public function post() { $car = new CarModel($_POST['guid']); $car->setMake($_POST['make']); $car->setModel($_POST['model']); $car->setYear($_POST['year']); $car->setImage($_POST['image']); // Save picture of the car if picture submitted if (isset($_FILES['file']) && $_FILES['file']['size'] > 0) { // Replace the existing image with a new image of a car if (isset($_POST['image']) && !empty($_POST['image'])) { parent::deleteFile($_POST['image']); } parent::saveFile(); $path = 'uploads/' . $_FILES['file']['name']; $car->setImage($path); $car->save(); } else { if (isset($_POST['delete'])) { // Delete the car and its image $car->delete(); parent::deleteFile($_POST['image']); } else { $car->save(); } } if (headers_sent()) { die('Redirect failed. Please go back to home page'); } else { exit(header('Location: index.php')); } }
public function get() { $userCollection = new UserCollection(); $user = $userCollection->create(); if (isset($_GET['confirm_code']) && !empty($_GET['confirm_code'])) { $confirm_code = parent::sanitizeString($_GET['confirm_code']); $user->setConfirmationCode($confirm_code); if ($user->confirmUser()) { $message = 'You email address have been successfully confirmed. <br /> Please go ahead and log in to your account.'; $success = true; } else { $message = 'We could not confirm your email address at the moment.'; $success = false; } } else { $message = 'Go back to the homepage. Nothing to see here'; $success = false; } if ($success) { $type = 'success'; } else { $type = 'danger'; } $notification = new NotificationsView($message, $type); }
public function post() { // Save the CSV file if submitted if (isset($_FILES['file']) && $_FILES['file']['size'] > 0) { parent::saveFile(); } if (headers_sent()) { die('Redirect failed. Please go back to home page'); } else { exit(header('Location: index.php?page=importcsv')); } }
public function post() { if ($_POST['form']) { $clean = array(); $clean['vin'] = parent::sanitizeString($_POST['vin']); $clean['price'] = parent::sanitizeString($_POST['price']); $clean['condition'] = parent::sanitizeString($_POST['condition']); $clean['img_url'] = parent::sanitizeString($_POST['img_url']); $carCollection = new CarCollection(); $car = $carCollection->create(); $car->setVin($clean['vin']); // Delete the car if delete button was clicked/submitted if (isset($_POST['delete'])) { $message = ''; $type = 'danger'; if ($car->delete()) { $message = 'Congratulations! You\'ve successfully deleted the car.'; $type = 'success'; } else { $message = 'Something went wrong. Please go back and try again'; } $notification = new NotificationsView($message, $type); exit; } $car->setPrice($clean['price']); $car->setCondition($clean['condition']); // Save a new file image if submitted if (isset($_FILES['file']) && $_FILES['file']['size'] > 0) { parent::saveFile(); $path = 'uploads/' . $_FILES['file']['name']; $car->setImageUrl($path); } else { $car->setImageUrl($clean['img_url']); } $message = ''; $type = 'danger'; if ($car->update()) { $message = 'You\'ve successfully updated the information about the car.'; $type = 'success'; } else { $message = 'Something went wrong. Please go back and try again.'; } $notification = new NotificationsView($message, $type); } else { $message = 'Something went wrong. Please go back and try again.'; $type = 'danger'; $notification = new NotificationsView($message, $type); } }
public function __construct($model) { parent::__construct($model); $controller = Request::getController(); if ($controller !== 'login' && $controller !== 'logingo' && $controller !== 'wxlogin') { $loginInfo = Request::getSession($this->sessionId); if (empty($loginInfo) || empty($loginInfo['username']) || empty($loginInfo['id'])) { View::AdminErrorMessage('admin/login', '对不起,你还没有登录!', '_top'); } if (!empty($loginInfo['block']) && $loginInfo['block'] == '1') { Request::delSession($this->sessionId); View::AdminErrorMessage('', '你的帐号被管理员拉黑了!'); } } }
public function get() { $userCollection = new UserCollection(); $user = $userCollection->create(); if (isset($_GET['id'])) { $id = parent::sanitizeString($_GET['id']); $user->setId($id); } else { $id = parent::sanitizeString($_GET['id']); $user->setId($id); } if (isset($_GET['id']) && isset($_SESSION['user_session']) && $_GET['id'] == $_SESSION['user_session']) { $loginHistory = $user->getLoginHistory(); } else { $loginHistory = ''; } $profilePageView = new ProfilePageView($loginHistory, $user->getUsersInformation(), $user->getUsersCars()); }
public function get() { $carCollection = new CarCollection(); $car = $carCollection->create(); $car->setId($_GET['id']); $basicInfo = $car->getBasicInformation(); $carInfo = $basicInfo[0]; $vin = $carInfo['Vin']; $detailedInfo = parent::getCarsDetails($vin); // Check if the car belongs to the user currently logged in $salesman = false; if (isset($_SESSION['user_session'])) { $usersCollection = new UserCollection(); $user = $usersCollection->create(); $user->setId($_SESSION['user_session']); if ($user->checkUsersCar($carInfo['Vin'])) { $salesman = true; } } $carDetailsView = new CarDetailsView($basicInfo, $detailedInfo, $salesman); }
public function post() { $car = new CarModel(); $car->setMake($_POST['make']); $car->setModel($_POST['model']); $car->setYear($_POST['year']); // Save picture of the car if picture submitted if (isset($_FILES['file']) && $_FILES['file']['size'] > 0) { $src = parent::saveFile(); $path = 'uploads/' . $_FILES['file']['name']; $car->setImage($path); $car->save(); } else { $car->save(); } // Redirect if (headers_sent()) { die('Redirect failed. Please go back to home page'); } else { exit(header('Location: index.php')); } }
public function post() { $success = true; // Check for the allowed fields if ($_POST['form'] && empty($_POST['hpt'])) { $allowed = array(); $allowed[] = 'form'; $allowed[] = 'hpt'; $allowed[] = 'email'; $allowed[] = 'password'; $allowed[] = 'captcha'; $sent = array_keys($_POST); if ($allowed == $sent) { if (isset($_POST['email']) && isset($_POST['password'])) { // Check if the captcha field is correct if (isset($_POST['captcha']) && $_POST['captcha'] != $_SESSION['digit']) { $message = 'Something went wrong. Please make sure you are proving correct information.'; $success = false; } // Check if the token from form matches the one saved in the session if (isset($_SESSION['token']) && $_POST['form'] != $_SESSION['token']) { $message = 'Something went wrong. Please try again.'; $success = false; } // If the checks fail if (!$success) { $notification = new NotificationsView($message, 'danger'); session_destroy(); exit; } $clean_email = parent::sanitizeString($_POST['email']); $clean_password = parent::sanitizeString($_POST['password']); $usersCollection = new UserCollection(); $user = $usersCollection->create(); $user->setEmail($clean_email); $user->setPassword($clean_password); if ($user->login()) { $message = 'Congratulations! You have successfully logged in.'; $success = true; } else { $message = 'Incorrect email or password. Please go back and try again.'; $success = false; } } else { $message = 'Please make sure you provide your email and password and try again.'; $success = false; } } else { $message = 'Something went wrong. Please try again.'; $success = false; } } else { $message = 'Something went wrong. Please try again.'; $success = false; } unset($_SESSION['token']); unset($_SESSION['digit']); if ($success) { $type = 'success'; } else { $type = 'danger'; } $notification = new NotificationsView($message, $type); }
public function post() { $success = true; if ($_POST['form']) { $allowed = array(); $allowed[] = 'form'; $allowed[] = 'vin'; $allowed[] = 'price'; $allowed[] = 'condition'; $sent = array_keys($_POST); if ($allowed == $sent) { if (isset($_POST['form']) && isset($_POST['vin']) && isset($_POST['price']) && isset($_POST['condition']) && isset($_FILES['file']) && $_FILES['file']['size'] > 0) { // Check if the toekn from form matches the one saved in the session if (isset($_SESSION['token']) && $_POST['form'] != $_SESSION['token']) { $message = 'Something went wrong. Please try again.'; $success = false; } // Grab details from the API $clean_vin = parent::sanitizeString($_POST['vin']); $carDetails = parent::getCarsDetails($clean_vin); // If the reponse from the API is an error if (isset($carDetails->errorType) && $carDetails->errorType == 'INCORRECT_PARAMS' || isset($carDetails->status) && $carDetails->status == 'NOT_FOUND') { $message = 'Oops! Something went wrong! Please try again with a different VIN.'; $success = false; } // If the checks fail if (!$success) { $notification = new NotificationsView($message, 'danger'); unset($_SESSION['token']); unset($_SESSION['digit']); exit; } // Variables $clean_price = parent::sanitizeString($_POST['price']); $clean_cond = parent::sanitizeString($_POST['condition']); // Save the picture parent::saveFile(); $path = 'uploads/' . $_FILES['file']['name']; $carCollection = new CarCollection(); $car = $carCollection->create(); $car->setVin($clean_vin); $car->setMake($carDetails->make->name); $car->setModel($carDetails->model->name); $car->setYear($carDetails->years[0]->year); $car->setPrice($clean_price); $car->setCondition($clean_cond); $car->setImageUrl($path); $car->setCreatedBy($_SESSION['user_session']); if ($car->save()) { $message = 'Congratulations! You\'ve successfully added a new car.'; $success = true; } else { $message = 'Could not save the car right now. Please try again later.'; $success = false; } } else { $message = 'Something is missing. Please make sure you\'ve specified all input fields'; $success = false; } } else { $message = 'Something went wrong. Please try again.'; $success = false; } } else { $message = 'Something went wrong. Please try again.'; $success = false; } unset($_SESSION['token']); unset($_SESSION['digit']); if ($success) { $type = 'success'; } else { $type = 'danger'; } $notification = new NotificationsView($message, $type); }
static function run() { $instance = new Controller(); $instance->init(); $instance->handleRequest(); }
<?php //set_include_path(__DIR__ . '/app'); spl_autoload_register(function ($class_name) { $class_name = str_replace(array("/", "\\"), DIRECTORY_SEPARATOR, $class_name); include $class_name . '.php'; }); use app\controller as ctrl; //require_once("/var/www/mdl/app/controller/Controller.php"); ctrl\Controller::run();
public function post() { $success = true; if ($_POST['form'] && empty($_POST['hpt'])) { $allowed = array(); $allowed[] = 'form'; $allowed[] = 'hpt'; $allowed[] = 'fname'; $allowed[] = 'lname'; $allowed[] = 'email'; $allowed[] = 'pass'; $allowed[] = 'pass2'; $allowed[] = 'captcha'; $sent = array_keys($_POST); if ($allowed == $sent) { if (isset($_POST['fname']) && isset($_POST['lname']) && isset($_POST['email']) && isset($_POST['pass']) && isset($_POST['pass2'])) { // Check if the captcha field is correct if (isset($_POST['captcha']) && $_POST['captcha'] != $_SESSION['digit']) { $message = 'Something went wrong. Please make sure you are providing correct information.'; $success = false; } // Check if the token from form matches the one saved in the session if (isset($_SESSION['token']) && $_POST['form'] != $_SESSION['token']) { $message = 'Something went wrong. Please try again.'; $success = false; } // Check if the email is valid if (!parent::isValidEmail($_POST['email'])) { $message = 'Incorrect email. Please provide a valid email'; $success = false; } // Check if passwords are matching if ($_POST['pass'] != $_POST['pass2']) { $message = 'Passwords are not matching. Please go back and try again.'; $success = false; } // If the checks fail if (!$success) { $notification = new NotificationsView($message, 'danger'); session_destroy(); exit; } // User data $clean_fname = parent::sanitizeString($_POST['fname']); $clean_lname = parent::sanitizeString($_POST['lname']); $clean_email = parent::sanitizeString($_POST['email']); $clean_pass = parent::sanitizeString($_POST['pass']); $pass_hash = parent::hashPassword($clean_pass); $userCollection = new UserCollection(); $conf_code = md5(uniqid(rand())); $user = $userCollection->create(); $user->setConfirmationCode($conf_code); $user->setFirstName($clean_fname); $user->setLastName($clean_lname); $user->setEmail($clean_email); $user->setPassword($pass_hash); if ($user->register()) { $message = 'Congratulations! You\'ve successfully registered.<br />'; $success = true; // Send confirmation email $to = $clean_email; $subject = 'Thank you for signing up! Please confirm your email address.'; $header = 'From: Tomasz <*****@*****.**>'; $url = 'https://web.njit.edu/~tg77/is218/final/index.php?page=confirmation&confirm_code=' . $conf_code; $msg = 'Your Confirmation Link Click on this link to activate your account: ' . $url . '. Thank you for registering.'; $sendmail = mail($to, $subject, $msg, $header); if ($sendmail) { $message .= 'Your confirmation link has been sent to your email address.<br /> Please confirm your email before logging in.'; } else { $message .= 'Could not send confirmation link to your e-mail address'; } } else { $message = 'Something went wrong! Please try again.'; $success = false; } } else { $message = 'Make sure you\'ve provided all information. Please go back and try again.'; $success = false; } } else { $message = 'Something went wrong. Please go back and try again.'; $success = false; } } unset($_SESSION['token']); unset($_SESSION['digit']); if ($success) { $type = 'success'; } else { $type = 'danger'; } $notification = new NotificationsView($message, $type); }