Example #1
0
 /**
  * validate
  *
  * Run validation process
  *
  * @return null
  */
 public function validate()
 {
     // each fields
     foreach ($this->_rules as $fieldName => &$rules) {
         $isValid = true;
         $value = $this->_type == 'POST' ? \Request::getPostParam($fieldName) : \Request::getParam($fieldName);
         // each field rules
         foreach ($rules as &$rule) {
             $ruleSize = sizeof($rule);
             if ($ruleSize < 2) {
                 continue;
             }
             // filtering/casting
             if ($rule[0] == 'filter') {
                 $filterNS = '\\common\\filters\\' . $rule[1];
                 $filter = \App::getInstance($filterNS);
                 if ($ruleSize > 2) {
                     $args = array_slice($rule, 2);
                     array_unshift($args, $value);
                     $ref = new \ReflectionMethod($filterNS, 'run');
                     $value = $ref->invokeArgs($filter, $args);
                 } else {
                     $value = $filter->run($value);
                 }
                 // validation
             } else {
                 if ($rule[0] == 'negation' || $rule[0] == 'assertion') {
                     $validatorNS = '\\common\\validators\\' . $rule[1];
                     $validator = \App::getInstance($validatorNS);
                     if ($ruleSize > 3) {
                         $args = array_slice($rule, 2, -1);
                         array_unshift($args, $value);
                         $ref = new \ReflectionMethod($validatorNS, 'isValid');
                         $isValid = $ref->invokeArgs($validator, $args);
                     } else {
                         $isValid = $validator->isValid($value);
                     }
                     // invert to assertion
                     if ($rule[0] == 'assertion') {
                         $isValid = !$isValid;
                     }
                     // update status, append message and out of chain
                     if (!$isValid) {
                         $this->addMessage($fieldName, array_pop($rule));
                         break;
                     }
                     // unknown item type of chain
                 } else {
                     continue;
                 }
             }
         }
         // store sanitized value
         if ($isValid) {
             $this->_data->{$fieldName} = $value;
         }
     }
 }
Example #2
0
 public function login()
 {
     $status = 0;
     $message = "";
     $filter = Filter::getInstance();
     $username = Request::getPostParam("username");
     $password = Request::getPostParam("password");
     if ($filter->isString($username)) {
         if ($username == null || strlen($username) < 6) {
             $status = 403;
             $message = "<strong>Error:</strong> Combinación incorrecta de usuario y contraseña";
         }
     }
     if ($filter->isString($password)) {
         if ($password == null || strlen($password) < 6) {
             $status = 403;
             $message = "<strong>Error:</strong> Combinación incorrecta de usuario y contraseña";
         }
     }
     if ($status != 403) {
         $db = DataBase::getInstance();
         $passSHA1 = sha1($password);
         $query = "SELECT * FROM User WHERE username='{$username}' AND password='{$passSHA1}' ";
         $db->query($query);
         $rows = $db->numRows();
         if ($rows == 0) {
             $status = 403;
             $message = "<strong>Error:</strong> Combinación incorrecta de usuario y contraseña";
         } else {
             $user = $db->fetchObject();
             if (intval($user->isBlocked) == 1) {
                 $status = 402;
                 $message = "<strong>Error:</strong> Usuario bloqueado, contacte con su administrador";
             } else {
                 $status = 200;
                 try {
                     @session_destroy();
                     @session_start();
                     Session::set("status", true, "login");
                     Session::set("username", $user->username, "login");
                     Session::set("role", $user->role, "login");
                 } catch (Exception $ex) {
                     $status = 500;
                     $message = "<strong>Error:</strong> Error del servidor, inténtelo de nuevo más tarde.";
                 }
             }
         }
     }
     header("Content-Type: text/xml", true);
     header("Cache-Control: no-cache, must-revalidate");
     // HTTP/1.1
     header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
     // Date in the past
     print "<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"yes\"?>\n ";
     print "\t<reply>\n";
     print "\t\t<value>\n";
     print "\t\t\t{$status}\n";
     print "\t\t</value>\n";
     print "\t\t<message>\n";
     print "\t\t\t{$message}\n";
     print "\t\t</message>\n";
     print "\t</reply>\n";
     return;
 }
Example #3
0
 /**
  * Action for "/newcomment/" router.
  *
  * @param \Request $request
  *
  * @return Response
  */
 public function newCommentAction(\Request $request)
 {
     $form = $request->getPostParam('form');
     if (empty($form['id_post'])) {
         return $this->indexAction();
     }
     if (empty($form['comment'])) {
         $request->setGetParams(['id' => $form['id_post']]);
         return $this->showPostAction($request);
     }
     $comment = new \MyBlog\Entity\Comment();
     $comment->setOctrine($this->getService('octrine'));
     /** @var \Session $session */
     $session = $this->getService('session');
     if ($session->isClientAuthorized()) {
         $comment->setUserId($session->getUserId());
     }
     $comment->setPostId($form['id_post']);
     $comment->setComment($form['comment']);
     $comment->save();
     $response = new Response();
     $response->setRedirectUrl('/post/?id=' . $comment->getPostId());
     return $response;
 }