Merge pull request #8 from ThomasRubini/user_view
This commit is contained in:
Thomas Rubini
GitHub
commit
78a1794c1a
@ -1,5 +1,9 @@
|
||||
<?php
|
||||
|
||||
$__SESSION_TIMEOUT = 2*60*60;
|
||||
ini_set("session.gc_maxlifetime", $__SESSION_TIMEOUT);
|
||||
ini_set("session.cookie_lifetime", $__SESSION_TIMEOUT);
|
||||
|
||||
final class UserController
|
||||
{
|
||||
|
||||
@ -20,11 +24,20 @@ final class UserController
|
||||
$S_password = self::get_or_die($A_postParams, "password");
|
||||
|
||||
$O_userModel = new UserModel();
|
||||
if ($O_userModel->isPasswordValid($S_email, $S_password)) {
|
||||
View::show("user/signin", array("success" => True));
|
||||
} else {
|
||||
View::show("user/signin", array("success" => False));
|
||||
$A_user = $O_userModel->getUserByEmail($S_email);
|
||||
if ($A_user == null) {
|
||||
return View::show("user/signin", array("success" => False, "msg" => "No user with this email"));
|
||||
}
|
||||
if (!password_verify($S_password, $A_user["PASS_HASH"])) {
|
||||
return View::show("user/signin", array("success" => False, "msg" => "Invalid password"));
|
||||
}
|
||||
if ($A_user["DISABLED"]) {
|
||||
return View::show("user/signin", array("success" => False, "msg" => "This account is disabled"));
|
||||
}
|
||||
|
||||
session_start();
|
||||
$_SESSION["ID"] = $A_user["ID"];
|
||||
View::show("user/signin", array("success" => True));
|
||||
}
|
||||
|
||||
public function signUpAction(Array $A_urlParams = null, Array $A_postParams = null)
|
||||
@ -52,7 +65,31 @@ final class UserController
|
||||
$S_password_hash = password_hash($S_password, PASSWORD_DEFAULT);
|
||||
|
||||
$O_userModel->createUser($S_email, $S_username, $S_password_hash);
|
||||
return View::show("user/signup", array("success" => True));
|
||||
return View::show("user/signup", array("success" => True));
|
||||
}
|
||||
|
||||
|
||||
public function viewAction(Array $A_urlParams = null, Array $A_postParams = null)
|
||||
{
|
||||
if(count($A_urlParams)!=0){
|
||||
return View::show("errors/404");
|
||||
}
|
||||
|
||||
session_start();
|
||||
|
||||
if(!isset($_SESSION) || !isset($_SESSION["ID"])){
|
||||
echo "301 NOT LOGIN";
|
||||
return;
|
||||
}
|
||||
|
||||
$O_userModel = new UserModel();
|
||||
$A_user = $O_userModel->getUserByID($_SESSION["ID"]);
|
||||
if ($A_user == null){
|
||||
// User has been deleted ?!
|
||||
echo "Error loading your profile ?";
|
||||
return;
|
||||
}
|
||||
|
||||
return View::show("user/view", $A_user);
|
||||
}
|
||||
}
|
||||
|
||||
@ -5,9 +5,9 @@ final class UserModel
|
||||
|
||||
public function createUser($S_email, $S_username, $S_password_hash){
|
||||
$O_model = Model::get();
|
||||
$stmt = $O_model->prepare("INSERT INTO USER (EMAIL, NAME, PASS_HASH) VALUES(:email, :name, :password_hash)");
|
||||
$stmt = $O_model->prepare("INSERT INTO USER (EMAIL, USERNAME, PASS_HASH) VALUES(:email, :username, :password_hash)");
|
||||
$stmt->bindParam("email", $S_email);
|
||||
$stmt->bindParam("name", $S_name);
|
||||
$stmt->bindParam("username", $S_username);
|
||||
$stmt->bindParam("password_hash", $S_password_hash);
|
||||
$stmt->execute();
|
||||
}
|
||||
@ -24,17 +24,26 @@ final class UserModel
|
||||
}
|
||||
|
||||
|
||||
public function isPasswordValid($S_email, $S_password){
|
||||
public function getUserByID($I_id){
|
||||
$O_model = Model::get();
|
||||
$stmt = $O_model->prepare("SELECT PASS_HASH FROM USER WHERE EMAIL=:email");
|
||||
$stmt = $O_model->prepare("SELECT * FROM USER WHERE ID=:id");
|
||||
$stmt->bindParam("id", $I_id);
|
||||
$stmt->execute();
|
||||
|
||||
$row = $stmt->fetch();
|
||||
if ($row === false) return null;
|
||||
return $row;
|
||||
}
|
||||
|
||||
public function getUserByEmail($S_email){
|
||||
$O_model = Model::get();
|
||||
$stmt = $O_model->prepare("SELECT * FROM USER WHERE email=:email");
|
||||
$stmt->bindParam("email", $S_email);
|
||||
$stmt->execute();
|
||||
|
||||
if($stmt->rowCount()==1){
|
||||
$row = $stmt->fetch();
|
||||
return password_verify($S_password, $row["PASS_HASH"]);
|
||||
}
|
||||
return False;
|
||||
$row = $stmt->fetch();
|
||||
if ($row === false) return null;
|
||||
return $row;
|
||||
}
|
||||
|
||||
public function getNameByID($I_id)
|
||||
@ -46,6 +55,6 @@ final class UserModel
|
||||
|
||||
$row = $stmt->fetch();
|
||||
if ($row === false) return null;
|
||||
return $row["NAME"];
|
||||
return $row["USERNAME"];
|
||||
}
|
||||
}
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
if ($A_view["success"]) {
|
||||
echo "Authentifié avec succès !";
|
||||
} else {
|
||||
echo "Authentification échouée";
|
||||
echo "Authentification échouée. Raison : ".$A_view["msg"];
|
||||
}
|
||||
?>
|
||||
</p>
|
||||
4
Views/user/view.php
Normal file
4
Views/user/view.php
Normal file
@ -0,0 +1,4 @@
|
||||
<p> Your account : </p>
|
||||
<p> Email : <?= $A_view["EMAIL"] ?> </p>
|
||||
<p> Name : <?= $A_view["USERNAME"] ?> </p>
|
||||
<p> Admin status : <?= $A_view["ADMIN"] ? "yes" : "no" ?> </p>
|
||||
Loading…
Reference in New Issue
Block a user