/**
* Helper function to create a user after applying checks on the
* in parameters. Rather than throwing an exception, this returns
* NULL if parameters are invalid.
*/
public static function create($name, $password, $email)
{
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
if (!ctype_alnum($name) || $email != NULL && !filter_var($email, FILTER_VALIDATE_EMAIL)) {
return NULL;
}
$salt = base64_encode(mcrypt_create_iv(16, MCRYPT_DEV_URANDOM));
$hash = hash('whirlpool', $salt . $password);
$user = new User();
$user->set_name($name);
$user->set_email($email);
$user->set_salt($salt);
$user->set_password_hash($hash);
return $user;
}
function get_user_by_name($name)
{
$mysqli = new mysqli(get_db_host(), get_db_user(), get_db_password(), get_db_database());
$stmt = $mysqli->prepare("SELECT id, name, email, password_hash FROM user WHERE name = ? LIMIT 1");
$stmt->bind_param("s", $name);
$stmt->execute();
$res = $stmt->get_result();
if ($res->num_rows > 0) {
$row = $res->fetch_assoc();
$user = new User();
$user->set_id($row['id']);
$user->set_name($row['name']);
$user->set_email($row['email']);
$user->set_password_hash($row['password_hash']);
$stmt->close();
return $user;
} else {
return NULL;
}
}
/**
* Get a user object from a SQL row result.
*/
public static function get_user_from_row($row)
{
if (!$row) {
return NULL;
}
$user = new User();
$user->set_id($row['user_id']);
$user->set_name($row['user_name']);
$user->set_email($row['user_email']);
$user->set_salt($row['user_salt']);
$user->set_password_hash($row['user_passwordhash']);
return $user;
}
