Beispiel #1
0
 public function index_action()
 {
     if (Routing::getInstance()->isMethod("GET")) {
         echo View::render();
         return true;
     }
     $userModel = new UserModel();
     if ($userModel->checkUserExist($_REQUEST['username'])) {
         $data['error'] = 'Username already used.';
         echo View::render($data);
         return false;
     }
     foreach ($_REQUEST as $key => $item) {
         if (empty($item)) {
             $data['error'] = 'All fields must be provided';
             echo View::render($data);
             return false;
         }
     }
     if (!$userModel->save($_REQUEST)) {
         $data['error'] = 'Problem with DB Query.';
         echo View::render($data);
         return false;
     }
     $userData = $userModel->getUserByUsernameAndPassword($_REQUEST['username'], $_REQUEST['password']);
     Security::doLogin($userData);
     return header("Location:" . Routing::getInstance()->getBaseUrl());
 }
Beispiel #2
0
 public function __construct()
 {
     $menuModel = new Menu();
     $menuItems = $menuModel->getMenuItems();
     if (Security::isAdmin()) {
         require_once VIEWS_PATH . 'header_admin.php';
         return;
     }
     require_once VIEWS_PATH . 'header.php';
 }
Beispiel #3
0
 public function edit()
 {
     Security::mustBeAdmin();
     $newsModel = new NewsModel();
     if (Routing::getInstance()->isMethod("GET")) {
         $data = $newsModel->get($_REQUEST['id']);
         echo View::render($data);
         return true;
     }
     $result = $newsModel->update($_REQUEST);
 }
Beispiel #4
0
 public static function create($username, $password, $address)
 {
     if (static::exist($username)) {
         throw new \Lib\Exceptions\DuplicateException();
     }
     $salt = Security::generate_salt();
     $hashed_password = static::generate_hash($password, $salt);
     $sql = 'INSERT INTO users ' . '(username, password, salt, address) ' . sprintf('VALUES("%s", "%s", "%s", "%s")', $username, $hashed_password, $salt, $address);
     $params = array('username' => $username, 'password' => $hashed_password, 'salt' => $salt, 'address' => $address);
     HackableDatabase::update($sql);
     return new HackableUser($username, $address);
 }
Beispiel #5
0
 public function proccessRoute()
 {
     $this->controller = !empty($_REQUEST['controller']) ? $_REQUEST['controller'] : 'Index';
     $this->action = !empty($_REQUEST['action']) ? $_REQUEST['action'] : 'index_action';
     $controllerName = 'controllers\\' . $this->controller;
     if (!class_exists($controllerName)) {
         return new ErrorHandler(2);
     }
     // Instance current controller
     $controllerClass = new $controllerName();
     if (!method_exists($controllerClass, $this->action)) {
         return new ErrorHandler(3);
     }
     $this->cleanupRequest();
     Security::isAuth();
     call_user_func(array($controllerClass, $this->action), $_REQUEST);
 }
Beispiel #6
0
        <div class="container-fluid">
            <div class="row-fluid">
                <div class="span2">
                    <ul class="nav nav-list">
                         <?php 
if (Security::getUser()) {
    ?>
                            <li>
                                <a href="#">Hello <?php 
    echo Security::getUser()->username;
    ?>
</a>
                            </li>
                            
                            <?php 
    if (Security::isAdmin()) {
        ?>
                            <li>
                                <a href="<?php 
        echo Routing::getInstance()->getBaseUrl();
        ?>
/backend">Admin Panel</a>
                            </li>
                            <?php 
    }
    ?>
                        <?php 
}
?>
                        
                        <li class="nav-header">Main Menu</li>
Beispiel #7
0
 protected static function generate_hash($password, $salt)
 {
     return Security::hash(sprintf('%s||%s', $password, $salt));
 }
Beispiel #8
0
 public function logout()
 {
     Security::doLogout();
 }