public function indexAction() { if ($this->request->ispost()) { if ($this->request->isAjax()) { $username = $this->request->getPost('username', 'string'); $password = $this->request->getPost('password', 'string'); if (!$username || !$password) { if ($this->banip() >= 5) { $this->session->remove('quantity-login'); $this->sendAjax(array('status' => false, 'message' => "*you're blocked access", 'remove' => true)); } $this->sendAjax(array('status' => false, 'message' => '*Username or password not be blank')); } else { $user = User::findFirstByUsername($username); if (!$user) { if ($this->banip() >= 5) { $this->session->remove('quantity-login'); $this->sendAjax(array('status' => false, 'message' => "*you're blocked access", 'remove' => true)); } $this->sendAjax(array('status' => false, 'message' => '*Invalid username')); } else { if (!$this->security->checkHash($password, $user->pass)) { if ($this->banip() >= 5) { $this->session->remove('quantity-login'); $this->sendAjax(array('status' => false, 'message' => "*you're blocked access", 'remove' => true)); } $this->sendAjax(array('status' => false, 'message' => '*Invalid password')); } else { $this->session->remove('quantity-login'); $this->session->set("user-login", array('username' => $user->username, 'role' => $user->role)); $this->sendAjax(array('status' => true, 'message' => 'Wait a moment...', 'redirect' => '/admin/dashboard/')); } } } } } }
public function insertAction() { if ($this->request->isPost()) { $error = array(); $params = $this->request->getPost(); if (isset($params['fname'])) { $params['fname'] = $this->filter->sanitize(trim($params['fname']), "string"); } if (isset($params['lname'])) { $params['lname'] = $this->filter->sanitize(trim($params['lname']), "string"); } if (isset($params['username'])) { $params['username'] = $this->filter->sanitize(trim($params['username']), "string"); } if (isset($params['role'])) { $params['role'] = $this->filter->sanitize($params['role'], "int"); } if (isset($params['pass'])) { $params['pass'] = $this->filter->sanitize($params['pass'], "string"); $params['pass'] = $params['pass'] ? $this->security->hash($params['pass']) : ''; } $user = User::findFirstByUsername($params['username']); if ($user) { $error['username'] = '******'; } /** kiem tra phan tu rong trong mang */ if (empty($params['fname'])) { $error['fname'] = 'First Name: không được để trống\\n'; } if (empty($params['lname'])) { $error['lname'] = 'Last Name: không được để trống\\n'; } if (empty($params['username'])) { $error['username'] = '******'; } if (empty($params['pass'])) { $error['pass'] = '******'; } $this->errorback($error); $user_create = new User(); User::CreateArr($params, $user_create); $this->closeform(); } }