public function login()
{
Users::redirectIf(true);
$nickname = Helper::post('nickname');
$password = Helper::post('password');
if (empty($nickname) || empty($password)) {
Session::setFlash('danger', '', Translate::get('error.forms.missing.content'));
Router::redirect('user.signin');
}
$users = Users::select()->addFields(['id', 'id_group', 'password', 'nickname', 'mail', 'user_key', 'firstname', 'lastname', 'avatar'])->where('nickname', $nickname)->andWhere('mail_check', '1')->orWhere('mail', $nickname)->get(0, 1);
if (empty($users) || !password_verify($password, $users[0]->password)) {
Session::setFlash('danger', '', Translate::get('user.error.login'));
Router::redirect('user.signin');
}
$user = $users[0];
$group = Groups::select()->where('id', $user->id_group)->get();
if (empty($group)) {
Session::setFlash('danger', '', 'Vous n\'êtes pas dans un groupe valide');
Router::redirect('user.signin');
}
$group = $group[0];
$br = new BinaryRight($group->auth_site);
if (!$br->compare(Groups::getAuth('site', 'connection'))) {
Session::setFlash('danger', '', 'Vous ne pouvez pas vous connecter !');
Router::redirect('user.signin');
}
$user->connection_at = BaseModel::now();
$user->save();
Users::sessionSet($user);
Session::setFlash('success', '', Translate::get('user.success.login'));
Router::redirect('home.index');
}
public function update($id, $name)
{
$user = $this->checkUser($id, $name);
if (Session::get('csrf') != Helper::post('_csrf')) {
Router::redirect('home.index');
}
$modified = false;
if (Helper::post('firstname') != null) {
$user->firstname = Helper::post('firstname');
$modified = true;
}
if (Helper::post('lastname') != null) {
$user->lastname = Helper::post('lastname');
$modified = true;
}
$password = [Helper::post('last_password'), Helper::post('new_password'), Helper::post('confirm_password')];
if (password_verify($password[0], $user->password)) {
if ($password[1] == $password[2]) {
$user->password = password_hash($password[1], PASSWORD_BCRYPT);
$modified = true;
}
}
$result = Helper::post('showName') != null;
if ($user->show_name != $result) {
$user->show_name = $result ? 1 : 0;
$modified = true;
}
$result = Helper::post('deleteAvatar') != null;
if ($result) {
$user->avatar = '';
$modified = true;
}
if (isset($_FILES['avatar']['tmp_name']) && !empty($_FILES['avatar']['tmp_name']) && !$result) {
$max_size = 10 * 1024 * 1024;
if ($_FILES['avatar']['size'] > $max_size) {
Session::setFlash('danger', '', Translate::get('user.modify.error.size'));
Router::redirect('account.form', ['id' => $user->id, 'name' => $user->nickname]);
}
$extensions_valides = ['jpg', 'jpeg', 'gif', 'png'];
$extension_upload = strtolower(substr(strrchr($_FILES['avatar']['name'], '.'), 1));
if (!in_array($extension_upload, $extensions_valides)) {
Session::setFlash('danger', '', Translate::get('user.modify.error.format'));
Router::redirect('account.form', ['id' => $user->id, 'name' => $user->nickname]);
}
$old_avatar = 'public/img/avatar/' . $user->avatar;
$name = time() . '-' . $user->id . '-avatar.png';
if (file_exists(__DIR__ . '/../../' . $old_avatar)) {
unlink(__DIR__ . '/../../' . $old_avatar);
}
$manager = new ImageManager();
$manager->make($_FILES['avatar']['tmp_name'])->fit(128, 128)->save('public/img/avatar/' . $name);
$user->avatar = $name;
$modified = true;
}
if ($modified) {
$user->save();
Users::sessionSet($user);
Session::setFlash('success', '', Translate::get('user.modify.success'));
}
Router::redirect('account.form', ['id' => $user->id, 'name' => $user->nickname]);
}
