private function sendActivation($user_id, $email)
{
$token = Tools::hash($email);
$url = Tools::generateUrl(['activate_account', $token]);
$user = User::findOrFail($user_id);
$user->activate_token = $token;
$user->save();
Mailing::activate($email, $url);
}
public function registration()
{
$mode = $this->getParam('mode');
$email = strtolower($this->getParam('email'));
$name = Tools::ucwords($this->getParam('name', 'NoName'));
$familyName = Tools::ucwords($this->getParam('family_name'));
$password = $this->getParam('password');
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
exit(json_encode(['result' => 'fail', 'message' => 'Некорректный Email-адрес']));
}
if ($mode == 'check-email') {
$email = DB::run()->query("select email from users where email = '" . $email . "'")->fetch();
if ($email) {
exit(json_encode(['result' => 'fail', 'message' => 'Такой Email уже зарегистрирован в системе!']));
} else {
exit(json_encode(['result' => 'done', 'message' => 'Email свободен для регистрации']));
}
}
if (!$email || !$password) {
exit(json_encode(['result' => 'fail', 'message' => 'Все поля формы обязательны для заполнения']));
}
$family = DB::run()->prepare('insert into families (name) values (?)');
$user = DB::run()->prepare('insert into users (family, name, email, password, role, registered_date, updated_at, remember_token) values (?, ?, ?, ?, ?, ?, ?, ?)');
$rememberToken = Tools::hash($email, time());
try {
DB::run()->beginTransaction();
$family->execute([$familyName]);
$familyId = DB::run()->lastInsertId('id');
$registeredDate = date('Y-m-d H:i:s');
$user->execute([$familyId, $name, $email, Tools::hash($password, Registry::get('hash_salt')), 'manager', $registeredDate, $registeredDate, $rememberToken]);
$userId = DB::run()->lastInsertId('id');
DB::run()->commit();
} catch (PDOException $e) {
DB::run()->rollBack();
exit(json_encode(['result' => 'fail', 'message' => $e->getMessage()]));
}
if ($userId) {
setcookie('auth', $rememberToken, time() + 3600 * 24 * 2, '/');
Tools::setUserAuth((object) ['id' => $userId, 'family' => $familyId, 'name' => $name, 'email' => $email, 'role' => 'manager', 'registered_date' => $registeredDate]);
}
exit(json_encode(['result' => 'done', 'message' => 'Успешная регистрация!<br>Сейчас Вы будете перенаправлены!']));
}
public static function setProfileIdAttribute($value)
{
$this->attributes['profile_id'] = Tools::hash($value);
}
<?php
defined("_nova_district_token_") or die('');
//gestion déconnexion
if (isset($_GET['a']) and $_GET['a'] == "deco") {
UsersManager::instance()->disconnect();
}
//gestion connexion
if (!isset($_SESSION['user']) and isset($_POST['connection'])) {
if (isset($_POST['email']) and $_POST['email'] != "" and isset($_POST['pass']) and $_POST['pass'] != "") {
$result = UsersManager::instance()->connect($_POST['email'], Tools::hash($_POST['pass']));
if (Tools::getParentClass($result) == "User") {
$_SESSION['user'] = $result;
// la session est ouverte
} else {
if (Tools::getClass($result) == "Error") {
$errors["connection"] = $result;
} else {
$errors["connection"] = new Error("Echec : Email ou mot de passe invalide");
}
}
}
}
//On inclut la vue
include dirname(__FILE__) . '/../views/header.php';
public function addFamily()
{
if (Registry::get('user')->role != 'admin') {
$err = new Error();
$err->error(404);
return;
}
$name = $this->getParam('name');
$email = strtolower($this->getParam('email'));
$password = $this->getParam('password');
$familyName = $this->getParam('family');
if (!empty($name) && !empty($email) && !empty($password) && !empty($familyName)) {
$registeredEmail = DB::run()->query('select email from users where email = ' . DB::run()->quote($email))->fetch();
if ($registeredEmail) {
exit(json_encode(['result' => 'fail', 'message' => 'Такой Email/Логин уже зарегистрирован в системе!']));
}
$stmt = DB::run()->prepare('insert into users (family, name, email, password, role, registered_date, updated_at) values (?, ?, ?, ?, ?, ?, ?)');
$stmt2 = DB::run()->prepare('insert into families (name) values (?)');
try {
DB::run()->beginTransaction();
$date = date('Y-m-d H:i:s');
$stmt2->execute([$familyName]);
$familyId = DB::run()->lastInsertId('id');
$stmt->execute([$familyId, $name, $email, Tools::hash($password, Registry::get('hash_salt')), 'manager', $date, $date]);
DB::run()->commit();
exit(json_encode(['result' => 'done', 'message' => 'Новый менеджер и семья успешно добавлены в систему!']));
} catch (PDOException $e) {
DB::run()->rollBack();
exit(json_encode(['result' => 'fail', 'message' => $e->getMessage()]));
}
}
exit(json_encode(['result' => 'fail', 'message' => 'Все поля должны быть заполнены!']));
}
<?php
defined("_nova_district_token_") or die('');
// formulaire d'inscription
if (isset($_POST['inscription']) and isset($_POST['email']) and isset($_POST['pass'])) {
if (Tools::checkEmail($_POST['email']) and Tools::checkPassword($_POST['pass']) and $_POST['pass'] == $_POST['pass2']) {
$mb = new Member();
$mb->setEmail(Tools::secure($_POST['email']));
$mb->setPassword(Tools::secure(Tools::hash($_POST['pass'])));
$result = UsersManager::instance()->add($mb);
if (Tools::getParentClass($result) == "User") {
$_SESSION['user'] = $result;
die('<meta http-equiv="refresh" content="0;URL=app/index.php?p=welcome">');
} else {
if (Tools::getClass($result) == "Error") {
$errors["inscription"] = $result;
} else {
$errors['inscription'] = new Error();
}
}
} else {
$errors['inscription'] = new Error("Votre email est invalide ou vos mots de passes ne sont pas identiques !");
}
}
//On inclut la vue
include dirname(__FILE__) . '/../views/inscription.php';
