ModelUserUser::getUserByUsername() - Code Metrics - Nickbur/Sunrise-CMS - Measure and Improve Code Quality continuously with Scrutinizer

ModelUserUser::getUserByUsername() A
last analyzed 2019-09-02 14:26 UTC

↳ Parent: ModelUserUser

Complexity

Conditions	1
Paths	1

Size

Total Lines	9
Code Lines	3

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	3
c	0
b	0
f	0
nc	1
nop	1
dl	0
loc	9
rs	10

<?php

/* 	Divine CMS - Open source CMS for widespread use.
    Copyright (c) 2019 Mykola Burakov ([email protected])

    See SOURCE.txt for other and additional information.

    This file is part of Divine CMS.

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program. If not, see <http://www.gnu.org/licenses/>. */

class ModelUserUser extends \Divine\Engine\Core\Model
namespace YourVendor;

class YourClass { }
{
    public function addUser($data)

    {
        $this->db->query("
			INSERT INTO `user` 
			SET username = '" . $this->db->escape($data['username']) . "', 
				user_group_id = '" . (int)$data['user_group_id'] . "', 
				salt = '" . $this->db->escape($salt = (new \Tokenly\TokenGenerator\TokenGenerator())->generateToken(9, 'SR')) . "', 
				password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "', 
				firstname = '" . $this->db->escape($data['firstname']) . "', 
				lastname = '" . $this->db->escape($data['lastname']) . "', 
				email = '" . $this->db->escape($data['email']) . "', 
				image = '" . $this->db->escape($data['image']) . "', 
				status = '" . (int)$data['status'] . "', 
				date_added = NOW()
		");

        return $this->db->getLastId();
    }

    public function editUser($user_id, $data)
    {
        $this->db->query("
			UPDATE `user` 
			SET username = '" . $this->db->escape($data['username']) . "', 
				user_group_id = '" . (int)$data['user_group_id'] . "', 
				firstname = '" . $this->db->escape($data['firstname']) . "', 
				lastname = '" . $this->db->escape($data['lastname']) . "', 
				email = '" . $this->db->escape($data['email']) . "', 
				image = '" . $this->db->escape($data['image']) . "', 
				status = '" . (int)$data['status'] . "' 
			WHERE user_id = '" . (int)$user_id . "'
		");

        if ($data['password']) {
            $this->db->query("
				UPDATE `user` 
				SET salt = '" . $this->db->escape($salt = (new \Tokenly\TokenGenerator\TokenGenerator())->generateToken(9, 'SR')) . "', 
					password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "' 
				WHERE user_id = '" . (int)$user_id . "'
			");
        }
    }

    public function editPassword($user_id, $password)
    {
        $this->db->query("
			UPDATE `user` 
			SET salt = '" . $this->db->escape($salt = (new \Tokenly\TokenGenerator\TokenGenerator())->generateToken(9, 'SR')) . "', 
				password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "', 
				code = '' 
			WHERE user_id = '" . (int)$user_id . "'
		");
    }

    public function editCode($email, $code)
    {
        $this->db->query("
			UPDATE `user` 
			SET code = '" . $this->db->escape($code) . "' 
			WHERE LCASE(email) = '" . $this->db->escape(\voku\helper\UTF8::strtolower($email)) . "'
		");
    }

    public function deleteUser($user_id)
    {
        $this->db->query("
			DELETE 
			FROM `user` 
			WHERE user_id = '" . (int)$user_id . "'
		");
    }

    public function getUser($user_id)
    {
        $query = $this->db->query("
			SELECT *, 
				(
					SELECT ug.name 
					FROM `user_group` ug 
					WHERE ug.user_group_id = u.user_group_id) AS user_group 
			FROM `user` u 
			WHERE u.user_id = '" . (int)$user_id . "'
		");

        return $query->row;
    }

    public function getUserByUsername($username)
    {
        $query = $this->db->query("
			SELECT * 
			FROM `user` 
			WHERE username = '" . $this->db->escape($username) . "'
		");

        return $query->row;
    }

    public function getUserByEmail($email)
    {
        $query = $this->db->query("
			SELECT DISTINCT * 
			FROM `user` 
			WHERE LCASE(email) = '" . $this->db->escape(\voku\helper\UTF8::strtolower($email)) . "'
		");

        return $query->row;
    }

    public function getUserByCode($code)
    {
        $query = $this->db->query("
			SELECT * 
			FROM `user` 
			WHERE code = '" . $this->db->escape($code) . "' 
				AND code != ''
		");

        return $query->row;
    }

    public function getUsers($data = array())
    {
        $sql = "
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
			SELECT * 
			FROM `user`
		";

        $sort_data = array(
            'username',
            'status',
            'date_added'
        );

        if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
            $sql .= " ORDER BY " . $data['sort'];
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        } else {
            $sql .= " ORDER BY username";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        if (isset($data['order']) && ($data['order'] == 'DESC')) {
            $sql .= " DESC";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        } else {
            $sql .= " ASC";
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        if (isset($data['start']) || isset($data['limit'])) {
            if ($data['start'] < 0) {
                $data['start'] = 0;
            }

            if ($data['limit'] < 1) {
                $data['limit'] = 20;
            }

            $sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
        }

        $query = $this->db->query($sql);

        return $query->rows;
    }

    public function getTotalUsers()
    {
        $query = $this->db->query("
<?php

$singleQuoted = 'Value';
$doubleQuoted = "\tSingle is $singleQuoted";

print $doubleQuoted;
			SELECT COUNT(*) AS total 
			FROM `user`
		");

        return $query->row['total'];
    }

    public function getTotalUsersByGroupId($user_group_id)
    {
        $query = $this->db->query("
			SELECT COUNT(*) AS total 
			FROM `user` 
			WHERE user_group_id = '" . (int)$user_group_id . "'
		");

        return $query->row['total'];
    }

    public function getTotalUsersByEmail($email)
    {
        $query = $this->db->query("
			SELECT COUNT(*) AS total 
			FROM `user` 
			WHERE LCASE(email) = '" . $this->db->escape(\voku\helper\UTF8::strtolower($email)) . "'
		");

        return $query->row['total'];
    }
}


1			<?php
2
3			/* Divine CMS - Open source CMS for widespread use.
4			Copyright (c) 2019 Mykola Burakov ([email protected])
5
6			See SOURCE.txt for other and additional information.
7
8			This file is part of Divine CMS.
9
10			This program is free software: you can redistribute it and/or modify
11			it under the terms of the GNU General Public License as published by
12			the Free Software Foundation, either version 3 of the License, or
13			(at your option) any later version.
14
15			This program is distributed in the hope that it will be useful,
16			but WITHOUT ANY WARRANTY; without even the implied warranty of
17			MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18			GNU General Public License for more details.
19
20			You should have received a copy of the GNU General Public License
21			along with this program. If not, see <http://www.gnu.org/licenses/>. */
22
23			class ModelUserUser extends \Divine\Engine\Core\Model
			0 ignored issues – show Coding Style Compatibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions. You can fix this by adding a namespace to your class: namespace YourVendor; class YourClass { } When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries. Loading history...
24			{
25			public function addUser($data)
			0 ignored issues – show Coding Style introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report Expected 2 blank lines before function; 0 found Loading history...
26			{
27			$this->db->query("
28			INSERT INTO `user`
29			SET username = '" . $this->db->escape($data['username']) . "',
30			user_group_id = '" . (int)$data['user_group_id'] . "',
31			salt = '" . $this->db->escape($salt = (new \Tokenly\TokenGenerator\TokenGenerator())->generateToken(9, 'SR')) . "',
32			password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "',
33			firstname = '" . $this->db->escape($data['firstname']) . "',
34			lastname = '" . $this->db->escape($data['lastname']) . "',
35			email = '" . $this->db->escape($data['email']) . "',
36			image = '" . $this->db->escape($data['image']) . "',
37			status = '" . (int)$data['status'] . "',
38			date_added = NOW()
39			");
40
41			return $this->db->getLastId();
42			}
43
44			public function editUser($user_id, $data)
45			{
46			$this->db->query("
47			UPDATE `user`
48			SET username = '" . $this->db->escape($data['username']) . "',
49			user_group_id = '" . (int)$data['user_group_id'] . "',
50			firstname = '" . $this->db->escape($data['firstname']) . "',
51			lastname = '" . $this->db->escape($data['lastname']) . "',
52			email = '" . $this->db->escape($data['email']) . "',
53			image = '" . $this->db->escape($data['image']) . "',
54			status = '" . (int)$data['status'] . "'
55			WHERE user_id = '" . (int)$user_id . "'
56			");
57
58			if ($data['password']) {
59			$this->db->query("
60			UPDATE `user`
61			SET salt = '" . $this->db->escape($salt = (new \Tokenly\TokenGenerator\TokenGenerator())->generateToken(9, 'SR')) . "',
62			password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "'
63			WHERE user_id = '" . (int)$user_id . "'
64			");
65			}
66			}
67
68			public function editPassword($user_id, $password)
69			{
70			$this->db->query("
71			UPDATE `user`
72			SET salt = '" . $this->db->escape($salt = (new \Tokenly\TokenGenerator\TokenGenerator())->generateToken(9, 'SR')) . "',
73			password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "',
74			code = ''
75			WHERE user_id = '" . (int)$user_id . "'
76			");
77			}
78
79			public function editCode($email, $code)
80			{
81			$this->db->query("
82			UPDATE `user`
83			SET code = '" . $this->db->escape($code) . "'
84			WHERE LCASE(email) = '" . $this->db->escape(\voku\helper\UTF8::strtolower($email)) . "'
85			");
86			}
87
88			public function deleteUser($user_id)
89			{
90			$this->db->query("
91			DELETE
92			FROM `user`
93			WHERE user_id = '" . (int)$user_id . "'
94			");
95			}
96
97			public function getUser($user_id)
98			{
99			$query = $this->db->query("
100			SELECT *,
101			(
102			SELECT ug.name
103			FROM `user_group` ug
104			WHERE ug.user_group_id = u.user_group_id) AS user_group
105			FROM `user` u
106			WHERE u.user_id = '" . (int)$user_id . "'
107			");
108
109			return $query->row;
110			}
111
112			public function getUserByUsername($username)
113			{
114			$query = $this->db->query("
115			SELECT *
116			FROM `user`
117			WHERE username = '" . $this->db->escape($username) . "'
118			");
119
120			return $query->row;
121			}
122
123			public function getUserByEmail($email)
124			{
125			$query = $this->db->query("
126			SELECT DISTINCT *
127			FROM `user`
128			WHERE LCASE(email) = '" . $this->db->escape(\voku\helper\UTF8::strtolower($email)) . "'
129			");
130
131			return $query->row;
132			}
133
134			public function getUserByCode($code)
135			{
136			$query = $this->db->query("
137			SELECT *
138			FROM `user`
139			WHERE code = '" . $this->db->escape($code) . "'
140			AND code != ''
141			");
142
143			return $query->row;
144			}
145
146			public function getUsers($data = array())
147			{
148			$sql = "
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal \n SELECT * \... FROM `user`\n does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
149			SELECT *
150			FROM `user`
151			";
152
153			$sort_data = array(
154			'username',
155			'status',
156			'date_added'
157			);
158
159			if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
160			$sql .= " ORDER BY " . $data['sort'];
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `ORDER BY` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
161			} else {
162			$sql .= " ORDER BY username";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `ORDER BY username` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
163			}
164
165			if (isset($data['order']) && ($data['order'] == 'DESC')) {
166			$sql .= " DESC";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `DESC` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
167			} else {
168			$sql .= " ASC";
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `ASC` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
169			}
170
171			if (isset($data['start']) \|\| isset($data['limit'])) {
172			if ($data['start'] < 0) {
173			$data['start'] = 0;
174			}
175
176			if ($data['limit'] < 1) {
177			$data['limit'] = 20;
178			}
179
180			$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `LIMIT` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history... Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal `,` does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
181			}
182
183			$query = $this->db->query($sql);
184
185			return $query->rows;
186			}
187
188			public function getTotalUsers()
189			{
190			$query = $this->db->query("
			0 ignored issues – show Coding Style Comprehensibility introduced 2019-07-29 15:05 UTC by Report Bug Copy Issue Report The string literal \n SELECT COU... FROM `user`\n does not require double quotes, as per coding-style, please use single quotes. PHP provides two ways to mark string literals. Either with single quotes `'literal'` or with double quotes `"literal"`. The difference between these is that string literals in double quotes may contain variables with are evaluated at run-time as well as escape sequences. String literals in single quotes on the other hand are evaluated very literally and the only two characters that needs escaping in the literal are the single quote itself (`\'`) and the backslash (`\\`). Every other character is displayed as is. Double quoted string literals may contain other variables or more complex escape sequences. <?php $singleQuoted = 'Value'; $doubleQuoted = "\tSingle is $singleQuoted"; print $doubleQuoted; will print an indented: `Single is Value` If your string literal does not contain variables or escape sequences, it should be defined using single quotes to make that fact clear. For more information on PHP string literals and available escape sequences see the PHP core documentation. Loading history...
191			SELECT COUNT(*) AS total
192			FROM `user`
193			");
194
195			return $query->row['total'];
196			}
197
198			public function getTotalUsersByGroupId($user_group_id)
199			{
200			$query = $this->db->query("
201			SELECT COUNT(*) AS total
202			FROM `user`
203			WHERE user_group_id = '" . (int)$user_group_id . "'
204			");
205
206			return $query->row['total'];
207			}
208
209			public function getTotalUsersByEmail($email)
210			{
211			$query = $this->db->query("
212			SELECT COUNT(*) AS total
213			FROM `user`
214			WHERE LCASE(email) = '" . $this->db->escape(\voku\helper\UTF8::strtolower($email)) . "'
215			");
216
217			return $query->row['total'];
218			}
219			}
220

Nickbur / Sunrise-CMS

ModelUserUser::getUserByUsername() A last analyzed 2019-09-02 14:26 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

ModelUserUser::getUserByUsername() A
last analyzed 2019-09-02 14:26 UTC