1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
<?php
declare(strict_types=1);
// User model: database operations for the users table.
namespace App\Models;
use App\Database;
class User
{
private \PDO $pdo;
public function __construct()
{
$this->pdo = Database::getInstance()->getPdo();
}
public function create(string $username, string $email, string $password): int
{
$hash = password_hash($password, PASSWORD_DEFAULT);
$token = bin2hex(random_bytes(32));
$stmt = $this->pdo->prepare(
'INSERT INTO users (username, email, password_hash, verification_token)
VALUES (:username, :email, :hash, :token)'
);
$stmt->execute([
'username' => $username,
'email' => $email,
'hash' => $hash,
'token' => $token,
]);
return (int) $this->pdo->lastInsertId();
}
public function findByUsername(string $username): ?array
{
$stmt = $this->pdo->prepare('SELECT * FROM users WHERE username = :username');
$stmt->execute(['username' => $username]);
$row = $stmt->fetch();
return $row ?: null;
}
public function findByEmail(string $email): ?array
{
$stmt = $this->pdo->prepare('SELECT * FROM users WHERE email = :email');
$stmt->execute(['email' => $email]);
$row = $stmt->fetch();
return $row ?: null;
}
public function findById(int $id): ?array
{
$stmt = $this->pdo->prepare('SELECT * FROM users WHERE id = :id');
$stmt->execute(['id' => $id]);
$row = $stmt->fetch();
return $row ?: null;
}
public function findByVerificationToken(string $token): ?array
{
$stmt = $this->pdo->prepare('SELECT * FROM users WHERE verification_token = :token');
$stmt->execute(['token' => $token]);
$row = $stmt->fetch();
return $row ?: null;
}
public function verify(int $id): void
{
$stmt = $this->pdo->prepare(
'UPDATE users SET is_verified = TRUE, verification_token = NULL WHERE id = :id'
);
$stmt->execute(['id' => $id]);
}
public function setResetToken(int $id): string
{
$token = bin2hex(random_bytes(32));
// Token expires in 1 hour
$expires = date('Y-m-d H:i:s', time() + 3600);
$stmt = $this->pdo->prepare(
'UPDATE users SET reset_token = :token, reset_token_expires = :expires WHERE id = :id'
);
$stmt->execute(['token' => $token, 'expires' => $expires, 'id' => $id]);
return $token;
}
public function findByResetToken(string $token): ?array
{
$stmt = $this->pdo->prepare(
'SELECT * FROM users WHERE reset_token = :token AND reset_token_expires > NOW()'
);
$stmt->execute(['token' => $token]);
$row = $stmt->fetch();
return $row ?: null;
}
public function updatePassword(int $id, string $password): void
{
$hash = password_hash($password, PASSWORD_DEFAULT);
$stmt = $this->pdo->prepare(
'UPDATE users SET password_hash = :hash, reset_token = NULL, reset_token_expires = NULL WHERE id = :id'
);
$stmt->execute(['hash' => $hash, 'id' => $id]);
}
public function getVerificationToken(int $id): ?string
{
$stmt = $this->pdo->prepare('SELECT verification_token FROM users WHERE id = :id');
$stmt->execute(['id' => $id]);
$row = $stmt->fetch();
return $row ? $row['verification_token'] : null;
}
}
|
