//If false, then action method names will only be converted to camel
//case before being executed.
//NOTE: This setting does not apply to S3MVC_APP_DEFAULT_ACTION_NAME.
// It only applies to the routes below:
// '/{controller}/{action}[/{parameters:.+}]'
// '/{controller}/{action}/'
define('S3MVC_APP_AUTO_PREPEND_ACTION_TO_ACTION_METHOD_NAMES', false);
//This is used to create a controller object to handle the default / route.
//Must be prefixed with the namespace if the controller class is in a namespace.
define('S3MVC_APP_DEFAULT_CONTROLLER_CLASS_NAME', '\\Slim3MvcTools\\Controllers\\BaseController');
//This is the name of the action / method to be called on the default controller
//to handle the default / route. This method should return a response string (ie.
//valid html) or a PSR 7 response object containing valid html in its body.
//This default action / method should accept no arguments / parameters.
define('S3MVC_APP_DEFAULT_ACTION_NAME', 'actionIndex');
s3MVC_GetSuperGlobal();
//this method is first called here to ensure that $_SERVER,
//$_GET, $_POST, $_FILES, $_COOKIE, $_SESSION & $_ENV are
//captured in their original state by the static $super_globals
//variable inside s3MVC_GetSuperGlobal(), before any other
//library, framework, etc. accesses or modifies any of them.
//Subsequent calls to s3MVC_GetSuperGlobal(..) will return
//the stored values.
/**
*
* This function detects which environment your web-app is running in
* (i.e. one of Production, Development, Staging or Testing).
*
* NOTE: Make sure you edit /public/env.php to return one of S3MVC_APP_ENV_DEV,
* S3MVC_APP_ENV_PRODUCTION, S3MVC_APP_ENV_STAGING or S3MVC_APP_ENV_TESTING
* relevant to the environment you are installing your web-app.
public function actionLogin()
{
$request_obj = $this->request;
$data_4_login_view = ['controller_object' => $this, 'error_message' => '', 'username' => '', 'password' => ''];
if (strtoupper($request_obj->getMethod()) === 'GET') {
//show login form
//get the contents of the view first
$view_str = $this->renderView('login.php', $data_4_login_view);
return $this->renderLayout($this->layout_template_file_name, ['content' => $view_str]);
} else {
//this is a POST request, process login
$controller = $this->login_success_redirect_controller ?: 'base-controller';
$prepend_action = !S3MVC_APP_AUTO_PREPEND_ACTION_TO_ACTION_METHOD_NAMES;
$action = $prepend_action ? 'action-' : '';
$success_redirect_path = "{$controller}/{$action}{$this->login_success_redirect_action}";
$this->ensureVespulaAuthObjectIsSet();
$auth = $this->vespula_auth;
//get the auth object
$username = s3MVC_GetSuperGlobal('post', 'username');
$password = s3MVC_GetSuperGlobal('post', 'password');
$error_msg = '';
if (empty($username)) {
$error_msg .= "The 'username' field is empty.";
}
if (empty($password)) {
$error_msg .= empty($error_msg) ? '' : '<br>';
$error_msg .= "The 'password' field is empty.";
}
if (empty($error_msg)) {
$credentials = ['username' => filter_var($username, FILTER_SANITIZE_STRING), 'password' => $password];
$auth->login($credentials);
//try to login
if ($auth->isValid()) {
$msg = "You are now logged into a new session.";
//since we are successfully logged in, resume session if any
if (session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
if (isset($_SESSION[static::SESSN_PARAM_LOGIN_REDIRECT])) {
//there is an active session with a redirect url stored in it
$success_redirect_path = $_SESSION[static::SESSN_PARAM_LOGIN_REDIRECT];
//since login is successful remove stored redirect url,
//it has served its purpose & we'll be redirecting now.
unset($_SESSION[static::SESSN_PARAM_LOGIN_REDIRECT]);
}
} else {
$msg = 'Login Failed!<br>' . $auth->getAdapter()->getError();
}
} else {
$msg = $error_msg;
}
if (s3MVC_GetCurrentAppEnvironment() === S3MVC_APP_ENV_DEV) {
$msg .= '<br>' . nl2br(s3MVC_DumpAuthinfo($auth));
}
if ($auth->isValid()) {
if (strpos($success_redirect_path, s3MVC_GetBaseUrlPath()) === false) {
//prepend base path
$success_redirect_path = s3MVC_GetBaseUrlPath() . '/' . ltrim($success_redirect_path, '/');
}
//re-direct
return $this->response->withHeader('Location', $success_redirect_path);
} else {
//re-display login form with error messages
$data_4_login_view['error_message'] = $msg;
$data_4_login_view['username'] = $username;
$data_4_login_view['password'] = $password;
//get the contents of the view first
$view_str = $this->renderView('login.php', $data_4_login_view);
return $this->renderLayout($this->layout_template_file_name, ['content' => $view_str]);
}
}
}
/**
*
* Returns the base path segment of the URI.
* It performs the same function as \Slim\Http\Uri::getBasePath()
* You are strongly advised to use this function instead of
* \Slim\Http\Uri::getBasePath(), in order to ensure that your
* app will be compatible with other PSR-7 implementations because
* \Slim\Http\Uri::getBasePath() is not a PSR-7 method.
*
* @return string
*/
function s3MVC_GetBaseUrlPath()
{
static $server, $base_path, $has_been_computed;
if (!$server) {
//copy / capture the super global only once
$server = s3MVC_GetSuperGlobal('server');
}
if (!$base_path && !$has_been_computed) {
$base_path = '';
$has_been_computed = true;
$requestScriptName = parse_url($server['SCRIPT_NAME'], PHP_URL_PATH);
$requestScriptDir = dirname($requestScriptName);
// parse_url() requires a full URL. As we don't extract the domain name or scheme,
// we use a stand-in.
$requestUri = parse_url('http://example.com' . $server['REQUEST_URI'], PHP_URL_PATH);
if (strcasecmp($requestUri, $requestScriptName) === 0) {
$base_path = $requestScriptName;
} elseif ($requestScriptDir !== '/' && stripos($requestUri, $requestScriptDir) === 0) {
$base_path = $requestScriptDir;
}
}
return $base_path;
}
