} $statusMapper->persist(new Status(null, $user, $message, date("Y-m-d H:i:s"))); $response = new Response("Status add correctly", 201); $response->send(); $app->redirect('/statuses', 201); }); $app->delete('/statuses/(\\d+)', function (Request $request, $id) use($app, $statusMapper, $statusFinder) { if (!Verification::checkInteger($id)) { $response = new Response("Error with the object ID", 400); $response->send(); return; } if (!$statusFinder->findOneById($id)) { $response = new Response("Object doesn't exist", 416); $response->send(); return; } $status = $statusFinder->findOneById($id); if ($status->getUser() != $_SESSION['login']) { $response = new Response("You can't delete other status", 400); $response->send(); return; } $statusMapper->remove($id); $app->redirect('/statuses'); }); ///////////////////////////////////////////////////////////////////////////////////////////////// // AUTHENTIFICATION // ///////////////////////////////////////////////////////////////////////////////////////////////// $app->get('/login', function (Request $request) use($app) { $login = $request->getParameter('login'); return $app->render('login.php', array('login' => $login, 'erreur' => ''));
public function delete() { $app = new App(); $result = $app->delete(); header("Location: show"); }
$data = array('status' => $status); if ($request->guessBestFormat() === 'json') { return new JsonResponse($data); } return $app->render('status.php', $data); }); /** * Add a status */ $app->post('/statuses', function (Request $request) use($app, $statusFinder, $statusDM) { $status = new Status(null, $request->getParameter('message'), $request->getParameter('authorName'), new DateTime(), $request->getUserAgent()); $statusDM->persist($status); if ($request->guessBestFormat() === 'json') { return new JsonResponse("statuses/" . count($statusFinder->findAll()), 201); } $app->redirect('/statuses'); }); /** * Delete a status */ $app->delete('/statuses/(\\d+)', function (Request $request, $id) use($app, $statusFinder, $statusDM) { if (is_null($status = $statusFinder->findOneById($id))) { throw new HttpException(404, 'Oups! This status cannot be found :('); } $statusDM->remove($status); if ($request->guessBestFormat() === 'json') { return new JsonResponse(null, 204); } $app->redirect('/statuses'); }); return $app;
return $app->render('login.php', array('error' => "Bad password", 'login' => $userName)); } $_SESSION['id'] = $user->getUserId(); $_SESSION['userName'] = $user->getUserName(); $_SESSION['is_connected'] = true; }); // Matches if the HTTP method is POST -> /register $app->post('/register', function (Request $request) use($app, $userMapper) { $userName = $request->getParameter('userName'); $userPassword = $request->getParameter('userPassword'); if (!isset($userName) || !isset($userPassword)) { $response = new Response("Invalid parameters", 400); $response->send(); return $app->render('register.php', array('error' => "Invalid parameters", 'login' => $userName)); } $userMapper->persist(new User(null, $userName, password_hash($userPassword, PASSWORD_DEFAULT))); $app->redirect('/login', 201); }); // Matches if the HTTP method is PUT -> / $app->put('/', function () use($app) { return $app->render('index.php'); }); // Matches if the HTTP method is DELETE -> /statuses/id $app->delete('/statuses/(\\d+)', function (Request $request, $id) use($app, $statusFinder, $statusMapper) { if (null == $statusFinder->findOneById($id)) { throw new HttpException(404, 'Not Found'); } $statusMapper->remove($id); $app->redirect('/statuses'); }); return $app;
} if (password_verify($password, $user->getPassword())) { session_start(); $_SESSION['is_authenticated'] = true; $_SESSION['user_name'] = $name; $_SESSION['user_id'] = $user->getId(); $_SESSION['user'] = $user; return $app->redirect('/'); } return $app->render('/login'); }); /* * DELETE /statuses/id */ $app->delete('/statuses/(\\d+)', function (Request $request, $id) use($app, $statusMapper) { $statusMapper->remove($id); $app->redirect('/statuses'); }); // Firewall $app->addListener('process.before', function (Request $req) use($app) { session_start(); $allowed = ['/login' => [Request::GET, Request::POST], '/statuses/(\\d+)' => [Request::GET], '/statuses' => [Request::GET, Request::POST], '/register' => [Request::GET, Request::POST], '/statusNotFound' => [Request::GET], '/' => [Request::GET]]; if (isset($_SESSION['is_authenticated']) && true === $_SESSION['is_authenticated']) { return; } foreach ($allowed as $pattern => $methods) { if (preg_match(sprintf('#^%s$#', $pattern), $req->getUri()) && in_array($req->getMethod(), $methods)) { return; } } switch ($req->guessBestFormat()) { case 'json':
return $app->render('register.php', $data); } $userMapper->persist(new User(null, $data['user'], password_hash($data['password'], PASSWORD_DEFAULT))); return $app->redirect('/login'); }); // Matches if the HTTP method is PUT -> / $app->put('/', function () use($app) { return $app->render('index.php'); }); // Matches if the HTTP method is DELETE -> /statuses/id $app->delete('/statuses/(\\d+)', function (Request $request, $id) use($app, $statusFinder, $statusMapper) { if (!Validation::isInt($id)) { $response = new Response("Incorrect id parameter", 400); $response->send(); return; } if (null == $statusFinder->findOneById($id)) { throw new HttpException(404, 'Status not Found'); } $statusMapper->remove($id); return $app->redirect('/statuses'); }); // Firewall $app->addListener('process.before', function (Request $req) use($app) { session_start(); $allowed = ['/login' => [Request::GET, Request::POST], '/statuses' => [Request::GET, Request::POST], '/statuses/' => [Request::GET, Request::POST], '/register' => [Request::GET, Request::POST], '/' => [Request::GET]]; if (isset($_SESSION['is_connected']) && true === $_SESSION['is_connected']) { return; } foreach ($allowed as $pattern => $methods) { if (preg_match(sprintf('#^%s$#', $pattern), $req->getUri()) && in_array($req->getMethod(), $methods)) { return;