public function log()
{
$usermanager = new \Manager\UserManager();
$auth = new \W\Security\AuthentificationManager();
$passwordError = "";
if ($_POST) {
if ($_POST['logger'] == null || $_POST['password'] == null) {
$passwordError = "vide!";
} else {
$logger = $_POST['logger'];
$password = $_POST['password'];
$pos = strpos($logger, '@');
//on test sur le champ username
if ($pos === false) {
$username = $logger;
if ($usermanager->usernameExists($username)) {
if ($auth->isValidLoginInfo($username, $password)) {
$user = $usermanager->getUserByUsernameOrEmail($username);
$auth->logUserIn($user);
if ($_POST['remember']) {
setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true);
}
$this->show('logger/log', ["passwordError" => $passwordError]);
} else {
$passwordError = "Wrong login/mp couple!";
}
} else {
$passwordError = "Login not found!";
}
} else {
//sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email
$email = $logger;
if ($usermanager->emailExists($email)) {
if ($auth->isValidLoginInfo($email, $password)) {
$user = $usermanager->getUserByUsernameOrEmail($email);
$auth->logUserIn($user);
if ($_POST['remember']) {
setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true);
}
$this->show('logger/log', ["passwordError" => $passwordError]);
} else {
$passwordError = "Wrong email/mp couple!";
}
} else {
$passwordError = "Email not found";
}
}
}
}
$this->show('logger/log', ["passwordError" => $passwordError]);
}
/**
* Page de connexion
*/
public function login()
{
if (isset($_POST['login-submit'])) {
// Si on a reçu une soumission de formulaire
if (!isset($_POST['email']) || empty($_POST['email']) || !isset($_POST['password']) || empty($_POST['password'])) {
// S'il manque des informations
$this->redirectToRoute('login');
}
$authManager = new \W\Security\AuthentificationManager();
$userId = $authManager->isValidLoginInfo($_POST['email'], $_POST['password']);
if ($userId) {
// Les infos sont cohérentes
$usersManager = new \Manager\UserManager();
$user = $usersManager->find($userId);
unset($user['password']);
// Enregistrement des infos utilisateur en session
$authManager->logUserIn($user);
// Retour à l'accueil
$this->redirectToRoute('home');
}
// Si il y a une erreur dans le login ou le mot de passe
$this->show('default/login', ['errorConnection' => true]);
}
// on va sur la page de login de base
$this->show('default/login');
}
/**
* Login de l'utilisateur
* Affichage de la page des choriste
**/
public function login()
{
$userLogin = new \W\Security\AuthentificationManager();
if ($this->getuser() != NULL) {
$this->redirectToRoute('choristes_actus');
// si l'utilisateur est deja connecté on le renvoi vers le coin des choristes
}
if (isset($_POST['sent'])) {
// si il n'est pas connecté il arrive sur le formulaire de connexion ou il renseigne mail et mdp
$login = $_POST['login'];
$password = $_POST['password'];
$id = $userLogin->isValidLoginInfo($login, $password);
if ($id) {
$findUser = new \Manager\UsersManager();
$user = $findUser->find($id);
$userLogin->logUserIn($user);
$this->getUser();
$this->redirectToRoute('choristes_actus');
}
}
$this->show('default/login');
}
public function login()
{
if (isset($_POST['login-submit'])) {
// Si on a reçu une soumission de formulaire
if (!isset($_POST['login']) || empty($_POST['login']) || !isset($_POST['password']) || empty($_POST['password'])) {
// S'il manque des informations
$this->redirectToRoute('login');
}
$authManager = new \W\Security\AuthentificationManager();
$userId = $authManager->isValidLoginInfo($_POST['login'], $_POST['password']);
if ($userId) {
// Les infos sont coherentes
$usersManager = new \Manager\UsersManager();
$user = $usersManager->find($userId);
unset($user['password']);
// Enregistrement des infos utilisateur en session
$authManager->logUserIn($user);
$this->redirectToRoute('todolist_list');
}
$this->show('default/login', ['errorConnection' => true]);
}
$this->show('default/login');
}
public function login()
{
function securise($string)
{
if (ctype_digit($string)) {
$string = intval($string);
} else {
$string = mysql_real_escape_string($string);
$string = addcslashes($string, '%_');
$string = htmlspecialchars($string);
}
return $string;
}
if (isset($_POST['login-submit'])) {
// Si on a reçu une soumission de formulaire
if (!isset($_POST['login']) || empty($_POST['login']) || !isset($_POST['password']) || empty($_POST['password'])) {
// S'il manque des informations
$this->redirectToRoute('login');
}
$authManager = new \W\Security\AuthentificationManager();
$login = securise($_POST['login']);
$password = securise($_POST['password']);
$userId = $authManager->isValidLoginInfo($login, $password);
if ($userId) {
// Les infos sont coherentes
$usersManager = new \Manager\UsersManager();
$user = $usersManager->find($userId);
unset($user['password']);
// insertion des datas initiales en db
// Enregistrement des infos utilisateur en session
$authManager->logUserIn($user);
$this->redirectToRoute('backoffice');
}
$this->show('Default/login', ['errorConnection' => true]);
}
$this->show('Default/login');
}
public function log()
{
$usermanager = new \Manager\UserManager();
$auth = new \W\Security\AuthentificationManager();
unset($_SESSION['error']);
$isValid = true;
if ($_POST) {
if (\isIsset($_POST)) {
$logger = $_POST['logger'];
$password = $_POST['password'];
$pos = strpos($logger, '@');
//on test sur le champ username
if ($pos === false) {
$username = $logger;
if ($usermanager->usernameExists($username)) {
if ($auth->isValidLoginInfo($username, $password)) {
$user = $usermanager->getUserByUsernameOrEmail($username);
$auth->logUserIn($user);
if (isset($_POST['remember'])) {
setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', 'mudeo.dev', false, true);
}
$return = \confirmAccount($user['token_timestamp']);
$_SESSION['error']['log'] = $return[1];
} else {
$isValid = false;
$_SESSION['error']['log'] = "Wrong login/mp couple!";
}
} else {
$isValid = false;
$_SESSION['error']['log'] = "Login not found!";
}
} else {
//sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email
$email = $logger;
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
if ($usermanager->emailExists($email)) {
if ($auth->isValidLoginInfo($email, $password)) {
$user = $usermanager->getUserByUsernameOrEmail($email);
$auth->logUserIn($user);
if (isset($_POST['remember'])) {
setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', 'localhost', false, true);
}
$return = \confirmAccount($user['token_timestamp'], $_SESSION['user']['subscription']);
$isValid = $return[0];
$_SESSION['error']['log'] = $return[1];
} else {
$isValid = false;
$_SESSION['error']['log'] = "Mauvais couple email/mot de passe !";
}
} else {
$isValid = false;
$_SESSION['error']['log'] = "Email pas présent dans la base ! ";
}
} else {
$isValid = false;
$_SESSION['error']['log'] = "Le format de l'email n'est pas valide !";
}
}
// fin si mail
} else {
$isValid = false;
$_SESSION['error']['log'] = "Veuillez remplir tous les champs !";
}
}
if ($isValid) {
$this->redirectToRoute('userhome');
} else {
$this->redirectToRoute('home');
}
}
/**
* Page de connexion
*/
public function login()
{
$errorconnect = '';
// vérification de la combinaison d'email et mdp présents en bdd
if (!empty($_POST)) {
$email = $_POST['email'];
$password = $_POST['password'];
if (isset($_POST['stayLogin'])) {
$stayLogin = $_POST['stayLogin'];
} else {
$stayLogin = false;
}
$authentificationManager = new \W\Security\AuthentificationManager();
$result = $authentificationManager->isValidLoginInfo($email, $password);
// si identifiants OK
if ($result > 0) {
// on récupère l'email en base de donnée
$userManager = new \Manager\UserManager();
$user = $userManager->find($result);
// on le connecte
$authentificationManager->logUserIn($user);
// on crée un cookies si l'utilisateur veut rester connecté
if ($stayLogin) {
// création d'un token pour le cookie
$token = \W\Security\StringUtils::randomString(32);
// hask du tocken et json_encode du value du cookies
$tokenHash = password_hash($token, PASSWORD_DEFAULT);
$value = json_encode(["id" => $user['id'], "token" => $token]);
setcookie("kikala_remember_me", $value, time() + 3660, '/');
// MAJ de la BDD avec le token du cookie
$userManager->update(['tokenCookie' => $tokenHash], $user['id']);
}
$this->redirectToRoute("home");
} else {
$errorconnect = "Email inconnu ou mot de passe incorrect";
}
}
// affiche la page
$this->show('user/login', ['error' => $errorconnect]);
}
