public function loginIn()
{
//判断参数是否合法
$email = $_POST['em'];
$passwd = $_POST['pass'];
$check = $_POST['check'];
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
$regex = '/[^A-Za-z0-9]/';
if (!filter_var($email, FILTER_VALIDATE_EMAIL) || preg_match($regex, $passwd) || strlen($passwd) < 6) {
$result['errNum'] = '0006';
$result['errMsg'] = errorcode::$error[$result['errNum']];
$this->renderJson($result);
}
//读取mysql
$userModel = new userModel();
$passwd = md5($passwd);
$ret = $userModel->select($email, $passwd);
$retEmail = null;
if (is_object($ret)) {
$retEmail = $ret->fetch_array()['email'];
}
if (!$ret || !$retEmail) {
$result['errNum'] = '0001';
$result['errMsg'] = errorcode::$error[$result['errNum']];
$this->renderJson($result);
}
//写入session
if ($check == "yes") {
$_SESSION['email'] = $email;
}
$result['email'] = $retEmail;
$result['errNum'] = '0000';
$result['errMsg'] = errorcode::$error[$result['errNum']];
$this->renderJson($result);
}
if (is_null($user)) {
$view = "error";
$pagetitle = "Controller : Votre profil n'a pas été correctement trouvé dans la base de donnée...";
} else {
$view = "profil";
}
break;
case "updateUser":
if (!isset($_SESSION['login'])) {
$view = "error";
$pagetitle = "Controller = Vous n'êtes pas connecté.";
break;
}
if ($_SESSION['login'] == escape($_GET['login']) || $_SESSION['admin'] == 1) {
$data = array("pseudo" => escape($_GET['login']));
$userToUpdate = userModel::select($data);
$zePseudo = escape($_GET['login']);
$zeName = $userToUpdate->name;
$zeMail = $userToUpdate->mail;
} else {
$view = "error";
$pagetitle = "Controller = Vous n'avez pas les droits pour modifier ce profil.";
break;
}
$isDisabled = "readonly";
//On ne peut pas modifier la clé de la table
$label = "Mise à jour";
$submit = "Mettre à jour";
$action = "confirmUpdate";
$view = "formUser";
break;