DjalimSimaila/MVC_Recettes
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #8 from ThomasRubini/user_view

Browse Source
This commit is contained in:
Thomas Rubini 2023-01-17 09:36:40 +01:00 committed by GitHub
commit 78a1794c1a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 66 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
Controllers/UserController.php
View File

@ -1,5 +1,9 @@
<?php <?php
$__SESSION_TIMEOUT = 2*60*60;
ini_set("session.gc_maxlifetime", $__SESSION_TIMEOUT);
ini_set("session.cookie_lifetime", $__SESSION_TIMEOUT);
final class UserController final class UserController
{ {
@ -20,11 +24,20 @@ final class UserController
$S_password = self::get_or_die($A_postParams, "password"); $S_password = self::get_or_die($A_postParams, "password");
$O_userModel = new UserModel(); $O_userModel = new UserModel();
if ($O_userModel->isPasswordValid($S_email, $S_password)) { $A_user = $O_userModel->getUserByEmail($S_email);
View::show("user/signin", array("success" => True)); if ($A_user == null) {
} else { return View::show("user/signin", array("success" => False, "msg" => "No user with this email"));
View::show("user/signin", array("success" => False));
} }
if (!password_verify($S_password, $A_user["PASS_HASH"])) {
return View::show("user/signin", array("success" => False, "msg" => "Invalid password"));
}
if ($A_user["DISABLED"]) {
return View::show("user/signin", array("success" => False, "msg" => "This account is disabled"));
}
session_start();
$_SESSION["ID"] = $A_user["ID"];
View::show("user/signin", array("success" => True));
} }
public function signUpAction(Array $A_urlParams = null, Array $A_postParams = null) public function signUpAction(Array $A_urlParams = null, Array $A_postParams = null)
@ -52,7 +65,31 @@ final class UserController
$S_password_hash = password_hash($S_password, PASSWORD_DEFAULT); $S_password_hash = password_hash($S_password, PASSWORD_DEFAULT);
$O_userModel->createUser($S_email, $S_username, $S_password_hash); $O_userModel->createUser($S_email, $S_username, $S_password_hash);
return View::show("user/signup", array("success" => True)); return View::show("user/signup", array("success" => True));
}
public function viewAction(Array $A_urlParams = null, Array $A_postParams = null)
{
if(count($A_urlParams)!=0){
return View::show("errors/404");
}
session_start();
if(!isset($_SESSION) || !isset($_SESSION["ID"])){
echo "301 NOT LOGIN";
return;
}
$O_userModel = new UserModel();
$A_user = $O_userModel->getUserByID($_SESSION["ID"]);
if ($A_user == null){
// User has been deleted ?!
echo "Error loading your profile ?";
return;
}
return View::show("user/view", $A_user);
} }
} }

29
Models/UserModel.php
View File

@ -5,9 +5,9 @@ final class UserModel
public function createUser($S_email, $S_username, $S_password_hash){ public function createUser($S_email, $S_username, $S_password_hash){
$O_model = Model::get(); $O_model = Model::get();
$stmt = $O_model->prepare("INSERT INTO USER (EMAIL, NAME, PASS_HASH) VALUES(:email, :name, :password_hash)"); $stmt = $O_model->prepare("INSERT INTO USER (EMAIL, USERNAME, PASS_HASH) VALUES(:email, :username, :password_hash)");
$stmt->bindParam("email", $S_email); $stmt->bindParam("email", $S_email);
$stmt->bindParam("name", $S_name); $stmt->bindParam("username", $S_username);
$stmt->bindParam("password_hash", $S_password_hash); $stmt->bindParam("password_hash", $S_password_hash);
$stmt->execute(); $stmt->execute();
} }
@ -24,17 +24,26 @@ final class UserModel
} }
public function isPasswordValid($S_email, $S_password){ public function getUserByID($I_id){
$O_model = Model::get(); $O_model = Model::get();
$stmt = $O_model->prepare("SELECT PASS_HASH FROM USER WHERE EMAIL=:email"); $stmt = $O_model->prepare("SELECT * FROM USER WHERE ID=:id");
$stmt->bindParam("id", $I_id);
$stmt->execute();
$row = $stmt->fetch();
if ($row === false) return null;
return $row;
}
public function getUserByEmail($S_email){
$O_model = Model::get();
$stmt = $O_model->prepare("SELECT * FROM USER WHERE email=:email");
$stmt->bindParam("email", $S_email); $stmt->bindParam("email", $S_email);
$stmt->execute(); $stmt->execute();
if($stmt->rowCount()==1){ $row = $stmt->fetch();
$row = $stmt->fetch(); if ($row === false) return null;
return password_verify($S_password, $row["PASS_HASH"]); return $row;
}
return False;
} }
public function getNameByID($I_id) public function getNameByID($I_id)
@ -46,6 +55,6 @@ final class UserModel
$row = $stmt->fetch(); $row = $stmt->fetch();
if ($row === false) return null; if ($row === false) return null;
return $row["NAME"]; return $row["USERNAME"];
} }
} }

2
Views/user/signin.php
View File

@ -3,7 +3,7 @@
if ($A_view["success"]) { if ($A_view["success"]) {
echo "Authentifié avec succès !"; echo "Authentifié avec succès !";
} else { } else {
echo "Authentification échouée"; echo "Authentification échouée. Raison : ".$A_view["msg"];
} }
?> ?>
</p> </p>

4
Views/user/view.php Normal file
View File

@ -0,0 +1,4 @@
<p> Your account : </p>
<p> Email : <?= $A_view["EMAIL"] ?> </p>
<p> Name : <?= $A_view["USERNAME"] ?> </p>
<p> Admin status : <?= $A_view["ADMIN"] ? "yes" : "no" ?> </p>