added admin function: add user

homepage/participo/lib/participoLib/user.php

@@ -1,20 +1,72 @@
 <?php
 
-/**
- * User for the Participo system
+require_once 'participoLib/participo.php';
+
+/** Frame for a User if the Participo system
  */
 class User
 {
-	private $id;
-	private $loginName;
-	private $name;
-	private $firstName;
-	private $dateOfBirth;
-	private $eMail;
-	private $config;
-	private $pwHash;
+	/** Constructor
+	 * @todo Document parameter
+	 * @todo Input sanitation
+	 */
+	public function __construct($id, $loginName, $name, $firstName, $dateOfBirth=null, $eMail=null, $config=null, $pwHash=null)
+	{
+		$this->id = filterId($id);
+		$this->loginName = $loginName;
+		$this->name = $name;
+		$this->firstName = $firstName;
+		$this->dateOfBirth = ($dateOfBirth != null) ? DateTime::createFromFormat('Y-m-d', $dateOfBirth) : null;
+		$this->eMail = ($eMail!=null) ? filter_var($eMail, FILTER_VALIDATE_EMAIL,['options'=>['default'=>null]]):null;
+		$this->config = $config;
+		$this->pwHash = $pwHash;
+	}
 
-	/** columns in the user table (in the database) with their type
+	////
+	// dbInterface
+	////
+
+	public function addToDb(){
+		// if the user has an Id set it has to come from the Db. Hence don't add an User that is already added.
+		if(isset($this->id) || !participo::isUserAdmin()){
+			return;
+		}
+		$this->id = self::dbInsert(
+			$this->loginName
+			, $this->name
+			, $this->firstName
+			, (isset($this->dateOfBirth))?($this->dateOfBirth->format('Y-m-d')):null
+			, $this->eMail
+			, $this->config
+			, $this->pwHash
+		);
+		return $this->id;
+	}
+
+	private static function dbInsert($loginName, $name, $firstName, $dateOfBirth=null, $eMail=null, $config=null, $pwHash=null){
+		$query = 'INSERT INTO `'.self::$tableName.'` '
+			.'(loginName, name, vorname, gebDatum, eMail, config, pwHash) '
+			.' VALUES (:loginName, :name, :vorname, :gebDatum, :eMail, :config, :pwHash);';
+		$params = [
+			':loginName'=>['value'=>$loginName, 'data_type' => self::$dbColumns['loginName']],
+			':name'=>['value'=>$name, 'data_type' => self::$dbColumns['name']],
+			':vorname'=>['value'=>$firstName, 'data_type' => self::$dbColumns['vorname']],
+			':gebDatum'=>['value'=>$dateOfBirth, 'data_type' => self::$dbColumns['gebDatum']],
+			':eMail'=>['value'=>$eMail, 'data_type' => self::$dbColumns['eMail']],
+			':config'=>['value'=>$config, 'data_type' => self::$dbColumns['config']],
+			':pwHash'=>['value'=>$pwHash, 'data_type' => self::$dbColumns['pwHash']],
+		];
+		$response = dbConnector::query($query, $params);
+		return dbConnector::getLastInsertId();
+	}
+
+	/** Name of the table with all the Users
+	 *
+	 * @var string
+	 */
+	private static $tableName = 'wkParticipo_Users';
+
+	/** columns in the User table (in the database) with their type
 	 *
 	 * @var array
 	 */
@@ -25,26 +77,48 @@ class User
 		'vorname' => PDO::PARAM_STR,
 		'gebDatum' => PDO::PARAM_STR,
 		'eMail' => PDO::PARAM_STR,
-		'pwHash' => PDO::PARAM_STR,
-		'config' => PDO::PARAM_STR
+		'config' => PDO::PARAM_STR,
+		'pwHash' => PDO::PARAM_STR
 	];
 
-	/** Constructor
-	 * @todo Document parameter
-	 * @todo Input sanitation
-	 */
-	public function __construct($id, $loginName, $name, $firstName, $dateOfBirth, $eMail, $config, $pwHash)
+
+	////
+	// html interface
+	////
+
+	public static function getHtmlFormAddUser($options = [])
 	{
-		$this->id = (int) $id;
-		$this->loginName = $loginName;
-		$this->name = $name;
-		$this->firstName = $firstName;
-		$this->dateOfBirth = $dateOfBirth != null ? DateTime::createFromFormat('Y-m-d', $dateOfBirth) : null;
-		$this->eMail = $eMail;
-		$this->config = $config;
-		$this->pwHash = $pwHash;
+		$returnToUrl = $options['returnToUrl'] ?? urlencode(getCurPagesUrl());
+		$formClass = isset($options['formClass']) ? 'class="'.$options['formClass'].'"' : '';
+
+		$form =
+			'<form ' . $formClass . ' action="api.user.add.php" method="post">'
+				. '<input type="hidden" name="returnToUrl" id="returnToUrl" value="' . $returnToUrl . '" >'
+				.'<div><label for="loginName">Benutzername</label> <input type="text" name="loginName" id="loginName"></div>'
+				.'<div><label for="name">Nachname</label> <input type="text" name="name" id="name"></div>'
+				.'<div><label for="firstName">Vorname</label> <input type="text" name="firstName" id="firstName"></div>'
+				.'<div><label for="dateOfBirth">Geb.Datum</label> <input type="text" name="dateOfBirth" id="dateOfBirth"></div>'
+				.'<div><label for="eMail">eMail</label> <input type="text" name="eMail" id="eMail"></div>'
+				. '<button class="btn" type="submit" name="submit">erstellen</button>'
+			. '</form>';
+		return $form;
 	}
 
+	public static function htmlFormAddUser($options = []){
+		echo(self::getHtmlFormAddUser($options));
+	}
+
+
+	// member variables
+	private $id;
+	private $loginName;
+	private $name;
+	private $firstName;
+	private $dateOfBirth;
+	private $eMail;
+	private $config;
+	private $pwHash;
+
 	/** Export the User data into an associative array
 	 *
 	 * @return array associative array representing the user
@@ -105,7 +179,7 @@ class User
 	/** Create a User from an assoziative array like it is returned from db requests
 	 *
 	 * @param array $member associative array with the UserData from the dbRequest
-	 * @param $columnMappings renaming of columnNames, e.g., if the id  isn't under id in the array, add 'id'=>'userId' to the mappings
+	 * @param $columnMappings renaming of columnNames, e.g., if the id  isn't under 'id' in the array but under 'userID', add 'id'=>'userId' to the mappings
 	 * @return User initialized user
 	 */
 	public static function fromDbArray($member, $columnMappings = [])