public function getProfile()
 {
     $result['isEditor'] = Auth::isUserInRole(array('editor', 'admin'));
     $result['isAdmin'] = Auth::isUserInRole(array('admin'));
     $result['user'] = $this->user->getUser(Auth::getUserId());
     View::make('user.profile', $result);
     View::appendTemplateToLayout('topBar', 'top_bar/user');
     View::appendTemplateToLayout('header', 'includes/header')->appendTemplateToLayout('footer', 'includes/footer')->appendTemplateToLayout('catMenu', 'side_bar/category_menu')->render();
 }
 public function login()
 {
     $data = array();
     Session::init();
     var_dump(Session::get('user_name'));
     if (!Session::get('user_name')) {
         if (isset($_POST['username']) && isset($_POST['password'])) {
             $username = $_POST['username'];
             $password = $_POST['password'];
             $users = User::getUser($username, $password);
             // Vaildation user
             if ($users != null) {
                 // Set session
                 Session::set('user_name', $users);
                 $this->render($data, $users);
             } else {
                 echo "Login false";
                 echo "<a href='login'> Login Again </a>";
             }
         } else {
             $this->renderLoginForm($data);
         }
     } else {
         $this->render($data, Session::get('user_name'));
     }
 }
 public function editProfile(UserModel $user, $new_password)
 {
     $validator = new Validation();
     $validator->setRule('required', $user->email, null, 'Email');
     $validator->setRule('required', $user->password, null, 'Current Password');
     $validator->setRule('email', $user->email, null, 'Email');
     if (!$validator->validate()) {
         Session::setError($validator->getErrors());
         Redirect::back();
     }
     /* @var $user \Models\UserModel */
     $userFromDb = $this->user->getUser(Auth::getUserId());
     if (!Common::verifyPassword($user->password, $userFromDb->password)) {
         Session::setError('Current password is not correct');
         Redirect::back();
     }
     if ($this->user->editUser(Auth::getUserId(), $user->email, Common::hashPassword($new_password)) !== 1) {
         Session::setError('Something is wrong. Try again.');
         Redirect::back();
     }
     Session::setMessage('The profile is edited');
     Redirect::to('');
 }
Exemple #4
0
 public static function createPost($user_id, $title, $body, array $tags)
 {
     $user = User::getUser($user_id);
     if (!$user instanceof User) {
         return -1;
         // User does not exist
     }
     if ($title == "") {
         return -2;
     }
     if (count($tags) < 2) {
         return -3;
     }
     $post = new Post();
     $post->title = $title;
     $post->tags = $tags;
     $post->body = $body;
     $post->creator = $user;
     if ($post->save()) {
         return 0;
     } else {
         return -3;
     }
 }
 public function login()
 {
     view('front.login', []);
     if (!empty($_POST)) {
         var_dump($_POST);
         $token = $_POST['_token'];
         if (checked_token($token) == true) {
             $rules = ['login' => FILTER_SANITIZE_STRING, 'password' => FILTER_SANITIZE_STRING];
             $sanitize = filter_input_array(INPUT_POST, $rules);
             var_dump($_POST);
             $users = new User();
             $user = $users->getUser($sanitize['login']);
             if ($user == false) {
                 $_SESSION['error']['login'] = '******'est pas valide';
                 $_SESSION['error']['password'] = '******'est pas valide';
                 header('Location: /login');
                 exit;
             }
             $user = compact('user');
             $error = false;
             foreach ($user as $value) {
                 if ($sanitize['login'] != $value->username) {
                     $_SESSION['error']['login'] = '******'est pas valide';
                     $error = true;
                 }
                 if (!password_verify($sanitize['password'], $value->password)) {
                     $_SESSION['error']['password'] = '******'est pas valide';
                     $error = true;
                 }
             }
             if ($error) {
                 header('Location: /login');
                 exit;
             }
             $_SESSION['users']['username'] = $_POST['login'];
             $_SESSION['users']['password'] = $_POST['password'];
             header('Location: /dashboard');
             exit;
         }
     }
 }