wefra/modules/ClassUser.php

<?php
class ClassUser extends ClassConfig {
	public function __construct(){}
	public function __destruct(){}
    
	private function _addFeatureToUser($user_id, $feature_code){
		$this->_userId = $user_id;
		$this->_featureCode = $feature_code;
		$oPDOLink = ClassConfig::databaseConnect();
		$sql="
		INSERT INTO useruser_corefeature_rel(
			user_id,
			core_feature_id
		) VALUES (
			:user_id,
			(SELECT id FROM core_feature WHERE code=:feature_code LIMIT 1)
		);
		";
        $execSQL = $oPDOLink->prepare($sql);
        $execSQL->execute(array(':user_id'=>$this->_userId, ':feature_code'=>$this->_featureCode));
	}
	//ENDOF _addFeatureToUser()
	
	
    public function getUserIdByLogin($user_login){
		$this->_userLogin = $user_login;
        $oPDOLink = ClassConfig::databaseConnect();
		$sql = "SELECT id FROM user_user WHERE login=:login";
		$execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array(':login'=>$this->_userLogin));
		$row = $execSQL->fetch(PDO::FETCH_ASSOC);
		return $row['id'];
	}
	//ENDOF getUserIdByLogin()
	
	private function _checkIfVipOfferActive(){
		$config = ClassConfig::getConfig();
		$oPDOLink = ClassConfig::databaseConnect();
		if($config['is_vip_offer_active']==='true'){
			return true;
		} else {
			return false;
		}
	}
	//ENDOF _checkIfVipOfferActive()
	
	private function _checkIfEverythingForFreeActive(){
		$config = ClassConfig::getConfig();
    $oPDOLink = ClassConfig::databaseConnect(); //FIX is this code still needed?
		if($config['is_everything_for_free_offer_active']=='true'){
			return true;
		} else {
			return false;
		}
	}
	//ENDOF _checkIfEverythingForFreeActive()
	
	private function _checkEmailConfirmation($email, $email_confirmation){
		$config = ClassConfig::getConfig();
		$oPDOLink = ClassConfig::databaseConnect();
		
		//IF password and confirmPassword are not identical, displaying an error message
		if($email == $email_confirmation){
			return true;
		} else {
			return false;
		}
	}
	//ENDOF _checkEmailConfirmation()
	
	private function _createUserUser($data){
		$this->_data = $data;
		$config = ClassConfig::getConfig();
		$oPDOLink = ClassConfig::databaseConnect();
		$activation_code = rand();
		
		$sql="
		INSERT INTO user_user(email, password, activation_code,
				core_lang_id, core_country_id, core_currency_id, core_theme_id,
				comment
		) VALUES (
				:email, :password, :activation_code,
				(SELECT id FROM core_lang WHERE code='en_gb'),
				(SELECT id FROM core_country WHERE code='ch'),
				(SELECT id FROM core_currency WHERE code='chf'),
				(SELECT id FROM core_theme WHERE code='materialize'),
				'user registered online via Wefra frontend'
		)
		";
		$execSQL = $oPDOLink->prepare($sql);
		$res = $execSQL->execute([
				':email'=>$this->_data['formRegisterFieldEmail'],
				':password'=>sha1($this->_data['formRegisterFieldPassword'].'-k3P[8x&'),
				':activation_code'=>$activation_code
		]);
		if($res == true || $res == 1){
			$user_id = $oPDOLink->lastInsertId('user_user_id_seq');
			return $user_id;
		} else {
			return false;
		}
	}
	//ENDOF _createUserUser()
	
	private function _createUserDetail($user_id){
		$config = ClassConfig::getConfig();
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		INSERT INTO user_detail(user_id)
		VALUES (:user_id)
		";
		$execSQL = $oPDOLink->prepare($sql);
		return $execSQL->execute(array(':user_id'=>$user_id));
	}
	//ENDOF _createUserDetail()
	
	private function _setFeaturesToUser($user_id){
		$config = ClassConfig::getConfig();
		$oPDOLink = ClassConfig::databaseConnect();
		
		// get features for user
		$sql="SELECT id FROM core_feature WHERE is_user_feature=TRUE;";
		$getFeatures = $oPDOLink->prepare($sql);
		$getFeatures->execute(array());
		$features = $getFeatures->fetchAll(PDO::FETCH_ASSOC);
		
		$sql="
		INSERT INTO useruser_corefeature_rel(user_id, core_feature_id)
		VALUES (
			:user_id,
			:feature_id
		);
		";
		$execSQL = $oPDOLink->prepare($sql);
		
		//set features to user
		foreach($features as $feature){
			$execSQL->execute(array(':user_id'=>$user_id, ':feature_id'=>$feature['id']));
		}
		return true;
	}
	//ENDOF _setFeaturesToUser()
	
	public function createUser($data){
		$this->_data = $data;
		$resEC = $this->_checkEmailConfirmation($this->_data['formRegisterFieldPassword'], $this->_data['formRegisterFieldConfirmPassword']);
		
		if($resEC == true){
			$user_id = $this->_createUserUser($this->_data);
			if(is_numeric($user_id) == true){
				$resCUD = $this->_createUserDetail((integer) $user_id);
				if($resCUD){
					$resSFTU = $this->_setFeaturesToUser($user_id);
					return 'success_creation_user';
				} else {
					return 'error_create_user_detail';
				}
			} else {
				return 'error_create_user_user';
			}
		} else {
			return 'email_diff_confirm_email';
		}
	}
	//ENDOF createUser()
	
	public function activateUser($activation_code){
		$this->_activationCode = (string) $activation_code;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		UPDATE user_user
		SET is_active=TRUE
		WHERE activation_code=:activation_code
		";
		$execSQL = $oPDOLink->prepare($sql);
		if($execSQL->execute(array(':activation_code'=>$this->_activationCode))){
			
			$sql="
			SELECT firstname, email
			FROM user_user
			WHERE activation_code=:activation_code
			";
			$execSQL = $oPDOLink->prepare($sql);
			$execSQL->execute(array(':activation_code'=>$this->_activationCode));
			$row = $execSQL->fetch(PDO::FETCH_ASSOC);
			
			$message['firstname'] = $row['firstname'];
			$message['email'] = $row['email'];
			$message['state'] = 'success';
			$message['css_class'] = 'success-message';
			$message['translation_code'] = 'message_activateUserSuccess';
		} else {
			$message['state'] = 'failed';
			$message['css_class'] = 'failed-message';
			$message['translation_code'] = 'message_activateUserFailed';
		}
		return $message;
		
	}
	//ENDOF activateUser()
	
	public function login($post_datas=array()){
		$this->_postDatas = $post_datas;
		$oPDOLink = ClassConfig::databaseConnect();

		if($this->_postDatas['formLoginFieldEmail']=='' || $this->_postDatas['formLoginFieldPassword']==''){
			$message['state'] = 'no_required_fields_filled';
			$message['css_class'] = 'failed-message';
			$message['translation_code'] = "message_requiredFieldsNotFilled";
			return $message;
		}
		
		$sql="
		SELECT uu.id, uu.email, uu.password, uu.firstname, uu.lastname, uu.phone,
			uu.core_lang_id, uu.core_country_id, uu.core_currency_id,
			uu.is_backend_access, uu.is_employee, uu.is_active, 
			(SELECT code FROM core_lang WHERE id=core_lang_id) AS lang_code,
			(SELECT code FROM core_country WHERE id=core_country_id) AS country_code,
			(SELECT code FROM core_currency WHERE id=core_currency_id) AS currency_code
		FROM user_user uu
			INNER JOIN user_detail ud
				ON uu.id=ud.user_id
		WHERE uu.email=:email AND uu.password=:password
		LIMIT 1
		";
		
		//$sql="
		//SELECT uu.id, uu.email, uu.password, uu.firstname, uu.lastname, uu.phone,
		//	uu.core_lang_id, uu.core_country_id, uu.core_currency_id,
		//	uu.is_backend_access, uu.is_employee, uu.is_active, 
		//	(SELECT code FROM core_lang WHERE id=core_lang_id) AS lang_code,
		//	(SELECT code FROM core_country WHERE id=core_country_id) AS country_code,
		//	(SELECT code FROM core_currency WHERE id=core_currency_id) AS currency_code
		//FROM user_user uu
		//	INNER JOIN user_detail ud
		//		ON uu.id=ud.user_id
		//WHERE uu.email=:email AND uu.password=:password
		//LIMIT 1
		//";
		
		$execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array(
				':email'=>$this->_postDatas['formLoginFieldEmail'],
				':password'=>sha1($this->_postDatas['formLoginFieldPassword'].'-k3P[8x&')
		));
		$row = $execSQL->fetch(PDO::FETCH_ASSOC);
		if(isset($row['is_active']) and $row['is_active']==false){
			$message['state'] = 'account_not_activated';
			$message['css_class'] = 'warning-message';
			$message['translation_code'] = 'messageLogin_accountNotActivated';
			return $message;
		} else if(isset($row['email'])){
			unset($_SESSION['features']);
			$_SESSION['features'] = $this->getFeatures($row['id']);
			$row['state'] = 'success';
			return $row;
		} else{
			$message['state'] = 'bad_login_or_password';
			$message['css_class'] = 'failed-message';
			//FIX translate this message
			$message['translation_code'] = "messageLogin_badLoginOrPassword";
			return $message;
		}
	}
	
	public function getFeatures($user_id){
		$this->_userId = $user_id;
		$oPDOLink = ClassConfig::databaseConnect();
		$sql = "
		SELECT f.*,
			(SELECT source FROM core_translation WHERE id=f.url_translation_id) AS url,
			(SELECT source FROM core_translation WHERE id=f.name_translation_id) AS menu_label
		FROM useruser_corefeature_rel r
			INNER JOIN core_feature f
				ON r.core_feature_id=f.id
		WHERE r.user_id=:user_id
			AND f.is_active=TRUE
		ORDER BY f.priority ASC;
		";
        $execSQL = $oPDOLink->prepare($sql);
        $execSQL->execute(array(':user_id'=>$this->_userId));
        $rows = $execSQL->fetchAll(PDO::FETCH_OBJ);
        return $rows;
	}
	

	public function setThemeForUser($user_id, $theme_code){
        $this->_userId = $user_id;
        $this->_themeCode = $theme_code;
        $oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		UPDATE user_user
		SET core_theme_id = (SELECT id FROM core_theme WHERE code=:theme_code)
		WHERE id=:user_id;
        ";
		
        $execSQL = $oPDOLink->prepare($sql);
        if($execSQL->execute(array(
			':theme_code'=>$this->_themeCode,
			':user_id'=>$this->_userId
		))){
			$res['css_class'] = 'success-message';
			$res['state'] = 'success';
		} else{
			$res['css_class'] = 'failed-message';
			$res['state'] = 'failed';
		}
        return $res;
	}
	
	public function setLangForUser($user_id, $lang_code){
		$this->_userId = $user_id;
		$this->_langCode = $lang_code;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		UPDATE user_user
		SET core_lang_id = (SELECT id FROM core_lang WHERE code=:lang_code)
		WHERE id=:user_id;
        ";
		
		$execSQL = $oPDOLink->prepare($sql);
		if($execSQL->execute(array(
				':lang_code'=>$this->_langCode,
				':user_id'=>$this->_userId
		))){
			$sql = "
			SELECT id, code FROM core_lang WHERE code=:code LIMIT 1;
			";
			$execSQL = $oPDOLink->prepare($sql);
			$execSQL->execute(array(':code'=>$this->_langCode));
			$row = $execSQL->fetch(PDO::FETCH_ASSOC);
			return $row;
		} else{
			return false;
		}
	}
	
	public function checkAccessFeature($user_id, $feature_code){
        $this->_userId = $user_id;
        $this->_featureCode = $feature_code;
        $oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		SELECT COUNT(core_feature_id) AS autorization
		FROM useruser_corefeature_rel
		WHERE user_id=:user_id
			AND core_feature_id=(
				SELECT id
				FROM core_feature
				WHERE code=:feature_code
				LIMIT 1
			);
        ";
		
        $execSQL = $oPDOLink->prepare($sql);
        $execSQL->execute(array(
			':user_id'=>$this->_userId,
			':feature_code'=>$this->_featureCode
		));
        $row = $execSQL->fetch(PDO::FETCH_ASSOC);
        return $row;
	}
	
	public function changePhone($user_id, $data){
        $this->_userId = $user_id;
        $this->_data = $data;
		$code = microtime(true);
        $oPDOLink = ClassConfig::databaseConnect();
		
		$sql="INSERT INTO user_user_temp(code, user_id, phone) VALUES(:code, :user_id, :phone);";
		
        $execSQL = $oPDOLink->prepare($sql);
		if($execSQL->execute(array(
			':user_id'=>$this->_userId,
			':phone'=>$this->_data['phone'],
			':code'=>$code
		))){
			$message['state'] = 'success';
		} else{
			$message['state'] = 'failed';
		}
        return $message;
	}
	
	public function changeEmail($user_id, $data){
        $this->_userId = $user_id;
        $this->_data = $data;
		$code = microtime(true);
        $oPDOLink = ClassConfig::databaseConnect();
		
		$sql="INSERT INTO user_user_temp(code, user_id, email) VALUES(:code, :user_id, :email);";
		
        $execSQL = $oPDOLink->prepare($sql);
        if($this->_data['email'] != $this->_data['email_confirm']){
			$message['state'] = 'failed_mail_confirm';
		} else if($execSQL->execute(array(
			':code'=>$code,
			':user_id'=>$this->_userId,
			':email'=>$this->_data['email']
		))){
			$message['state'] = 'success';
		} else{
			$message['state'] = 'failed';
		}
        return $message;
	}
	
	public function changePassword($user_id, $data){
        $this->_userId = $user_id;
        $this->_data = $data;
        $oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		SELECT password
		FROM user_user
		WHERE id=:user_id;
        ";
		
        $execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array(':user_id'=>$this->_userId));
		$row = $execSQL->fetch(PDO::FETCH_ASSOC);
		
        if(isset($row['password']) && sha1($this->_data['oldPassword'].'-k3P[8x&') != $row['password']){
			$message['state'] = 'failed_bad_password';
		} else if($this->_data['newPassword'] != $this->_data['confirmPassword']){
			$message['state'] = 'failed_password_confirm';
		} else{
			
			$sql="
			UPDATE user_user
			SET password=:password
			WHERE id=:user_id;
			";
			
			$execSQL = $oPDOLink->prepare($sql);
			if($execSQL->execute(array(
				':user_id'=>$this->_userId,
				':password'=>sha1($this->_data['newPassword'].'-k3P[8x&')
			))){
				$message['state'] = 'success';
			} else{
				$message['state'] = 'failed';
			}
		}
        return $message;
	}
	
	public function resetPassword($change_password_request_code, $data){
        $this->_changePasswordRequestCode = $change_password_request_code;
        $this->_data = $data;
        $oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		SELECT COUNT(code) AS nb_codes
		FROM user_user_change_password_request
		WHERE code=:change_password_request_code;
		";
		
		$execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array(':change_password_request_code'=>$this->_changePasswordRequestCode));
		$nbCode = $execSQL->fetch(PDO::FETCH_ASSOC);
		
		if($nbCode['nb_codes'] == 0){
			$message['state'] = 'failed_invalid_code';
		} else if($this->_data['password'] != $this->_data['password_confirmation']){
			$message['state'] = 'failed_password_confirm';
		} else{
			
			$sql="
			UPDATE user_user
			SET password=:password
			WHERE id=(
				SELECT user_id
				FROM user_user_change_password_request
				WHERE code=:change_password_request_code
				LIMIT 1
			);
			";
			
			$execSQL = $oPDOLink->prepare($sql);
			if($execSQL->execute(array(
				':change_password_request_code'=>$this->_changePasswordRequestCode,
				':password'=>sha1($this->_data['password'].'-k3P[8x&')
			))){
				$message['state'] = 'success';
				
				$sql="
				DELETE FROM user_user_change_password_request
				WHERE user_id=(
					SELECT user_id
					FROM user_user_change_password_request
					WHERE code=:change_password_request_code
					LIMIT 1
				);
				";
				$execSQL = $oPDOLink->prepare($sql);
				$execSQL->execute(array(':change_password_request_code'=>$this->_changePasswordRequestCode));
			} else{
				$message['state'] = 'failed';
			}
		}
        return $message;
	}

	public function listUsersToValid(){
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		SELECT cu.*
		FROM user_user cu
			INNER JOIN workflow_item wf
				ON cu.id=wf.model_id
		WHERE wf.model='user'
			AND wf.wf_state_id=(SELECT id FROM workflow_state WHERE code='draft' AND wf_id=(SELECT id FROM workflow_workflow WHERE name='partner') LIMIT 1);
		";
		
        $execSQL = $oPDOLink->prepare($sql);
        $execSQL->execute(array());
        $rows = $execSQL->fetchAll(PDO::FETCH_ASSOC);
        return $rows;
	}
	
	public function listUsers(){
		$oPDOLink = ClassConfig::databaseConnect();
		$sql="
		SELECT co.name AS country, co.code AS country_code,
				cu.name AS currency, cu.code AS currency_code, cu.symbol AS currency_symbol, 
				uu.*
		FROM user_user uu
			LEFT JOIN core_country co
				ON uu.core_country_id=co.id
			LEFT JOIN core_currency cu
				ON uu.core_currency_id=cu.id
		";
		//$sql="
		//SELECT cu.*
		//FROM user_user cu
		//	INNER JOIN workflow_item wf
		//		ON cu.id=wf.model_id
		//WHERE wf.model='user'
		//	AND wf.wf_state_id=(SELECT id FROM workflow_state WHERE code='valid' AND wf_id=(SELECT id FROM workflow_workflow WHERE name='partner') LIMIT 1);
		//";
        $execSQL = $oPDOLink->prepare($sql);
        $execSQL->execute(array());
        $rows = $execSQL->fetchAll(PDO::FETCH_ASSOC);
        return $rows;
	}
	
	public function validUser($user_id, $valider_id){
		$this->_userId = $user_id;
		$this->_validerId = $valider_id;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		UPDATE user_user
		SET is_active=TRUE
		WHERE id=:user_id;
		";
		
        $execSQL = $oPDOLink->prepare($sql);
        if($execSQL->execute(array(':user_id'=>$this->_userId))){
			$this->_setFeaturesToUser($this->_userId);
			ClassWorkflow::changeStatus('partner', 'draft_to_valid', 'user', $this->_userId, $this->_validerId);
			return true;
		} else {
			return false;
		}
	}
	
	public function getUser($user_id){
		$this->_userId = $user_id;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		SELECT *
		FROM user_user
		WHERE id=:user_id;
		";
		
        $execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array(':user_id'=>$this->_userId));
		$row = $execSQL->fetch(PDO::FETCH_ASSOC);
		
		return $row;
	}
	
	public function getUserForAdmin($user_id){
		$this->_userId = $user_id;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		SELECT uu.*, (SELECT code FROM marketing_channel mc WHERE mc.id=ud.marketing_channel_id) AS channel, ud.marketing_channel_precision AS channel_precision,
				cl.name AS language, cc.name AS country
		FROM user_user uu
			INNER JOIN user_detail ud
				ON uu.id=ud.user_id
			INNER JOIN core_lang cl
				ON uu.core_lang_id=cl.id
			INNER JOIN core_country cc
				ON uu.core_country_id=cc.id
		WHERE uu.id=:user_id;
		";
		
        $execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array(':user_id'=>$this->_userId));
		$row = $execSQL->fetch(PDO::FETCH_ASSOC);
		return $row;
	}
	
	public function getUsersChangementsRequests(){
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		SELECT cut.*, cu.name AS user_user_name
		FROM user_user_temp cut
			INNER JOIN user_user cu
				ON cu.id=cut.user_id;
		";
        $execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array());
		
		$rows = $execSQL->fetchAll(PDO::FETCH_ASSOC);
		return $rows;
	}
	
	public function getUserChangementRequest($user_temp_id){
		$this->_userTempId = $user_temp_id;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		SELECT *
		FROM user_user_temp
		WHERE id=:user_temp_id;
		";
        $execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array(':user_temp_id'=>$this->_userTempId));
		
		$row = $execSQL->fetch(PDO::FETCH_ASSOC);
		return $row;
	}
	
	public function validUserChangementRequest($user_temp_id){
		$this->_userTempId = $user_temp_id;
		$oPDOLink = ClassConfig::databaseConnect();
		$preparation = array();
		$message = array();
		$firstSetInserted = false;
		$user_temp_row = ClassUser::getUserChangementRequest($this->_userTempId);
		
		$preparation[':user_id'] = $user_temp_row['user_id'];
		
		$sql = "
		UPDATE user_user
		SET ";
        foreach($user_temp_row as $data=>$value){
            if(!in_array($data, array('id','create_date','code','user_id')) && $value != NULL){
				if($firstSetInserted){
					$sql .= ','.$data.'=:'.$data;
				} else{
					$sql .= $data.'=:'.$data;
					$firstSetInserted = true;
				}
				$preparation[':'.$data] = $value;
            }
        }
		$sql .= ' WHERE id=:user_id;';
		
		$sql2 = "
		DELETE FROM user_user_temp WHERE id=:user_temp_id;
		";
		
        $execSQL = $oPDOLink->prepare($sql);
        $execSQL2 = $oPDOLink->prepare($sql2);
		if($execSQL->execute($preparation) && $execSQL2->execute(array(':user_temp_id'=>$this->_userTempId))){
			$message['state'] = 'success';
		} else{
			$message['state'] = 'failed';
		}
		$message['user_id'] = $user_temp_row['user_id'];
		return $message;
	}
	
	public function listUsersOfPartnerByPartnerId($partner_id){
		$this->_partnerId = $partner_id;
		$oPDOLink = ClassConfig::databaseConnect();
		$sql = "
		SELECT cu.*, lang.name AS lang_name, theme.name AS theme_name
		FROM user_user cu
			INNER JOIN corepartner_useruser_rel cpur
				ON cpur.user_id=cu.id
			INNER JOIN core_lang lang
				ON lang.id=cu.core_lang_id
			INNER JOIN core_theme theme
				ON theme.id=cu.core_theme_id
		WHERE cpur.core_partner_id=:partner_id;
		";
		
        $execSQL = $oPDOLink->prepare($sql);
		$execSQL->execute(array(':partner_id'=>$this->_partnerId));
		
		$rows = $execSQL->fetchAll(PDO::FETCH_ASSOC);
		return $rows;
	}
	
	public function addChangePasswordRequest($user_login){
		$this->_userLogin = $user_login;
		$code = microtime(true);
		$oTrans = new ClassTranslation();
		$message = array();
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql = "
		INSERT INTO user_user_change_password_request(code, user_id)
		VALUES(
			:code,
			(SELECT id FROM user_user WHERE login=:user_login LIMIT 1)
		);
		";
		
        $execSQL = $oPDOLink->prepare($sql);
		if($execSQL->execute(array(
			':user_login'=>$this->_userLogin,
			':code'=>$code
		))){
			$message['state'] = 'success';
			$message['code'] = $code;
		} else{
			$message['state'] = 'failed';
		}
		return $message;
	}
	
	public function changeNotificationMail($user_id, $active_notification){
		$this->_userId = $user_id;
		$this->_activeNotification = $active_notification;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql = "
		UPDATE user_user
		SET is_accept_email=:active_notification
		WHERE id=:user_id;
		";
		
        $execSQL = $oPDOLink->prepare($sql);
		if($execSQL->execute(array(
			':user_id'=>$this->_userId,
			':active_notification'=>($this->_activeNotification?1:0)
		))){
			$message['state'] = 'success';
		} else{
			$message['state'] = 'failed';
		}
		return $message;
	}
	
	public function getFullProfile($user_id){
		$this->_userId = $user_id;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql = "
		SELECT cus.id, cus.email, cus.firstname, cus.lastname, cus.phone, cus.core_country_id, cus.core_currency_id, cus.comment, cus.city, cus.postcode,
			  lang.id AS core_lang_id, lang.code AS lang_code, lang.name AS lang_name,
			  cco.id AS country_id, cco.code AS country_code, cco.name AS country_name,
			  ccu.id AS currency_id, ccu.name AS currency_name, ccu.symbol AS currency_symbol
		FROM user_user cus
			INNER JOIN user_detail usd
				ON cus.id=usd.user_id
			INNER JOIN core_lang lang
				ON cus.core_lang_id=lang.id
			INNER JOIN core_country cco
				ON cus.core_country_id=cco.id
			INNER JOIN core_currency ccu
				ON cus.core_currency_id=ccu.id
		WHERE cus.id=:user_id;
		";
        $execSQL = $oPDOLink->prepare($sql);
		$row = $execSQL->execute(array(
			':user_id'=>$this->_userId,
		));
        $row = $execSQL->fetch(PDO::FETCH_ASSOC);
		return $row;
	}
	
	public function updatePersonalData($user_id, $data){
		$this->_userId = $user_id;
		$this->_data = $data;
		$oPDOLink = ClassConfig::databaseConnect();
		$sql="
		UPDATE user_user
		SET firstname=:firstname,
				lastname=:lastname,
				phone=:phone,
				core_lang_id=:lang_id,
				city=:city,
				postcode=:postcode,
				core_country_id=:country_id
		WHERE id=:user_id;
		";
		//core_currency_id=:currency_id
	
		$execSQL = $oPDOLink->prepare($sql);
		if($execSQL->execute(array(
				':firstname'=>$this->_data['firstname'],
				':lastname'=>$this->_data['lastname'],
				':phone'=>$this->_data['phone'],
				':lang_id'=>$this->_data['lang'],
				':country_id'=>$this->_data['country'],
				':city'=>$this->_data['city'],
				':postcode'=>$this->_data['postcode'],
				//':currency_id'=>$this->_data['currency'],
				':user_id'=>$this->_userId
		))){
			$res['state'] = 'success';
			$res['css_class'] = 'success-message';
			$res['translation_code'] = 'message_successUpdatePersonalData';
		} else{
			$res['state'] = 'failed';
			$res['css_class'] = 'failed-message';
			$res['translation_code'] = 'message_failedUpdatePersonalData';
		}
        return $res;
	}
	
	public function updateDetails($user_id, $data){
		$this->_userId = $user_id;
		$this->_data = $data;
		$oPDOLink = ClassConfig::databaseConnect();
		
		$sql="
		UPDATE user_detail
		SET max_distance=:max_distance
		WHERE user_id=:user_id;
    	";
		$execSQL = $oPDOLink->prepare($sql);
		if($execSQL->execute(array(
			':max_distance'=>$this->_data['max_distance'],
			':user_id'=>$this->_userId
		))){
			$res['state'] = 'success';
			$res['css_class'] = 'success-message';
			$res['translation_code'] = 'message_successUpdatePersonalDetail';
		} else{
			$res['state'] = 'failed';
			$res['css_class'] = 'failed-message';
			$res['translation_code'] = 'message_failedUpdatePersonalDetail';
		}
		return $res;
	}
}