lepisi-pengumuman/App/Models/Access.php

<?php
namespace App\Models;

class Access extends \Core\Model
{
    public function __construct()
    {
        $this->createTable(
            'user',
            [
                'id int(3) NOT NULL AUTO_INCREMENT',
                'username varchar(25) NOT NULL',
                'password char(13)',
                'salt char(23)',
                'name varchar(50)',
                'registered_at timestamp DEFAULT CURRENT_TIMESTAMP',
                'status tinyint DEFAULT 1',
                'PRIMARY KEY (id)'
            ]
        );
    }

    public function showAll()
    {
        try {
            $db = static::connectDB();

            $sql = "SELECT id, username, name, registered_at FROM user";

            if ($stmt = $db->query($sql)) {
                $result = $stmt->fetchAll(\PDO::FETCH_ASSOC);
                return true;
            }
            return false;
        } catch (PDOException $e) {
            echo $e->getMessage();
        }
    }

    public function showSingle($id)
    {
        try {
            $db = static::connectDB();

            $sql = "SELECT id, username, name, registered_at FROM user WHERE id = ?";

            $query = $db->prepare($sql);

            if ($query->execute([$id])) {
                if ($query->rowCount() === 1) {
                    $result = $query->fetch(\PDO::FETCH_ASSOC);
                    return $result;
                }
            }
            return false;
        } catch (PDOException $e) {
            echo $e->getMessage();
        }
    }

    public function login($args = [])
    {
        try {
            $username = $args['username'];
            $password = $args['password'];

            $db = static::connectDB();

            $sql = "SELECT id, password, salt FROM user WHERE username = ?";

            $query = $db->prepare($sql);
            $query->bindValue(1, $username);

            if ($query->execute()) {
                if ($query->rowCount() === 1) {
                    $result = $query->fetch(\PDO::FETCH_ASSOC);

                    $id = $result['id'];
                    $salt = $result['salt'];
                    $hash = $result['password'];

                    if (\Core\Hash::compare($password, $salt, $hash)) {
                        $user = $this->showSingle($id);

                        \Core\Session::put('userid', $user['id']);
                        \Core\Session::put('username', $user['username']);
                        \Core\Session::put('name', $user['name']);

                        $user_now = $user['username'];

                        \Core\Session::flash('info', "$user_now logged in");

                        return true;
                    }
                }
            }
            return false;
        } catch (PDOException $e) {
            echo $e->getMessage();
        }
    }
}