first commit
This commit is contained in:
sujan
197
admininistrator/model/user/api.php
Normal file
197
admininistrator/model/user/api.php
Normal file
@ -0,0 +1,197 @@
|
||||
<?php
|
||||
namespace Opencart\Admin\Model\User;
|
||||
/**
|
||||
* Class Api
|
||||
*
|
||||
* @package Opencart\Admin\Model\User
|
||||
*/
|
||||
class Api extends \Opencart\System\Engine\Model {
|
||||
/**
|
||||
* @param array $data
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function addApi(array $data): int {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "api` SET `username` = '" . $this->db->escape((string)$data['username']) . "', `key` = '" . $this->db->escape((string)$data['key']) . "', `status` = '" . (bool)(isset($data['status']) ? $data['status'] : 0) . "', `date_added` = NOW(), `date_modified` = NOW()");
|
||||
|
||||
$api_id = $this->db->getLastId();
|
||||
|
||||
if (isset($data['api_ip'])) {
|
||||
foreach ($data['api_ip'] as $ip) {
|
||||
if ($ip) {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "api_ip` SET `api_id` = '" . (int)$api_id . "', `ip` = '" . $this->db->escape($ip) . "'");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return $api_id;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $api_id
|
||||
* @param array $data
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function editApi(int $api_id, array $data): void {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "api` SET `username` = '" . $this->db->escape((string)$data['username']) . "', `key` = '" . $this->db->escape((string)$data['key']) . "', `status` = '" . (bool)(isset($data['status']) ? $data['status'] : 0) . "', `date_modified` = NOW() WHERE `api_id` = '" . (int)$api_id . "'");
|
||||
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "api_ip` WHERE `api_id` = '" . (int)$api_id . "'");
|
||||
|
||||
if (isset($data['api_ip'])) {
|
||||
foreach ($data['api_ip'] as $ip) {
|
||||
if ($ip) {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "api_ip` SET `api_id` = '" . (int)$api_id . "', `ip` = '" . $this->db->escape($ip) . "'");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $api_id
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function deleteApi(int $api_id): void {
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "api` WHERE `api_id` = '" . (int)$api_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $api_id
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getApi(int $api_id): array {
|
||||
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "api` WHERE `api_id` = '" . (int)$api_id . "'");
|
||||
|
||||
return $query->row;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $data
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getApis(array $data = []): array {
|
||||
$sql = "SELECT * FROM `" . DB_PREFIX . "api`";
|
||||
|
||||
$sort_data = [
|
||||
'username',
|
||||
'status',
|
||||
'date_added',
|
||||
'date_modified'
|
||||
];
|
||||
|
||||
if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
|
||||
$sql .= " ORDER BY " . $data['sort'];
|
||||
} else {
|
||||
$sql .= " ORDER BY `username`";
|
||||
}
|
||||
|
||||
if (isset($data['order']) && ($data['order'] == 'DESC')) {
|
||||
$sql .= " DESC";
|
||||
} else {
|
||||
$sql .= " ASC";
|
||||
}
|
||||
|
||||
if (isset($data['start']) || isset($data['limit'])) {
|
||||
if ($data['start'] < 0) {
|
||||
$data['start'] = 0;
|
||||
}
|
||||
|
||||
if ($data['limit'] < 1) {
|
||||
$data['limit'] = 20;
|
||||
}
|
||||
|
||||
$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
|
||||
}
|
||||
|
||||
$query = $this->db->query($sql);
|
||||
|
||||
return $query->rows;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return int
|
||||
*/
|
||||
public function getTotalApis(): int {
|
||||
$query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "api`");
|
||||
|
||||
return (int)$query->row['total'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $api_id
|
||||
* @param string $ip
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function addIp(int $api_id, string $ip): void {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "api_ip` SET `api_id` = '" . (int)$api_id . "', `ip` = '" . $this->db->escape($ip) . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $api_id
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getIps(int $api_id): array {
|
||||
$ip_data = [];
|
||||
|
||||
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "api_ip` WHERE `api_id` = '" . (int)$api_id . "'");
|
||||
|
||||
foreach ($query->rows as $result) {
|
||||
$ip_data[] = $result['ip'];
|
||||
}
|
||||
|
||||
return $ip_data;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $api_id
|
||||
* @param string $session_id
|
||||
* @param string $ip
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function addSession(int $api_id, string $session_id, string $ip): int {
|
||||
$api_ip_query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "api_ip` WHERE `ip` = '" . $this->db->escape($ip) . "'");
|
||||
|
||||
if (!$api_ip_query->num_rows) {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "api_ip` SET `api_id` = '" . (int)$api_id . "', `ip` = '" . $this->db->escape($ip) . "'");
|
||||
}
|
||||
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "api_session` SET `api_id` = '" . (int)$api_id . "', `session_id` = '" . $this->db->escape($session_id) . "', `ip` = '" . $this->db->escape($ip) . "', `date_added` = NOW(), `date_modified` = NOW()");
|
||||
|
||||
return $this->db->getLastId();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $api_id
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getSessions(int $api_id): array {
|
||||
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "api_session` WHERE `api_id` = '" . (int)$api_id . "'");
|
||||
|
||||
return $query->rows;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $api_session_id
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function deleteSession(int $api_session_id): void {
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "api_session` WHERE `api_session_id` = '" . (int)$api_session_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $session_id
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function deleteSessionBySessionId(string $session_id): void {
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "api_session` WHERE `session_id` = '" . $this->db->escape($session_id) . "'");
|
||||
}
|
||||
}
|
||||
332
admininistrator/model/user/user.php
Normal file
332
admininistrator/model/user/user.php
Normal file
@ -0,0 +1,332 @@
|
||||
<?php
|
||||
namespace Opencart\Admin\Model\User;
|
||||
/**
|
||||
* Class User
|
||||
*
|
||||
* @package Opencart\Admin\Model\User
|
||||
*/
|
||||
class User extends \Opencart\System\Engine\Model {
|
||||
/**
|
||||
* @param array $data
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function addUser(array $data): int {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "user` SET `username` = '" . $this->db->escape((string)$data['username']) . "', `user_group_id` = '" . (int)$data['user_group_id'] . "', `password` = '" . $this->db->escape(password_hash(html_entity_decode($data['password'], ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "', `firstname` = '" . $this->db->escape((string)$data['firstname']) . "', `lastname` = '" . $this->db->escape((string)$data['lastname']) . "', `email` = '" . $this->db->escape((string)$data['email']) . "', `image` = '" . $this->db->escape((string)$data['image']) . "', `status` = '" . (bool)(isset($data['status']) ? $data['status'] : 0) . "', `date_added` = NOW()");
|
||||
|
||||
return $this->db->getLastId();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
* @param array $data
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function editUser(int $user_id, array $data): void {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user` SET `username` = '" . $this->db->escape((string)$data['username']) . "', `user_group_id` = '" . (int)$data['user_group_id'] . "', `firstname` = '" . $this->db->escape((string)$data['firstname']) . "', `lastname` = '" . $this->db->escape((string)$data['lastname']) . "', `email` = '" . $this->db->escape((string)$data['email']) . "', `image` = '" . $this->db->escape((string)$data['image']) . "', `status` = '" . (bool)(isset($data['status']) ? $data['status'] : 0) . "' WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
|
||||
if ($data['password']) {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user` SET `password` = '" . $this->db->escape(password_hash(html_entity_decode($data['password'], ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "' WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
* @param $password
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function editPassword(int $user_id, $password): void {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user` SET `password` = '" . $this->db->escape(password_hash(html_entity_decode($password, ENT_QUOTES, 'UTF-8'), PASSWORD_DEFAULT)) . "', `code` = '' WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $email
|
||||
* @param string $code
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function editCode(string $email, string $code): void {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user` SET `code` = '" . $this->db->escape($code) . "' WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function deleteUser(int $user_id): void {
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "user` WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "user_history` WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "user_history` WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getUser(int $user_id): array {
|
||||
$query = $this->db->query("SELECT *, (SELECT ug.`name` FROM `" . DB_PREFIX . "user_group` ug WHERE ug.`user_group_id` = u.`user_group_id`) AS user_group FROM `" . DB_PREFIX . "user` u WHERE u.`user_id` = '" . (int)$user_id . "'");
|
||||
|
||||
return $query->row;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $username
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getUserByUsername(string $username): array {
|
||||
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user` WHERE `username` = '" . $this->db->escape($username) . "'");
|
||||
|
||||
return $query->row;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $email
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getUserByEmail(string $email): array {
|
||||
$query = $this->db->query("SELECT DISTINCT * FROM `" . DB_PREFIX . "user` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
||||
|
||||
return $query->row;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $code
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getUserByCode(string $code): array {
|
||||
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user` WHERE `code` = '" . $this->db->escape($code) . "' AND `code` != ''");
|
||||
|
||||
return $query->row;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $data
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getUsers(array $data = []): array {
|
||||
$sql = "SELECT * FROM `" . DB_PREFIX . "user`";
|
||||
|
||||
$sort_data = [
|
||||
'username',
|
||||
'status',
|
||||
'date_added'
|
||||
];
|
||||
|
||||
if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
|
||||
$sql .= " ORDER BY " . $data['sort'];
|
||||
} else {
|
||||
$sql .= " ORDER BY `username`";
|
||||
}
|
||||
|
||||
if (isset($data['order']) && ($data['order'] == 'DESC')) {
|
||||
$sql .= " DESC";
|
||||
} else {
|
||||
$sql .= " ASC";
|
||||
}
|
||||
|
||||
if (isset($data['start']) || isset($data['limit'])) {
|
||||
if ($data['start'] < 0) {
|
||||
$data['start'] = 0;
|
||||
}
|
||||
|
||||
if ($data['limit'] < 1) {
|
||||
$data['limit'] = 20;
|
||||
}
|
||||
|
||||
$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
|
||||
}
|
||||
|
||||
$query = $this->db->query($sql);
|
||||
|
||||
return $query->rows;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return int
|
||||
*/
|
||||
public function getTotalUsers(): int {
|
||||
$query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "user`");
|
||||
|
||||
return (int)$query->row['total'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_group_id
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function getTotalUsersByGroupId(int $user_group_id): int {
|
||||
$query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "user` WHERE `user_group_id` = '" . (int)$user_group_id . "'");
|
||||
|
||||
return (int)$query->row['total'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $email
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function getTotalUsersByEmail(string $email): int {
|
||||
$query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "user` WHERE LCASE(`email`) = '" . $this->db->escape(oc_strtolower($email)) . "'");
|
||||
|
||||
return (int)$query->row['total'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
* @param array $data
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function addLogin(int $user_id, array $data): void {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "user_login` SET `user_id` = '" . (int)$user_id . "', `ip` = '" . $this->db->escape($data['ip']) . "', `user_agent` = '" . $this->db->escape($data['user_agent']) . "', `date_added` = NOW()");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
* @param int $start
|
||||
* @param int $limit
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getLogins(int $user_id, int $start = 0, int $limit = 10): array {
|
||||
if ($start < 0) {
|
||||
$start = 0;
|
||||
}
|
||||
|
||||
if ($limit < 1) {
|
||||
$limit = 10;
|
||||
}
|
||||
|
||||
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user_login` WHERE `user_id` = '" . (int)$user_id . "' LIMIT " . (int)$start . "," . (int)$limit);
|
||||
|
||||
if ($query->num_rows) {
|
||||
return $query->rows;
|
||||
} else {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function getTotalLogins(int $user_id): int {
|
||||
$query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "user_login` WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
|
||||
if ($query->num_rows) {
|
||||
return (int)$query->row['total'];
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
* @param array $data
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function addAuthorize(int $user_id, array $data): void {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "user_authorize` SET `user_id` = '" . (int)$user_id . "', `token` = '" . $this->db->escape($data['token']) . "', `ip` = '" . $this->db->escape($data['ip']) . "', `user_agent` = '" . $this->db->escape($data['user_agent']) . "', `date_added` = NOW()");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_authorize_id
|
||||
* @param bool $status
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function editAuthorizeStatus(int $user_authorize_id, bool $status): void {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user_authorize` SET `status` = '" . (bool)$status . "' WHERE `user_authorize_id` = '" . (int)$user_authorize_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_authorize_id
|
||||
* @param int $total
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function editAuthorizeTotal(int $user_authorize_id, int $total): void {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user_authorize` SET `total` = '" . (int)$total . "' WHERE `user_authorize_id` = '" . (int)$user_authorize_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_authorize_id
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function deleteAuthorize(int $user_authorize_id): void {
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "user_authorize` WHERE `user_authorize_id` = '" . (int)$user_authorize_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
* @param string $token
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getAuthorizeByToken(int $user_id, string $token): array {
|
||||
$query = $this->db->query("SELECT *, (SELECT SUM(total) FROM `" . DB_PREFIX . "user_authorize` WHERE `user_id` = '" . (int)$user_id . "') AS `attempts` FROM `" . DB_PREFIX . "user_authorize` WHERE `user_id` = '" . (int)$user_id . "' AND `token` = '" . $this->db->escape($token) . "'");
|
||||
|
||||
return $query->row;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function resetAuthorizes(int $user_id): void {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user_authorize` SET `total` = '0' WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
* @param int $start
|
||||
* @param int $limit
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getAuthorizes(int $user_id, int $start = 0, int $limit = 10): array {
|
||||
if ($start < 0) {
|
||||
$start = 0;
|
||||
}
|
||||
|
||||
if ($limit < 1) {
|
||||
$limit = 10;
|
||||
}
|
||||
|
||||
$query = $this->db->query("SELECT * FROM `" . DB_PREFIX . "user_authorize` WHERE `user_id` = '" . (int)$user_id . "' LIMIT " . (int)$start . "," . (int)$limit);
|
||||
|
||||
if ($query->num_rows) {
|
||||
return $query->rows;
|
||||
} else {
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_id
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function getTotalAuthorizes(int $user_id): int {
|
||||
$query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "user_authorize` WHERE `user_id` = '" . (int)$user_id . "'");
|
||||
|
||||
if ($query->num_rows) {
|
||||
return (int)$query->row['total'];
|
||||
} else {
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
134
admininistrator/model/user/user_group.php
Normal file
134
admininistrator/model/user/user_group.php
Normal file
@ -0,0 +1,134 @@
|
||||
<?php
|
||||
namespace Opencart\Admin\Model\User;
|
||||
/**
|
||||
* Class User Group
|
||||
*
|
||||
* @package Opencart\Admin\Model\User
|
||||
*/
|
||||
class UserGroup extends \Opencart\System\Engine\Model {
|
||||
/**
|
||||
* @param array $data
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function addUserGroup(array $data): int {
|
||||
$this->db->query("INSERT INTO `" . DB_PREFIX . "user_group` SET `name` = '" . $this->db->escape((string)$data['name']) . "', `permission` = '" . (isset($data['permission']) ? $this->db->escape(json_encode($data['permission'])) : '') . "'");
|
||||
|
||||
return $this->db->getLastId();
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_group_id
|
||||
* @param array $data
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function editUserGroup(int $user_group_id, array $data): void {
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user_group` SET `name` = '" . $this->db->escape((string)$data['name']) . "', `permission` = '" . (isset($data['permission']) ? $this->db->escape(json_encode($data['permission'])) : '') . "' WHERE `user_group_id` = '" . (int)$user_group_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_group_id
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function deleteUserGroup(int $user_group_id): void {
|
||||
$this->db->query("DELETE FROM `" . DB_PREFIX . "user_group` WHERE `user_group_id` = '" . (int)$user_group_id . "'");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_group_id
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getUserGroup(int $user_group_id): array {
|
||||
$query = $this->db->query("SELECT DISTINCT * FROM `" . DB_PREFIX . "user_group` WHERE `user_group_id` = '" . (int)$user_group_id . "'");
|
||||
|
||||
$user_group = [
|
||||
'name' => $query->row['name'],
|
||||
'permission' => json_decode($query->row['permission'], true)
|
||||
];
|
||||
|
||||
return $user_group;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $data
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getUserGroups(array $data = []): array {
|
||||
$sql = "SELECT * FROM `" . DB_PREFIX . "user_group` ORDER BY `name`";
|
||||
|
||||
if (isset($data['order']) && ($data['order'] == 'DESC')) {
|
||||
$sql .= " DESC";
|
||||
} else {
|
||||
$sql .= " ASC";
|
||||
}
|
||||
|
||||
if (isset($data['start']) || isset($data['limit'])) {
|
||||
if ($data['start'] < 0) {
|
||||
$data['start'] = 0;
|
||||
}
|
||||
|
||||
if ($data['limit'] < 1) {
|
||||
$data['limit'] = 20;
|
||||
}
|
||||
|
||||
$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
|
||||
}
|
||||
|
||||
$query = $this->db->query($sql);
|
||||
|
||||
return $query->rows;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return int
|
||||
*/
|
||||
public function getTotalUserGroups(): int {
|
||||
$query = $this->db->query("SELECT COUNT(*) AS `total` FROM `" . DB_PREFIX . "user_group`");
|
||||
|
||||
return (int)$query->row['total'];
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_group_id
|
||||
* @param string $type
|
||||
* @param string $route
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function addPermission(int $user_group_id, string $type, string $route): void {
|
||||
$user_group_query = $this->db->query("SELECT DISTINCT * FROM `" . DB_PREFIX . "user_group` WHERE `user_group_id` = '" . (int)$user_group_id . "'");
|
||||
|
||||
if ($user_group_query->num_rows) {
|
||||
$data = json_decode($user_group_query->row['permission'], true);
|
||||
|
||||
$data[$type][] = $route;
|
||||
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user_group` SET `permission` = '" . $this->db->escape(json_encode($data)) . "' WHERE `user_group_id` = '" . (int)$user_group_id . "'");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $user_group_id
|
||||
* @param string $type
|
||||
* @param string $route
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function removePermission(int $user_group_id, string $type, string $route): void {
|
||||
$user_group_query = $this->db->query("SELECT DISTINCT * FROM `" . DB_PREFIX . "user_group` WHERE `user_group_id` = '" . (int)$user_group_id . "'");
|
||||
|
||||
if ($user_group_query->num_rows) {
|
||||
$data = json_decode($user_group_query->row['permission'], true);
|
||||
|
||||
if (isset($data[$type])) {
|
||||
$data[$type] = array_diff($data[$type], [$route]);
|
||||
}
|
||||
|
||||
$this->db->query("UPDATE `" . DB_PREFIX . "user_group` SET `permission` = '" . $this->db->escape(json_encode($data)) . "' WHERE `user_group_id` = '" . (int)$user_group_id . "'");
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user