/**
* Display a listing of the resource.
*
* @return Response
*/
public function LogIn()
{
$un = Input::get('username');
$pw = Input::get('password');
$chk1 = Login::where('strUsername', '=', Input::get('username'))->first();
$chk2 = Login::where('strPassword', '=', Input::get('password'))->first();
if ($chk1 && $chk2) {
//$id = Login::all();
$empId = DB::table('tblLogin')->join('tblEmployees', function ($join) {
$join->on('tblLogin.strLoginEmpID', '=', 'tblEmployees.strEmpID');
})->join('tblBranches', function ($join) {
$join->on('tblEmployees.strEmpBrchID', '=', 'tblBranches.strBrchID');
})->join('tblRoles', function ($join) {
$join->on('tblEmployees.strEmpRoleID', '=', 'tblRoles.strRoleID');
})->get();
$orders = Order::with('supplier', 'employee', 'products', 'notes')->get();
//dashboard(danger stocks)
$index = DB::table('tblInventory')->join('tblProducts', function ($join) {
$join->on('tblInventory.strProdID', '=', 'tblProducts.strProdID')->where('tblInventory.intAvailQty', '<=', '10');
})->get();
return View::make('index')->with('index', $index)->with('empId', $empId)->with('un', $un)->with('orders', $orders);
} else {
return Redirect::to('/')->with('message', 'Login Failed, USERNAME/PASSWORD Dont Exists');
}
}
/**
* Display a listing of the resource.
*
* @return Response
*/
public function LogIn()
{
$un = Input::get('username');
$pw = Input::get('password');
$chk1 = Login::where('strUsername', '=', Input::get('username'))->first();
$chk2 = Login::where('strPassword', '=', Input::get('password'))->first();
if ($chk1 && $chk2) {
Session::put('username', '$un');
$id = Login::all();
//dashboard(danger stocks)
$index = DB::table('tblInventory')->join('tblProducts', function ($join) {
$join->on('tblInventory.strProdID', '=', 'tblProducts.strProdID')->where('tblInventory.intAvailQty', '<=', '10');
})->get();
return View::make('index')->with('id', $id)->with('index', $index);
} else {
return Redirect::to('/')->with('message', 'Login Failed, USERNAME/PASSWORD Dont Exists');
}
}
public function setUpData()
{
$user = new User();
$user->email = '*****@*****.**';
$user->password = '******';
$user->fb_id = '123456';
$user->save();
$this->_user_id = User::where('email', '*****@*****.**')->first()->user_id;
$login = new Login();
$login->id = 1;
$login->user_id = $this->_user_id;
$login->session_id = '3f9a362bb40714f77cadfd9f5b9d801b';
$login->expired_at = '2019-07-30';
$login->save();
$this->_session = '3f9a362bb40714f77cadfd9f5b9d801b';
$this->_user_id = Login::where('session_id', $this->_session)->first()->user_id;
$winery = new Winery();
$winery->id = 1;
$winery->brand_name = 'Winery 1';
$winery->country_id = '1';
$winery->region = 'Abkhazia';
$winery->save();
$wine = new Wine();
$wine->wine_id = 1;
$wine->name = 'Wine_1';
$wine->rakuten_id = 'rakuten_drinkshop_10508227';
$wine->original_name = "this is wine_1";
$wine->original_name_2 = "wine_1";
$wine->winery_id = 1;
$wine->year = '2009';
$wine->wine_unique_id = '1_2009';
$wine->average_price = "2200.00";
$wine->average_rate = "3.5";
$wine->rate_count = "3";
$wine->save();
$this->session(array('user_id' => $this->_user_id));
}
/**
* @author: Widana Nur Azis
*/
public function autentication()
{
$userlogin = Input::get('userlogin');
$password = Input::get('password');
$user = Login::where('username', '=', $userlogin)->orWhere('email', '=', $userlogin)->first();
if ($user != null) {
$password_hash = $user->password;
if (password_verify($password, $password_hash)) {
} else {
//here password not alerdy exist
return Redirect::to('/')->with('message', 'invalid username or password');
}
} else {
//password is not there
return Redirect::to('/')->with('message', 'invalid username or password');
}
Session::put('userlogin', $user);
//update key session_id
$get_user_id = Session::get('userlogin');
$update_session_id = Login::find($get_user_id->user_id);
$update_session_id->session_id = md5(time());
$update_session_id->save();
return Redirect::to('/dashboard');
}
function __get_user_from_token($token)
{
$login = Login::where('token', $token)->first();
if ($login == NULL) {
return NULL;
}
$login->updated_at = date('Y-m-d');
$login->save();
return $login->user;
}
|
| The CSRF filter is responsible for protecting your application against
| cross-site request forgery attacks. If this special token in a user
| session does not match the one given in this request, we'll bail.
|
*/
Route::filter('csrf', function () {
if (Session::token() != Input::get('_token')) {
throw new Illuminate\Session\TokenMismatchException();
}
});
Route::filter('session', function () {
$session = Request::header('session');
$error_code = ApiResponse::SESSION_INVALID;
$data = ApiResponse::getErrorContent(ApiResponse::SESSION_INVALID);
if (empty($session)) {
return array("code" => $error_code, "data" => $data);
} else {
$login = Login::where('session_id', $session)->first();
$date = Carbon::now()->format('Y-m-d H:i:s');
if ($date > $login["expired_at"]) {
return array("code" => $error_code, "data" => $data);
}
$user = User::where('user_id', $login->user_id)->first();
if ($user) {
Session::put('user_id', $login->user_id);
} else {
return array("code" => $error_code, "data" => $data);
}
}
});
