } |
| 407: | |
| 408: | $this->db->query($sql); |
| 409: | } |
| 410: | |
| 411: | /** |
| 412: | * Get Authorize |
| 413: | * |
| 414: | * @param int $user_authorize_id |
| 415: | * |
| 416: | * @return array<string, mixed> |
| 417: | */ |
| 418: | public function getAuthorize(int $user_authorize_id): array { |
| 419: | $query = $this->db->query("SELECT * FROM " . DB\_PREFIX . "user\_authorize WHERE user\_authorize\_id = '" . (int)$user_authorize_id . "'"); |
| 420: | |
| 421: | return $query->row; |
| 422: | } |
| 423: | |
| 424: | /** |
| 425: | * Get Authorize By Token |
| 426: | * |
| 427: | * @param int $user_id |
| 428: | * @param string $token |
| 429: | * |
| 430: | * @return array<string, mixed> |
| 431: | */ |
| 432: | public function getAuthorizeByToken(int $user_id, string $token): array { |
| 433: | $query = $this->db->query("SELECT *, (SELECT SUM(total) FROM " . DB\_PREFIX . "user\_authorize WHERE user\_id = '" . (int)$user_id . "') AS attempts FROM " . DB\_PREFIX . "user\_authorize WHERE user\_id = '" . (int)$user_id . "' AND token = '" . $this->db->escape($token) . "'"); |
| 434: | |
| 435: | return $query->row; |
| 436: | } |
| 437: | |
| 438: | /** |
| 439: | * Get Authorizes |
| 440: | * |
| 441: | * @param int $user_id |
| 442: | * @param int $start |
| 443: | * @param int $limit |
| 444: | * |
| 445: | * @return array<int, array<string, mixed>> |
| 446: | */ |
| 447: | public function getAuthorizes(int $user_id, int $start = 0, int $limit = 10): array { |
| 448: | if ($start < 0) { |
| 449: | $start = 0; |
| 450: | } |
| 451: | |
| 452: | if ($limit < 1) { |
| 453: | $limit = 10; |
| 454: | } |
| 455: | |
| 456: | $query = $this->db->query("SELECT * FROM " . DB\_PREFIX . "user\_authorize WHERE user\_id = '" . (int)$user_id . "' LIMIT " . (int)$start . "," . (int)$limit); |
| 457: | |
| 458: | if ($query->num_rows) { |
| 459: | return $query->rows; |
| 460: | } else { |
| 461: | return []; |
| 462: | } |
| 463: | } |
| 464: | |
| 465: | /** |
| 466: | * Get Total Authorizes |
| 467: | * |
| 468: | * @param int $user_id |
| 469: | * |
| 470: | * @return int |
| 471: | */ |
| 472: | public function getTotalAuthorizes(int $user_id): int { |
| 473: | $query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB\_PREFIX . "user\_authorize WHERE user\_id = '" . (int)$user_id . "'"); |
| 474: | |
| 475: | if ($query->num_rows) { |
| 476: | return (int)$query->row['total']; |
| 477: | } else { |
| 478: | return 0; |
| 479: | } |
| 480: | } |
| 481: | } |
| 482: | |
OpenCart API API documentation generated by ApiGen dev-master