From fc1e086bbeab6ca47ff219dffbb486463886e02e Mon Sep 17 00:00:00 2001 From: Leon Date: Wed, 17 Jun 2020 19:32:30 +0200 Subject: [PATCH] Create User finished hopefully --- core/Api/User/Create.class.php | 42 +++++++++++++++++++++++++++++++++- 1 file changed, 41 insertions(+), 1 deletion(-) diff --git a/core/Api/User/Create.class.php b/core/Api/User/Create.class.php index 7880b6f..1109d64 100644 --- a/core/Api/User/Create.class.php +++ b/core/Api/User/Create.class.php @@ -4,6 +4,7 @@ namespace Api\User; use Api\Parameter\StringType; use \Api\Request; +use Driver\SQL\Condition\Compare; class Create extends Request { @@ -24,8 +25,47 @@ class Create extends Request { return false; } - // TODO: + $username = $this->getParam('username'); + $email = $this->getParam('email'); + + if(!$this->userExists($username, $email)) { + return false; + } + + $password = $this->getParam('password'); + $confirmPassword = $this->getParam('confirmPassword'); + + if($password !== $confirmPassword) { + return false; + } + + $sql = $this->user->getSQL(); + $this->lastError = $sql->getLastError(); + + $this->success = $this->createUser($username, $email, $password); return $this->success; } + + private function userExists($username, $email){ + $sql = $this->user->getSQL(); + $res = $sql->select("User.uid", "User.password", "User.salt") + ->from("User") + ->where(new Compare("User.name", $username), new Compare("User.email",$email)) + ->execute(); + + return count($res) !== 0; + } + + private function createUser($username, $email, $password){ + $sql = $this->user->getSQL(); + $salt = generateRandomString(16); + $hash = hash('sha256', $password . $salt); + $res = $sql->insert("User",array( + 'username' => $username, + 'password' => $hash, + 'email' => $email + )); + return $res === TRUE; + } } \ No newline at end of file