1 files changed, 29 insertions, 60 deletions

diff --git a/app/Models/UserDAO.php b/app/Models/UserDAO.php
index e9d3a7329..4e824cf01 100644
--- a/app/Models/UserDAO.php
+++ b/app/Models/UserDAO.php
@@ -1,83 +1,52 @@
 <?php
 
 class FreshRSS_UserDAO extends Minz_ModelPdo {
-	public function createUser($username, $new_user_language, $insertDefaultFeeds = true) {
-		$db = FreshRSS_Context::$system_conf->db;
-		require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
-
-		$userPDO = new Minz_ModelPdo($username);
-
-		$currentLanguage = Minz_Translate::language();
+	public function createUser($insertDefaultFeeds = false) {
+		require(APP_PATH . '/SQL/install.sql.' . $this->pdo->dbType() . '.php');
 
 		try {
-			Minz_Translate::reset($new_user_language);
-			$ok = false;
-			$bd_prefix_user = $db['prefix'] . $username . '_';
-			if (defined('SQL_CREATE_TABLES')) {	//E.g. MySQL
-				$sql = sprintf(SQL_CREATE_TABLES . SQL_CREATE_TABLE_ENTRYTMP . SQL_CREATE_TABLE_TAGS, $bd_prefix_user, _t('gen.short.default_category'));
-				$stm = $userPDO->bd->prepare($sql);
-				$ok = $stm && $stm->execute();
-			} else {	//E.g. SQLite
-				global $SQL_CREATE_TABLES, $SQL_CREATE_TABLE_ENTRYTMP, $SQL_CREATE_TABLE_TAGS;
-				if (is_array($SQL_CREATE_TABLES)) {
-					$instructions = array_merge($SQL_CREATE_TABLES, $SQL_CREATE_TABLE_ENTRYTMP, $SQL_CREATE_TABLE_TAGS);
-					$ok = !empty($instructions);
-					foreach ($instructions as $instruction) {
-						$sql = sprintf($instruction, $bd_prefix_user, _t('gen.short.default_category'));
-						$stm = $userPDO->bd->prepare($sql);
-						$ok &= ($stm && $stm->execute());
-					}
-				}
-			}
+			$sql = $SQL_CREATE_TABLES . $SQL_CREATE_TABLE_ENTRYTMP . $SQL_CREATE_TABLE_TAGS;
+			$ok = $this->pdo->exec($sql) !== false;	//Note: Only exec() can take multiple statements safely.
 			if ($ok && $insertDefaultFeeds) {
-				if (defined('SQL_INSERT_FEEDS')) {	//E.g. MySQL
-					$sql = sprintf(SQL_INSERT_FEEDS, $bd_prefix_user);
-					$stm = $userPDO->bd->prepare($sql);
-					$ok &= $stm && $stm->execute();
-				} else {	//E.g. SQLite
-					global $SQL_INSERT_FEEDS;
-					if (is_array($SQL_INSERT_FEEDS)) {
-						foreach ($SQL_INSERT_FEEDS as $instruction) {
-							$sql = sprintf($instruction, $bd_prefix_user);
-							$stm = $userPDO->bd->prepare($sql);
-							$ok &= ($stm && $stm->execute());
-						}
-					}
+				$default_feeds = FreshRSS_Context::$system_conf->default_feeds;
+				$stm = $this->pdo->prepare($SQL_INSERT_FEED);
+				foreach ($default_feeds as $feed) {
+					$parameters = [
+						':url' => $feed['url'],
+						':name' => $feed['name'],
+						':website' => $feed['website'],
+						':description' => $feed['description'],
+					];
+					$ok &= ($stm && $stm->execute($parameters));
 				}
 			}
 		} catch (Exception $e) {
-			Minz_Log::error('Error while creating user: ' . $e->getMessage());
+			Minz_Log::error('Error while creating database for user: ' . $e->getMessage());
 		}
 
-		Minz_Translate::reset($currentLanguage);
-
 		if ($ok) {
 			return true;
 		} else {
-			$info = empty($stm) ? array(2 => 'syntax error') : $stm->errorInfo();
-			Minz_Log::error('SQL error: ' . $info[2]);
+			$info = empty($stm) ? $this->pdo->errorInfo() : $stm->errorInfo();
+			Minz_Log::error(__METHOD__ . ' error: ' . $info[2]);
 			return false;
 		}
 	}
 
-	public function deleteUser($username) {
-		$db = FreshRSS_Context::$system_conf->db;
-		require_once(APP_PATH . '/SQL/install.sql.' . $db['type'] . '.php');
+	public function deleteUser() {
+		if (defined('STDERR')) {
+			fwrite(STDERR, 'Deleting SQL data for user “' . $this->current_user . "”…\n");
+		}
+
+		require(APP_PATH . '/SQL/install.sql.' . $this->pdo->dbType() . '.php');
+		$ok = $this->pdo->exec($SQL_DROP_TABLES) !== false;
 
-		if ($db['type'] === 'sqlite') {
-			return unlink(USERS_PATH . '/' . $username . '/db.sqlite');
+		if ($ok) {
+			return true;
 		} else {
-			$userPDO = new Minz_ModelPdo($username);
-
-			$sql = sprintf(SQL_DROP_TABLES, $db['prefix'] . $username . '_');
-			$stm = $userPDO->bd->prepare($sql);
-			if ($stm && $stm->execute()) {
-				return true;
-			} else {
-				$info = $stm == null ? array(2 => 'syntax error') : $stm->errorInfo();
-				Minz_Log::error('SQL error : ' . $info[2]);
-				return false;
-			}
+			$info = $stm == null ? $this->pdo->errorInfo() : $stm->errorInfo();
+			Minz_Log::error(__METHOD__ . ' error: ' . $info[2]);
+			return false;
 		}
 	}