public function postAuth(Request $request) { if (AuthController::verifyCredentials(Auth::user()->email, $request->password) || Auth::user()->utwente_username && AuthController::verifyUtwenteCredentials(Auth::user()->utwente_username, $request->password)) { $request->session()->put('passwordstore-verify', strtotime('+10 minutes')); $request->session()->flash('flash_message', 'You can access this tool for 10 minutes.'); return Redirect::route('passwordstore::index'); } else { $request->session()->flash('flash_message', 'Wrong password.'); return Redirect::route('passwordstore::auth'); } }
/** * Store a newly created resource in storage. * This method returns raw HTML and is intended to be used via AJAX! * * @param \Illuminate\Http\Request $request * @return \Illuminate\Http\Response */ public function store(Request $request) { $user = AuthController::verifyCredentials($request->input('username'), $request->input('password')); if (!$user) { return "<span style='color: red;'>Invalid credentials.</span>"; } if (!$user->member) { return "<span style='color: red;'>You must be a member to use the OmNomCom.</span>"; } $uid = $request->input('card'); $card = RfidCard::where('card_id', $uid)->first(); if ($card) { if ($card->user->id == $user->id) { return "<span style='color: red;'>This card is already registered to you!</span>"; } else { return "<span style='color: red;'>This card is already registered to someone.</span>"; } } else { $card = RfidCard::create(['user_id' => $user->id, 'card_id' => $uid]); $card->save(); return "<span style='color: green;'>This card has been successfully registered to " . $user->name . ".</span>"; } }
public function buy(Request $request, $store) { $stores = config('omnomcom.stores'); if (array_key_exists($store, $stores)) { $storedata = $stores[$store]; if (!in_array($request->ip(), $storedata->addresses) && !Auth::user()->can($storedata->roles)) { return "<span style='color: red;'>You are not authorized to do this.</span>"; } } else { return "<span style='color: red;'>This store doesn't exist.</span>"; } switch ($request->input('credentialtype')) { case 'account': $credentials = $request->input('credentials'); $user = AuthController::verifyCredentials($credentials['username'], $credentials['password']); if (!$user) { return "<span style='color: red;'>Invalid credentials.</span>"; } break; case 'card': $card = RfidCard::where('card_id', $request->input('credentials'))->first(); if (!$card) { return "<span style='color: red;'>Unknown card.</span>"; } $card->touch(); $user = $card->user; if (!$user) { return "<span style='color: red;'>Unknown user.</span>"; } break; default: return "<span style='color: red;'>Invalid credential type.</span>"; break; } if (!$user->member) { return "<span style='color: red;'>Only members can use the OmNomCom.</span>"; } $withCash = $request->input('cash'); if ($withCash == "true" && !$storedata->cash_allowed) { return "<span style='color: red;'>You cannot use cash in this store.</span>"; } $cart = $request->input('cart'); foreach ($cart as $id => $amount) { if ($amount > 0) { $product = Product::find($id); if (!$product) { return "<span style='color: red;'>You tried to buy a product that didn't exist!</span>"; } if (!$product->isVisible()) { return "<span style='color: red;'>You tried to buy a product that is not available!</span>"; } if ($product->stock < $amount) { return "<span style='color: red;'>You tried to buy more of a product than was in stock!</span>"; } if ($product->is_alcoholic && $user->age() < 18) { return "<span style='color: red;'>You tried to buy alcohol, youngster!</span>"; } } } foreach ($cart as $id => $amount) { if ($amount > 0) { $product = Product::find($id); $orderline = OrderLine::create(['user_id' => $withCash == "true" ? null : $user->id, 'cashier_id' => $withCash == "true" ? $user->id : null, 'product_id' => $product->id, 'original_unit_price' => $product->price, 'units' => $amount, 'total_price' => $amount * $product->price, 'payed_with_cash' => $withCash == "true" ? date('Y-m-d H:i:s') : null]); $orderline->save(); $product->stock -= $amount; $product->save(); } } return "OK"; }
public function updatePassword(Request $request) { $user = User::find($request->id); if ($user == null) { abort(404); } if ($user->id != Auth::id()) { $request->session()->flash('flash_message', 'Sorry! You cannot change another user their password. If a user forgot their password, please let them use the \'forgot password\' form on the login screen.'); return Redirect::back(); } if (AuthController::verifyCredentials($user->email, $request->oldpass) || $user->utwente_username && AuthController::verifyUtwenteCredentials($user->utwente_username, $request->oldpass)) { if ($request->newpass1 !== $request->newpass2) { $request->session()->flash('flash_message', 'The new passwords are not identical. Please try again!'); return Redirect::route('user::dashboard'); } elseif (strlen($request->newpass1) < 8) { $request->session()->flash('flash_message', 'Your new password should be at least 8 characters long.'); return Redirect::route('user::dashboard'); } else { $user->setPassword($request->newpass1); $request->session()->flash('flash_message', 'Your password has been changed.'); return Redirect::route('user::dashboard'); } } $request->session()->flash('flash_message', 'Old password incorrect! Password not updated.'); return Redirect::route('user::dashboard'); }