From 7fae33a7b37181b8f829ce9a2ae89b07990e454c Mon Sep 17 00:00:00 2001
From: Thomas Rubini <74205383+ThomasRubini@users.noreply.github.com>
Date: Tue, 17 Jan 2023 09:00:13 +0100
Subject: [PATCH] make basic account view
---
Controllers/UserController.php | 42 ++++++++++++++++++++++++++++++----
Models/UserModel.php | 12 ++++------
Views/user/signin.php | 2 +-
Views/user/view.php | 3 +++
4 files changed, 46 insertions(+), 13 deletions(-)
create mode 100644 Views/user/view.php
diff --git a/Controllers/UserController.php b/Controllers/UserController.php
index 35fa480..fde956a 100644
--- a/Controllers/UserController.php
+++ b/Controllers/UserController.php
@@ -1,5 +1,9 @@
isPasswordValid($S_email, $S_password)) {
- View::show("user/signin", array("success" => True));
- } else {
- View::show("user/signin", array("success" => False));
+ $A_user = $O_userModel->getUserByEmail($S_email);
+ if ($A_user == null) {
+ return View::show("user/signin", array("success" => False, "msg" => "No user with this email"));
}
+ if (!password_verify($S_password, $A_user["PASS_HASH"])) {
+ return View::show("user/signin", array("success" => False, "msg" => "Invalid password"));
+ }
+ if ($A_user["DISABLED"]) {
+ return View::show("user/signin", array("success" => False, "msg" => "This account is disabled"));
+ }
+
+ session_start();
+ $_SESSION["ID"] = $A_user["ID"];
+ $_SESSION["EMAIL"] = $A_user["EMAIL"];
+ $_SESSION["NAME"] = $A_user["NAME"];
+ $_SESSION["ADMIN"] = $A_user["ADMIN"];
+ View::show("user/signin", array("success" => True));
}
public function signUpAction(Array $A_urlParams = null, Array $A_postParams = null)
@@ -52,7 +68,23 @@ final class UserController
$S_password_hash = password_hash($S_password, PASSWORD_DEFAULT);
$O_userModel->createUser($S_email, $S_username, $S_password_hash);
- return View::show("user/signup", array("success" => True));
+ return View::show("user/signup", array("success" => True));
+ }
+
+
+ public function viewAction(Array $A_urlParams = null, Array $A_postParams = null)
+ {
+ if(count($A_urlParams)!=0){
+ return View::show("errors/404");
+ }
+
+ session_start();
+ if(!isset($_SESSION)){
+ echo "301 NOT LOGIN";
+ return;
+ }
+
+ return View::show("user/view", $_SESSION);
}
}
diff --git a/Models/UserModel.php b/Models/UserModel.php
index 7c0215b..f9eb26d 100644
--- a/Models/UserModel.php
+++ b/Models/UserModel.php
@@ -24,17 +24,15 @@ final class UserModel
}
- public function isPasswordValid($S_email, $S_password){
+ public function getUserByEmail($S_email){
$O_model = Model::get();
- $stmt = $O_model->prepare("SELECT PASS_HASH FROM USER WHERE EMAIL=:email");
+ $stmt = $O_model->prepare("SELECT * FROM USER WHERE email=:email");
$stmt->bindParam("email", $S_email);
$stmt->execute();
- if($stmt->rowCount()==1){
- $row = $stmt->fetch();
- return password_verify($S_password, $row["PASS_HASH"]);
- }
- return False;
+ $row = $stmt->fetch();
+ if ($row === false) return null;
+ return $row;
}
public function getNameByID($I_id)
diff --git a/Views/user/signin.php b/Views/user/signin.php
index 2731b9a..3e6e633 100644
--- a/Views/user/signin.php
+++ b/Views/user/signin.php
@@ -3,7 +3,7 @@
if ($A_view["success"]) {
echo "Authentifié avec succès !";
} else {
- echo "Authentification échouée";
+ echo "Authentification échouée. Raison : ".$A_view["msg"];
}
?>
\ No newline at end of file
diff --git a/Views/user/view.php b/Views/user/view.php
new file mode 100644
index 0000000..8ba69ad
--- /dev/null
+++ b/Views/user/view.php
@@ -0,0 +1,3 @@
+ Your account :
+ Email :
+ Name :
\ No newline at end of file