* User: martinmatak * Date: 10/03/16 * Time: 10:26 */ require_once 'Autoloader.php'; session_start(); if (isset($_SESSION['user_id'])) { header('Location: index.php'); } if (!empty($_POST['submitted'])) { $formValidation = new \validation_library\FormValidation(); $rules = array(); $rules['username'] = '******'; $rules['password'] = '******'; $formValidation->set_rules($rules); if ($formValidation->validate()) { $query = \db\DAO::getInstance()->prepare("SELECT id FROM Users WHERE username = ? AND password = ?"); try { $query->execute([htmlentities($_POST["username"]), sha1($_POST["password"])]); //ako je upit djelovao na neki redak if ($query->rowCount() > 0) { $row = $query->fetch(); $_SESSION["user_id"] = $row->id; header('Location: index.php'); } else { echo "Wrong email or password."; } } catch (PDOException $e) { $errorMessage = "Please, try again or contact admin."; } } else {
if (!empty($_POST['submitted'])) { if (isset($_POST['btnDelete'])) { $user->delete(); unset($_SESSION['user_id']); DAO::getConnection()->header('Location: registration.php'); exit; } $rules = array(); $rules['name'] = 'length[40]'; $rules['surname'] = 'length[40]'; $rules['email'] = 'required|email|length[50]'; $rules['password'] = '******'; $rules['confirm_password'] = '******'; $validation = new \validation_library\FormValidation(); $validation->set_rules($rules); $allGood = $validation->validate(); if (strcmp($_POST['password'], $_POST['confirm_password']) != 0) { $allGood = false; } if ($allGood) { $user->__set('name', htmlentities($_POST['name'])); $user->__set('surname', htmlentities($_POST['surname'])); $user->__set('email', htmlentities($_POST['email'])); $user->__set('password', sha1($_POST['password'])); $user->save(); header('Location: index.php'); } else { if (empty($validation->validation_errors())) { echo "Password doesn't match"; } else { $validation->display_validation_errors();
header('Location: login.php'); exit; } //obrada forme if (!empty($_POST['submitted'])) { if (empty($_FILES['file'])) { echo "Image not uploaded, please try again."; exit; } $formValidation = new \validation_library\FormValidation(); $rules = array(); $rules['name'] = 'length[100]'; $rules['description'] = 'length[500]'; $rules['img_tag'] = 'length[500]'; $formValidation->set_rules($rules); if ($formValidation->validate() && validatePicture($_FILES['file']['tmp_name'])) { \models\ImgTag::validateTags($_POST['img_tag']); $tags = \models\ImgTag::validateTags($_POST['img_tag']); if ($tags === false) { echo "Every tag must be <= 50 characters"; header("Refresh: 1"); exit; } //add image $query = \db\DAO::getInstance()->prepare("INSERT INTO Images(title, user_id,\n gallery_id, description) VALUES (?,?,?,?)"); $query->execute([trim(htmlentities($_POST['name'])), $_SESSION['user_id'], trim(htmlentities($_POST['galleryOption'])), trim(htmlentities($_POST['description']))]); $id = \db\DAO::getInstance()->lastInsertId(); //add tags $query = \db\DAO::getInstance()->prepare("INSERT INTO Tags(image_id, tag) VALUES ({$id},?)"); if (!empty($tags)) { foreach ($tags as $tag) {