public function login($username, $password) { //valider login //valider password //pour éviter sql injection //$userdao = new UserDao(new User()); //$userdao->test(); // $dao = new DAO(array('username' =>$username, 'password' =>$password), $this->table ); //$user = $dao->select(); $userDao = new UserDao(new User()); //$where = array('email'=>"$email"); $user = $userDao->getRow(array('username' => $username, 'password' => $password)); if (isset($user)) { require_once WEBAPPROOT . 'security/UserSession.php'; $session = new UserSession(); $session->start(); $session->set($user); //var_dump($session->get()); return $user; } }
function index() { $success = array('success' => '1'); if (isset($_POST['email'])) { $email = trim($_POST['email']); $userDao = new UserDao(new User()); $where = array("email" => $email); $user = $userDao->getRow($where); if ($user) { $id = $user->getId(); $user->setIs_admin(1); $userDao = new UserDao($user); $userDao->update($id); } else { $success = array('success' => '0'); } } $userDao = new UserDao(new User()); $where = array("is_admin" => '1'); $list = $userDao->getAllDataActive($where); $this->set(array("membres" => $list, "success" => $success)); $this->render("administrateur"); }
function userExist($where) { $userDao = new UserDao(new User()); //$where = array('email'=>"$email"); return $userDao->getRow($where); }