DjalimSimaila/MVC_Recettes
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
0c1dc52d7d
MVC_Recettes/Controllers/UserController.php
Thomas Rubini 0c1dc52d7d
add action to get user profile picture
2023-01-23 20:32:38 +01:00

199 lines
6.1 KiB
PHP
Raw Blame History

<?php
$__SESSION_TIMEOUT = 2*60*60;
ini_set("session.gc_maxlifetime", $__SESSION_TIMEOUT);
ini_set("session.cookie_lifetime", $__SESSION_TIMEOUT);
final class UserController
{
public function loginAction(Array $A_urlParams = null, Array $A_postParams = null)
{
if (Session::is_login()) {
header("Location: /user/view");
} else {
$S_errmsg = null;
if(Session::resume_session() && isset($_SESSION["errmsg"])){
$S_errmsg = $_SESSION["errmsg"];
unset($_SESSION["errmsg"]);
}
View::show("user/login", array("errmsg" => $S_errmsg));
}
}
public function signInAction(Array $A_urlParams = null, Array $A_postParams = null)
{
$S_email = Utils::getOrDie($A_postParams, "email");
$S_password = Utils::getOrDie($A_postParams, "password");
$O_userModel = new UserModel();
$A_user = $O_userModel->getUserByEmail($S_email);
if ($A_user == null) {
$S_errmsg = "No user with this email";
}else if (!password_verify($S_password, $A_user["PASS_HASH"])) {
$S_errmsg = "Invalid password";
}else if ($A_user["DISABLED"]) {
$S_errmsg = "This account is disabled";
}
if (isset($S_errmsg)) {
Session::start_session();
$_SESSION["errmsg"] = $S_errmsg;
return header("Location: /user/login");
}
Session::set_login($A_user["ID"]);
header("Location: /");
}
public function signUpAction(Array $A_urlParams = null, Array $A_postParams = null)
{
$S_email = Utils::getOrDie($A_postParams, "email");
$S_username = Utils::getOrDie($A_postParams, "username");
$S_password = Utils::getOrDie($A_postParams, "password");
$O_userModel = new UserModel();
if (!filter_var($S_email, FILTER_VALIDATE_EMAIL)) {
$S_errmsg = "invalid email";
} else if( strlen($S_password) < 8 || strlen($S_password) > 150 ) {
$S_errmsg = "password must be between 8 and 150 characters";
} else if($O_userModel->isEmailInDatabase($S_email)) {
$S_errmsg = "An user with this email is already registered";
}
if(isset($S_errmsg)){
Session::start_session();
$_SESSION["errmsg"] = $S_errmsg;
return header("Location: /user/login");
}
$S_password_hash = password_hash($S_password, PASSWORD_DEFAULT);
$O_userModel->createUser($S_email, $S_username, $S_password_hash);
return header("Location: /");
}
public function logoutAction(Array $A_urlParams = null, Array $A_postParams = null)
{
Session::destroy_session();
header("Location: /");
}
// Kept for compatibility purposes
// TODO do a redirect route once implemented
public function viewAction(Array $A_urlParams = null, Array $A_postParams = null)
{
return self::defaultAction($A_urlParams, $A_postParams);
}
public function defaultAction(Array $A_urlParams = null, Array $A_postParams = null)
{
if(count($A_urlParams)!=0){
return View::show("errors/404");
}
Session::login_or_die();
$O_userModel = new UserModel();
$A_user = $O_userModel->getUserByID($_SESSION["ID"]);
return View::show("user/edit", $A_user);
}
public function updateAction(Array $A_urlParams = null, Array $A_postParams = null)
{
Session::login_or_die();
$O_userModel = new UserModel();
// TODO harmonize error handling here
if (isset($_FILES["profilPicture"])) {
if ($_FILES['profilPicture']['error'] !== UPLOAD_ERR_OK) {
die("Upload failed with error code " . $_FILES['profilPicture']['error']);
}
$info = getimagesize($_FILES['profilPicture']['tmp_name']);
if ($info === false) {
die("Unable to determine image type of uploaded file");
}
if (($info[2] !== IMAGETYPE_JPEG) && ($info[2] !== IMAGETYPE_PNG)) {
die("Not a jpeg/png");
}
$fp = fopen($_FILES['profilPicture']['tmp_name'], 'rb');
$O_userModel->updateProfilePicByID($_SESSION["ID"], $fp);
}
if (isset($_POST["email"])) {
$S_email = $_POST["email"];
if (!empty($S_email) && filter_var($S_email, FILTER_VALIDATE_EMAIL)) {
$O_userModel->updateEmailByID($_SESSION["ID"], $_POST["email"]);
}
}
if (isset($_POST["username"])) {
$S_username = $_POST["username"];
if (!empty($S_username)) {
$O_userModel->updateUsernameByID($_SESSION["ID"], $_POST["username"]);
}
}
header("Location: /user");
}
public function deleteAction(Array $A_urlParams = null, Array $A_postParams = null)
{
if (count($A_urlParams) ==0 ) {
self::userDeleteAction($A_urlParams, $A_postParams);
}else{
self::adminDeleteAction($A_urlParams, $A_postParams);
}
}
private function userDeleteAction(Array $A_urlParams = null, Array $A_postParams = null)
{
Session::login_or_die();
$O_userModel = new UserModel();
$O_userModel->deleteByID($_SESSION["ID"]);
Session::destroy_session();
header("Location: /");
}
private function adminDeleteAction(Array $A_urlParams = null, Array $A_postParams = null)
{
Session::admin_or_die();
$I_user_id = Utils::intOrDie($A_urlParams[0]);
$O_userModel = new UserModel();
$O_userModel->deleteByID($I_user_id);
echo "Le compte à été supprimé avec succès";
}
public function profilePicAction(Array $A_urlParams = null, Array $A_postParams = null)
{
if (count($A_urlParams) !== 1 ) die();
$O_userModel = new UserModel();
$A_user = $O_userModel->getUserByID($A_urlParams[0]);
header("Content-Type: image/png");
echo $A_user["PROFILE_PIC"];
return Utils::RETURN_RAW;
}
}
Reference in New Issue View Git Blame Copy Permalink