Use error handling system in all controllers
This commit is contained in:
Thomas Rubini
parent
ddaecac0f1
commit
66d4a89bdb
@ -26,8 +26,7 @@ final class ApprController
|
|||||||
$A_appr = $O_apprModel->getApprById($I_appr_id);
|
$A_appr = $O_apprModel->getApprById($I_appr_id);
|
||||||
|
|
||||||
if ($A_appr === null) {
|
if ($A_appr === null) {
|
||||||
echo "404";
|
throw new HTTPSpecialCaseException(404);
|
||||||
return;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($A_appr["AUTHOR_ID"] !== $_SESSION["ID"]) {
|
if ($A_appr["AUTHOR_ID"] !== $_SESSION["ID"]) {
|
||||||
|
|||||||
@ -6,13 +6,13 @@ final class RecipeController
|
|||||||
public function viewAction(Array $A_urlParams = null, Array $A_postParams = null)
|
public function viewAction(Array $A_urlParams = null, Array $A_postParams = null)
|
||||||
{
|
{
|
||||||
if(count($A_urlParams)!=1){
|
if(count($A_urlParams)!=1){
|
||||||
return View::show("errors/404");
|
throw new HTTPSpecialCaseException(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$O_recipeModel = new RecipeModel();
|
$O_recipeModel = new RecipeModel();
|
||||||
$A_returnArray = $O_recipeModel->getFullRecipeWithApprs($A_urlParams[0]);
|
$A_returnArray = $O_recipeModel->getFullRecipeWithApprs($A_urlParams[0]);
|
||||||
if ($A_returnArray === null) {
|
if ($A_returnArray === null) {
|
||||||
return View::show("errors/404");
|
throw new HTTPSpecialCaseException(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$A_returnArray["ADMIN"] = Session::is_admin();
|
$A_returnArray["ADMIN"] = Session::is_admin();
|
||||||
@ -31,17 +31,17 @@ final class RecipeController
|
|||||||
Session::login_or_die();
|
Session::login_or_die();
|
||||||
|
|
||||||
if(count($A_urlParams)!=1){
|
if(count($A_urlParams)!=1){
|
||||||
return View::show("errors/404");
|
throw new HTTPSpecialCaseException(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$O_recipeModel = new RecipeModel();
|
$O_recipeModel = new RecipeModel();
|
||||||
$A_returnArray = $O_recipeModel->getFullRecipe($A_urlParams[0]);
|
$A_returnArray = $O_recipeModel->getFullRecipe($A_urlParams[0]);
|
||||||
if ($A_returnArray === null) {
|
if ($A_returnArray === null) {
|
||||||
return View::show("errors/404");
|
throw new HTTPSpecialCaseException(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($A_returnArray["AUTHOR_ID"] !== $_SESSION["ID"]) {
|
if ($A_returnArray["AUTHOR_ID"] !== $_SESSION["ID"]) {
|
||||||
die("You are not the owner of this recipe");
|
throw new HTTPSpecialCaseException(400, "You are not the owner of this recipe");
|
||||||
}
|
}
|
||||||
|
|
||||||
View::show("recipe/edit", $A_returnArray);
|
View::show("recipe/edit", $A_returnArray);
|
||||||
|
|||||||
@ -94,7 +94,7 @@ final class UserController
|
|||||||
public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null)
|
public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null)
|
||||||
{
|
{
|
||||||
if(count($A_urlParams)!=0){
|
if(count($A_urlParams)!=0){
|
||||||
return View::show("errors/404");
|
throw new HTTPSpecialCaseException(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
Session::login_or_die();
|
Session::login_or_die();
|
||||||
@ -111,20 +111,25 @@ final class UserController
|
|||||||
|
|
||||||
$O_userModel = new UserModel();
|
$O_userModel = new UserModel();
|
||||||
|
|
||||||
// TODO harmonize error handling here
|
|
||||||
if (isset($_FILES["profilPicture"])) {
|
if (isset($_FILES["profilPicture"])) {
|
||||||
|
|
||||||
if ($_FILES['profilPicture']['error'] !== UPLOAD_ERR_OK) {
|
if ($_FILES['profilPicture']['error'] !== UPLOAD_ERR_OK) {
|
||||||
die("Upload failed with error code " . $_FILES['profilPicture']['error']);
|
throw new HTTPSpecialCaseException(
|
||||||
|
400,
|
||||||
|
"Upload failed with error code " . $_FILES['profilPicture']['error']
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
$info = getimagesize($_FILES['profilPicture']['tmp_name']);
|
$info = getimagesize($_FILES['profilPicture']['tmp_name']);
|
||||||
if ($info === false) {
|
if ($info === false) {
|
||||||
die("Unable to determine image type of uploaded file");
|
throw new HTTPSpecialCaseException(
|
||||||
|
400,
|
||||||
|
"Unable to determine image type of uploaded file"
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (($info[2] !== IMAGETYPE_JPEG) && ($info[2] !== IMAGETYPE_PNG)) {
|
if (($info[2] !== IMAGETYPE_JPEG) && ($info[2] !== IMAGETYPE_PNG)) {
|
||||||
die("Not a jpeg/png");
|
throw new HTTPSpecialCaseException(400, "Not a jpeg/png");
|
||||||
}
|
}
|
||||||
|
|
||||||
$fp = fopen($_FILES['profilPicture']['tmp_name'], 'rb');
|
$fp = fopen($_FILES['profilPicture']['tmp_name'], 'rb');
|
||||||
@ -134,12 +139,16 @@ final class UserController
|
|||||||
$S_email = $_POST["email"];
|
$S_email = $_POST["email"];
|
||||||
if (!empty($S_email) && filter_var($S_email, FILTER_VALIDATE_EMAIL)) {
|
if (!empty($S_email) && filter_var($S_email, FILTER_VALIDATE_EMAIL)) {
|
||||||
$O_userModel->updateEmailByID($_SESSION["ID"], $_POST["email"]);
|
$O_userModel->updateEmailByID($_SESSION["ID"], $_POST["email"]);
|
||||||
|
}else{
|
||||||
|
throw new HTTPSpecialCaseException(400, "invalid email");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (isset($_POST["username"])) {
|
if (isset($_POST["username"])) {
|
||||||
$S_username = $_POST["username"];
|
$S_username = $_POST["username"];
|
||||||
if (!empty($S_username)) {
|
if (!empty($S_username)) {
|
||||||
$O_userModel->updateUsernameByID($_SESSION["ID"], $_POST["username"]);
|
$O_userModel->updateUsernameByID($_SESSION["ID"], $_POST["username"]);
|
||||||
|
}else{
|
||||||
|
throw new HTTPSpecialCaseException(400, "invalid username");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -183,13 +192,13 @@ final class UserController
|
|||||||
|
|
||||||
public function profilePicAction(Array $A_urlParams = null, Array $A_postParams = null)
|
public function profilePicAction(Array $A_urlParams = null, Array $A_postParams = null)
|
||||||
{
|
{
|
||||||
if (count($A_urlParams) !== 1 ) die();
|
if (count($A_urlParams) !== 1 ) throw new HTTPSpecialCaseException(404);
|
||||||
|
|
||||||
$O_userModel = new UserModel();
|
$O_userModel = new UserModel();
|
||||||
$A_user = $O_userModel->getUserByID($A_urlParams[0]);
|
$A_user = $O_userModel->getUserByID($A_urlParams[0]);
|
||||||
|
|
||||||
if (!isset($A_user)) {
|
if (!isset($A_user)) {
|
||||||
die();
|
throw new HTTPSpecialCaseException(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
header("Content-Type: image/png");
|
header("Content-Type: image/png");
|
||||||
|
|||||||
@ -9,13 +9,13 @@ final class Utils
|
|||||||
public static function getOrDie($DICT, $key)
|
public static function getOrDie($DICT, $key)
|
||||||
{
|
{
|
||||||
if (isset($DICT[$key])) return $DICT[$key];
|
if (isset($DICT[$key])) return $DICT[$key];
|
||||||
else die("Key $key not present");
|
else throw new HTTPSpecialCaseException(400, "Key $key not present");
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function intOrDie($data)
|
public static function intOrDie($data)
|
||||||
{
|
{
|
||||||
if (is_numeric($data)) return (int) $data;
|
if (is_numeric($data)) return (int) $data;
|
||||||
else die("Not an int");
|
else throw new HTTPSpecialCaseException(400, "Not an int");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -61,7 +61,7 @@ final class Session
|
|||||||
{
|
{
|
||||||
if (!self::is_login()) {
|
if (!self::is_login()) {
|
||||||
header("Location: /user/login?return_uri=".$_SERVER["REQUEST_URI"]);
|
header("Location: /user/login?return_uri=".$_SERVER["REQUEST_URI"]);
|
||||||
die();
|
throw new HTTPSpecialCaseException(403);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -76,8 +76,7 @@ final class Session
|
|||||||
Session::login_or_die();
|
Session::login_or_die();
|
||||||
|
|
||||||
if (!self::is_admin()) {
|
if (!self::is_admin()) {
|
||||||
header("Location: /");
|
throw new HTTPSpecialCaseException(403);
|
||||||
die();
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user