DataInterface = $DataInterface; } /** * Get profile data. */ public function profileGet($User, $lang) { $ID_user = $User->ID; $statement = $this->DataInterface->DatabaseConnection->prepare( "SELECT * FROM user WHERE ID = $ID_user" ); if(!$statement->execute()) { return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } $user = $statement->fetchAll(\PDO::FETCH_ASSOC)[0]; if($user['type']=='investigator') { $statement = $this->DataInterface->DatabaseConnection->prepare( "SELECT probe.* FROM probe, ct_center, user WHERE probe.ID = ct_center.fk_probe AND user.fk_center = ct_center.ID AND user.ID = $ID_user" ); if(!$statement->execute()) { return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } $probe = $statement->fetchAll(\PDO::FETCH_ASSOC)[0]; $statement = $this->DataInterface->DatabaseConnection->prepare( "SELECT organization.* FROM organization, ct_center, user WHERE organization.ID = ct_center.fk_organization AND user.fk_center = ct_center.ID AND user.ID = $ID_user" ); if(!$statement->execute()) { return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } $organization = $statement->fetchAll(\PDO::FETCH_ASSOC)[0]; } else if($user['type']=='reader') { } else if($user['type']=='physician') { $statement = $this->DataInterface->DatabaseConnection->prepare( "SELECT * FROM probe WHERE fk_user = $ID_user" ); if(!$statement->execute()) { return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } $probe = $statement->fetchAll(\PDO::FETCH_ASSOC)[0]; $statement = $this->DataInterface->DatabaseConnection->prepare( "SELECT * FROM organization WHERE fk_user = $ID_user" ); if(!$statement->execute()) { return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } $organization = $statement->fetchAll(\PDO::FETCH_ASSOC)[0]; } $statement = $this->DataInterface->DatabaseConnection->prepare( "SELECT *, name_$lang AS name FROM country ORDER BY name_$lang" ); if(!$statement->execute()) { return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } $countries = $statement->fetchAll(\PDO::FETCH_ASSOC); // return [ 'result' => 'OK', 'ID' => $User->ID, 'firstname' => $User->firstname, 'lastname' => $User->lastname, 'email' => $User->email, 'user' => $user, 'probe' => $probe, 'organization' => $organization, 'countries' => $countries ]; } /** * Check data and create new account. */ public function profilePost($User, $data) { $ID_user = $User->ID; // user if (strlen($data['user']['password']) < 8 || !preg_match("#[0-9]+#", $data['user']['password']) || !preg_match("#[a-z]+#", $data['user']['password']) || !preg_match("#[A-Z]+#", $data['user']['password'])) { return ['result' => 'ERROR', 'reason' => 'password_strength']; } if($data['user']['password'] != $data['user']['password2']) { return ['result' => 'ERROR', 'reason' => 'password_mismatch']; } if(empty($data['user']['firstname'])) { return ['result' => 'ERROR', 'group' => 'user', 'reason' => 'firstname']; } if(empty($data['user']['lastname'])) { return ['result' => 'ERROR', 'group' => 'user', 'reason' => 'lastname']; } if(empty($data['user']['phone'])) { return ['result' => 'ERROR', 'group' => 'user', 'reason' => 'phone']; } // organization if(empty($data['organization']['name'])) { return ['result' => 'ERROR', 'group' => 'organization', 'reason' => 'name']; } if(empty($data['organization']['country'])) { return ['result' => 'ERROR', 'group' => 'organization', 'reason' => 'country']; } if(empty($data['organization']['zip'])) { return ['result' => 'ERROR', 'group' => 'organization', 'reason' => 'zip']; } if(empty($data['organization']['city'])) { return ['result' => 'ERROR', 'group' => 'organization', 'reason' => 'city']; } if(empty($data['organization']['address'])) { return ['result' => 'ERROR', 'group' => 'organization', 'reason' => 'address']; } if(empty($data['organization']['phone'])) { return ['result' => 'ERROR', 'group' => 'organization', 'reason' => 'phone']; } // probe if(empty($data['probe']['brand'])) { return ['result' => 'ERROR', 'group' => 'probe', 'reason' => 'brand']; } if(empty($data['probe']['year'])) { $data['probe']['year'] = null; } if(empty($data['probe']['frequency'])) { return ['result' => 'ERROR', 'group' => 'probe', 'reason' => 'frequency']; } // Begin transaction $this->DataInterface->DatabaseConnection->beginTransaction(); // Insert user $statement = $this->DataInterface->DatabaseConnection->prepare( "UPDATE user SET password=:password, firstname=:firstname, lastname=:lastname, phone=:phone WHERE ID=$ID_user" ); $password = \Tools\Crypto::getHashPassword($data['user']['password']); $statement->bindParam(':password', $password); $statement->bindParam(':firstname', $data['user']['firstname']); $statement->bindParam(':lastname', $data['user']['lastname']); $statement->bindParam(':phone', $data['user']['phone']); // Error check if(!$statement->execute()) { $this->DataInterface->DatabaseConnection->rollback(); return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } $fk_user = $this->DataInterface->DatabaseConnection->lastInsertId(); // Update organization (does nothing on investigator since fk_user is related to fk_center) $statement = $this->DataInterface->DatabaseConnection->prepare( "UPDATE organization SET name=:name, fk_country=:fk_country, zip=:zip, city=:city, address=:address, phone=:phone WHERE fk_user=$ID_user" ); $statement->bindParam(':name', $data['organization']['name']); $statement->bindParam(':fk_country', $data['organization']['country']); $statement->bindParam(':zip', $data['organization']['zip']); $statement->bindParam(':city', $data['organization']['city']); $statement->bindParam(':address', $data['organization']['address']); $statement->bindParam(':phone', $data['organization']['phone']); // Error check if(!$statement->execute()) { $this->DataInterface->DatabaseConnection->rollback(); return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } // Update probe (does nothing on investigator since fk_user is related to fk_center) $statement = $this->DataInterface->DatabaseConnection->prepare( "UPDATE probe SET name=:name, brand=:brand, type=:type, year=:year, frequency=:frequency WHERE fk_user=$ID_user" ); $statement->bindParam(':name', $data['probe']['name']); $statement->bindParam(':brand', $data['probe']['brand']); $statement->bindParam(':type', $data['probe']['type']); $statement->bindParam(':year', $data['probe']['year']); $statement->bindParam(':frequency', $data['probe']['frequency']); // Error check if(!$statement->execute()) { $this->DataInterface->DatabaseConnection->rollback(); return ['result' => 'ERROR', 'reason' => 'internal_error', 'message' => 'Database error', 'data' => $statement->errorInfo()]; } // Commit $this->DataInterface->DatabaseConnection->commit(); return [ 'result' => 'OK', 'data' => $data ]; } } }