public function index_action()
{
if (Routing::getInstance()->isMethod("GET")) {
echo View::render();
return true;
}
$userModel = new UserModel();
if ($userModel->checkUserExist($_REQUEST['username'])) {
$data['error'] = 'Username already used.';
echo View::render($data);
return false;
}
foreach ($_REQUEST as $key => $item) {
if (empty($item)) {
$data['error'] = 'All fields must be provided';
echo View::render($data);
return false;
}
}
if (!$userModel->save($_REQUEST)) {
$data['error'] = 'Problem with DB Query.';
echo View::render($data);
return false;
}
$userData = $userModel->getUserByUsernameAndPassword($_REQUEST['username'], $_REQUEST['password']);
Security::doLogin($userData);
return header("Location:" . Routing::getInstance()->getBaseUrl());
}
public function __construct()
{
$menuModel = new Menu();
$menuItems = $menuModel->getMenuItems();
if (Security::isAdmin()) {
require_once VIEWS_PATH . 'header_admin.php';
return;
}
require_once VIEWS_PATH . 'header.php';
}
public function edit()
{
Security::mustBeAdmin();
$newsModel = new NewsModel();
if (Routing::getInstance()->isMethod("GET")) {
$data = $newsModel->get($_REQUEST['id']);
echo View::render($data);
return true;
}
$result = $newsModel->update($_REQUEST);
}
public static function create($username, $password, $address)
{
if (static::exist($username)) {
throw new \Lib\Exceptions\DuplicateException();
}
$salt = Security::generate_salt();
$hashed_password = static::generate_hash($password, $salt);
$sql = 'INSERT INTO users ' . '(username, password, salt, address) ' . sprintf('VALUES("%s", "%s", "%s", "%s")', $username, $hashed_password, $salt, $address);
$params = array('username' => $username, 'password' => $hashed_password, 'salt' => $salt, 'address' => $address);
HackableDatabase::update($sql);
return new HackableUser($username, $address);
}
public function proccessRoute()
{
$this->controller = !empty($_REQUEST['controller']) ? $_REQUEST['controller'] : 'Index';
$this->action = !empty($_REQUEST['action']) ? $_REQUEST['action'] : 'index_action';
$controllerName = 'controllers\\' . $this->controller;
if (!class_exists($controllerName)) {
return new ErrorHandler(2);
}
// Instance current controller
$controllerClass = new $controllerName();
if (!method_exists($controllerClass, $this->action)) {
return new ErrorHandler(3);
}
$this->cleanupRequest();
Security::isAuth();
call_user_func(array($controllerClass, $this->action), $_REQUEST);
}
<div class="container-fluid">
<div class="row-fluid">
<div class="span2">
<ul class="nav nav-list">
<?php
if (Security::getUser()) {
?>
<li>
<a href="#">Hello <?php
echo Security::getUser()->username;
?>
</a>
</li>
<?php
if (Security::isAdmin()) {
?>
<li>
<a href="<?php
echo Routing::getInstance()->getBaseUrl();
?>
/backend">Admin Panel</a>
</li>
<?php
}
?>
<?php
}
?>
<li class="nav-header">Main Menu</li>
protected static function generate_hash($password, $salt)
{
return Security::hash(sprintf('%s||%s', $password, $salt));
}
public function logout()
{
Security::doLogout();
}