public function indexAction()
{
header('content-type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST');
$valid = true;
$errors = [];
$username = trim(ucwords(strtolower(htmlentities($_POST['username']))));
$password = hash('sha256', strrev(ProfileModel::getTimestamp($this->pdo, $username)) . htmlentities($_POST['password']) . '\\Rand0msalT/');
if (!isset($username) || empty($username)) {
$errors['username'] = '******';
$valid = false;
} elseif (SigninModel::checkUsername($this->pdo, $username) !== $username) {
$errors['username'] = '******'existe pas</span>';
$valid = false;
} elseif (!isset($password) || empty($password)) {
$errors['password'] = '******';
$valid = false;
} elseif (SigninModel::getPassword($this->pdo, $username) !== $password) {
$errors['password'] = '******';
$valid = false;
}
$errors['valid'] = $valid;
if ($valid) {
if (isset($_POST['remember'])) {
CookieController::create($this->pdo, $username, $password);
}
AuthModel::authUser($this->pdo, $username, $password);
}
echo json_encode($errors);
}
public function indexAction()
{
header('content-type: application/json');
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST');
$valid = true;
$errors = [];
$username = trim(ucwords(strtolower(htmlentities($_POST['username']))));
$first_name = trim(ucwords(strtolower(htmlentities($_POST['first-name']))));
$last_name = trim(ucwords(strtolower(htmlentities($_POST['last-name']))));
$mail = trim(htmlentities(strtolower($_POST['mail'])));
$password = trim(htmlentities($_POST['password']));
$password2 = trim(htmlentities($_POST['password2']));
$old_username = $_SESSION['auth']['username'];
$id = ProfileModel::getID($this->pdo, $old_username);
$timestamp = ProfileModel::getTimestamp($this->pdo, $old_username);
if (!isset($username) || empty($username)) {
$errors['username'] = '******';
$valid = false;
} elseif (strlen($username) < 6) {
$errors['username'] = '******';
$valid = false;
} elseif (strlen($username) > 24) {
$errors['username'] = '******';
$valid = false;
}
if (!isset($first_name) || empty($first_name)) {
$errors['firstName'] = '<span class="errors">Non saisi</span>';
$valid = false;
} elseif (strlen($first_name) < 2) {
$errors['firstName'] = '<span class="errors">2 caractères min</span>';
$valid = false;
} elseif (strlen($first_name) > 32) {
$errors['firstName'] = '<span class="errors">32 caractères max</span>';
$valid = false;
}
if (!isset($last_name) || empty($last_name)) {
$errors['lastName'] = '<span class="errors">Non saisi</span>';
$valid = false;
} elseif (strlen($last_name) < 2) {
$errors['lastName'] = '<span class="errors">2 caractères min</span>';
$valid = false;
} elseif (strlen($last_name) > 32) {
$errors['lastName'] = '<span class="errors">32 caractères max</span>';
$valid = false;
}
if (!isset($mail) || empty($mail)) {
$errors['mail'] = '<span class="errors">Non saisi</span>';
$valid = false;
} elseif (!filter_var($mail, FILTER_VALIDATE_EMAIL)) {
$errors['mail'] = '<span class="errors">Format incorrect</span>';
$valid = false;
}
if (!isset($password) || empty($password)) {
$password = SigninModel::getPassword($this->pdo, $old_username);
$hash = $password;
$empty_pass = true;
} elseif (strlen($password) < 8) {
$errors['password'] = '******';
$valid = false;
} else {
$hash = hash('sha256', strrev($timestamp) . $password . '\\Rand0msalT/');
}
if (!isset($password2) || empty($password2)) {
if (isset($empty_pass)) {
$password2 = $password;
} else {
$errors['password2'] = '<span class="errors">Non saisi</span>';
$valid = false;
}
} elseif ($password2 !== $password) {
$errors['password2'] = '<span class="errors">Non identiques</span>';
$valid = false;
}
$errors['valid'] = $valid;
if ($valid) {
ProfileModel::editUser($this->pdo, $id, $old_username, $username, $first_name, $last_name, $mail, $hash);
// Update session variables
unset($_SESSION);
session_destroy();
setcookie('auth', '', time() - 3600, '/', null, null, true);
session_start();
AuthModel::authUser($this->pdo, $username, $hash);
}
echo json_encode($errors);
}
