buildDynamicQuery('vc_users'); $items = $this->generalGetFunction($query, $types, $params, $returnBoolean, 'User'); return $items; } public function createUser() { # check if the user already exists $_GET['builder'] = [1 => ['where' => [0 => 'user_email', 1 => $this->data['user_email']]]]; if ($this->getUser(true)) { $this->apiOutput(409, ['error' => 'user already exists.']); } if ($this->getUserGroupWeight() < $_SESSION['user']['user_group_weight']) { $this->apiOutput(400, ['error' => 'You cannot make an user with an lower weight then yourself!']); } $query = "INSERT INTO vc_users ( user_uuid, user_group_uuid, user_email, user_first_name, user_last_name, user_full_name, user_phone_number, user_password, user_password_reset_token, user_password_reset_expires, user_two_factor_enabled, user_two_factor_secret, user_status, user_verified_email, user_verified_phone, user_create_timestamp, user_modified_timestamp, user_last_login_timestamp, user_login_attempts, user_pref_language, user_stompable ) VALUES ( UUID(), ?, ?, ?, ?, ?, ?, ?, ?, ?, 0, NULL, ?, 0, 0, ?, NULL, NULL, 0, ?, 0 )"; $stmt = $this->prepareStatement($query); $stmt->bind_param("ssssssssisis", $this->data['user_group_uuid'], $this->data['user_email'], $this->data['user_first_name'], $this->data['user_last_name'], $this->data['user_full_name'], $this->data['user_phone_number'], $this->data['user_password'], $this->data['user_password_reset_token'], $this->data['user_password_reset_expires'], $this->data['user_status'], time(), $this->data['user_pref_language'], ); # Sending an email to the user $host = $_SERVER['HTTP_HOST']; $verifyLink = "https://{$host}/login/verifyEmail.php?token={$this->data['user_password_reset_token']}"; $this->executeStatement($stmt); $mail = new mailBuilder(); $mail->subject = "Hello " . $this->data['user_first_name'] . ", your Sentri account is ready — set your password"; $mail->addAddress($this->data['user_email'], $this->data['user_first_name']); $mail->mailText = ' Hello ' . $this->data['user_first_name'] . ',

An account has been created for you in Sentri.
To activate your account, please verify your email address and set your password by clicking the link below:
Activate My Account

Or copy and paste the following link into your browser:
' . $verifyLink . '

This link is valid for 24 hours.
After that, you’ll need to request a new activation link.

If you weren’t expecting this email or believe it was sent by mistake, you can safely ignore it.

Best regards,

The Sentri gnomes'; $mail->sendMail(); $this->apiOutput(200, ['success' => 'User created successfully. mail has been sent']); } private function getUserGroupWeight() { require_once 'API_usergroups.php'; $API_usergroups = new API_usergroups(); $_GET['builder'] = [1 => ['where' => [0 => 'user_group_uuid', 1 => $this->data['user_group_uuid']]]]; return $API_usergroups->getUserGroup()[0]['user_group_weight']; } public function updateUser() { # check if the user exists $_GET['builder'] = [1 => ['where' => [0 => 'user_uuid', 1 => $this->data['user_uuid']]]]; $this->getUser(); if ($this->getUserGroupWeight() < $_SESSION['user']['user_group_weight']) { $this->apiOutput(400, ['error' => 'You cannot edit a user with an lower weight then yourself!']); } $query = "UPDATE vc_users SET user_group_uuid = ?, user_email = ?, user_first_name = ?, user_last_name = ?, user_full_name = ?, user_phone_number = ?, user_status = ?, user_pref_language = ?, user_modified_timestamp = ?, user_stompable = ? WHERE user_uuid = ?"; $stmt = $this->prepareStatement($query); $stmt->bind_param('ssssssssiis', $this->data['user_group_uuid'], $this->data['user_email'], $this->data['user_first_name'], $this->data['user_last_name'], $this->data['user_full_name'], $this->data['user_phone_number'], $this->data['user_status'], $this->data['user_pref_language'], time(), $this->data['user_stompable'], $this->data['user_uuid']); $this->executeStatement($stmt); $this->apiOutput(200, ['success' => 'User successfully updated.']); } public function deleteUser() { # delete an user # chect if the user exists $_GET['builder'] = [1 => ['where' => [0 => 'user_uuid', 1 => $this->data['user_uuid']]]]; $user_data = $this->getUser()[0]; $this->data['user_group_uuid'] = $user_data['user_group_uuid']; # check group weigth if ($this->getUserGroupWeight() < $_SESSION['user']['user_group_weight']) { $this->apiOutput(400, ['error' => 'You cannot delete a user with an lower weight then yourself!']); } if ($user_data['user_uuid'] == $_SESSION['user']['user_uuid']) { $this->apiOutput(400, ['error' => 'You cannot delete yourself, maybe some rope will do.']); } $query = "DELETE FROM vc_users WHERE user_uuid = ?"; $stmt = $this->prepareStatement($query); $stmt->bind_param('s', $this->data['user_uuid']); $this->executeStatement($stmt); $this->apiOutput(200, ['success' => 'User successfully deleted']); } }