/** * Try to login admin user. */ public function login() { $dbLayer = DBLayer::getInstance(); // Get the form values $params = array(':username' => Utils::getParam('username'), ':password' => sha1(Utils::getParam('password'))); // Get the user details from DB $userDetails = $dbLayer->executeQuery('backoffice.login', $params); // Verify that we found user if ($userDetails) { $userDetails = $userDetails[0]; // Get the userId $userId = $userDetails['id']; $_SESSION['userId'] = $userId; // Set the user details $_SESSION['user'] = new User($userId); // We found the user login valid - redirect to the application page. header("Location: /views/backoffice/table_template.php?table_name=Users&queryId=backoffice.users"); } }
use Moood\helpers\Utils; ?> <div class="spacer"></div> <table> <tbody> <?php $i = 0; $records = $_SESSION['records']; if (isset($records)) { $keys = array_keys($records[0]); // Print the headers echo '<thead>'; foreach ($keys as $key) { echo '<th>' . Utils::getTableHeader($key) . '</th>'; } echo '</thead>'; foreach ($records as $records) { echo '<tr>'; foreach ($keys as $key) { // Special case for isAdmin - we display image switch ($key) { case 'is_admin': echo '<td class="center"><img src="/images/' . ($records[$key] != 1 ? 'not_' : '') . 'ok.png" class="adminImg"></td>'; break; case 'image': echo '<td class="center"><img src="' . $records[$key] . '"></td>'; break; default: echo '<td>' . $records[$key] . '</td>';
} else { // Get the values if the form was already submitted $id = -1; $username = Utils::getParam('username', ''); $password = Utils::getParam('password', ''); $nick_name = Utils::getParam('nick_name', ''); $last_name = Utils::getParam('last_name', ''); $first_name = Utils::getParam('first_name', ''); $email = Utils::getParam('email', ''); $img = Utils::getParam('img', '/images/pixel.gif'); } // Check if we have errors or not $error = Utils::getParam('error', null); $errorClass = isset($error) ? '' : 'hidden'; ?> <!DOCTYPE html > <html> <head> <meta charset='UTF-8'> <title>Music for your mood</title> <link href="/style/style.css" rel="stylesheet" type="text/css"/> </head> <body> <div class="pageContent users">
/** * Load songs of the given playlist. * The playlist id is extracted from the request and the data is store as REQUEST['songs'] */ public function loadSongs() { $dbLayer = DBLayer::getInstance(); $data = $dbLayer->executeQuery('playlist.songs', array(':pId' => Utils::getParam("pId"))); if ($data) { $_REQUEST['songs'] = $data; } }
$ROOT_PATH = $_SERVER['DOCUMENT_ROOT']; include_once $ROOT_PATH . '/src/bootstrap.php'; // Execute action if any $actions = new Playlist(); $actions->processRequest(); /** * This file will print out the playlist songs so user can choose from the list */ if (!isset($_REQUEST['songs'])) { return; } echo '<h1><span class="skew">' . Utils::getParam('name') . '</span></h1>'; // Get the playlist content $songs = $_REQUEST['songs']; // Get the playlist HTML code // Print out the playlist foreach ($songs as $song) { ?> <div class="spacer"></div> <section class="dialog playlistSongs"> <details> <summary><?= $song['title']?></summary> <iframe id="ytplayer" type="text/html" width="920" height="560" src="http://www.youtube.com/embed/<?= $song['video_id'] ?>?autoplay=0&origin=<?= $_SERVER['SERVER_NAME'] ?>"
/** * This method will execute sql query. * * @param queryId - The query id to execute. if no value is given the method will seach for it as request param. * @param params - List of parameters to bind to teh stored procedure. * If no parameters are passed all the request params will be used as bind parameters. * * @return - Returns an array containing all of the result set rows */ public function executeQuery($queryId = null, $params = null) { if (!isset($queryId)) { $queryId = Utils::getParam('queryId', null); if (!isset($queryId)) { throw new Exception('Missing queryId'); } } // ----------------------------------------------------------------------------------- // -- If no parameters are passed auto build the params from all the GET/POST pairs -- // ----------------------------------------------------------------------------------- if (!isset($params)) { $params = array(); // We read the parameters form the request since it contains both get and post params foreach ($_REQUEST as $key => $value) { $params[':' . $key] = $value; } } // Get the query we wish to execute $query = $this->sql_queries[$queryId]; $statment = $this->pdo->prepare($query); $statment->setFetchMode(PDO::FETCH_ASSOC); $statment->execute($params); // Check to see if we have error or not $error = $statment->errorInfo(); // Set the error message if ($error[0] > 0) { $_REQUEST['DBLayer.executeQuery.error'] = $statment->errorInfo(); } // return all the rows return $statment->fetchAll(); }
<form method="POST"> <input type="hidden" name="action" id="action"> <label class="label" for="username">User Name</label> <input id="username" name="username" type="text" value="<?php echo Utils::getParam('username', ''); ?> "/> <br/> <label class="label" for="password">Password</label> <input id="password" name="password" type="password" value="<?php echo Utils::getParam('password', ''); ?> "/> <br/> <div class="buttons"> <span class="button orange disabled" data-action="login" id="loginButton">Login <span class="tooltip hidden"> <span></span> Please fill in the required fields, before you can login </span> </span> </div> <div class="spacer"></div>
<?php use Moood\DBLayer; use Moood\helpers\Utils; $ROOT_PATH = $_SERVER['DOCUMENT_ROOT']; include_once $ROOT_PATH . '/src/bootstrap.php'; // Load the table data that we need $dbLayer = DBLayer::getInstance(); $_REQUEST['records'] = $dbLayer->executeQuery(Utils::getParam('queryId')); ?> <!DOCTYPE html > <html> <head> <meta charset='UTF-8'> <title>Music for your mood</title> <link href="/style/style.css" rel="stylesheet" type="text/css"/> </head> <body> <div class="pageContent backoffice records"> <?php include '../header.php'; ?> <div class="main"> <?php include '../utils/generate_table.php'; ?> </div> </div>
/** * This method check to see that the given credentials are valid. * Once user is logged in we will load his data */ public function login() { // Get the form values // The password is encrypted using sha1. // We could have used some stronger method like adding a prefix and then encode it and verify it // but since this a demo project this is not a issue here in my opnion $params = array(':username' => Utils::getParam('username'), ':password' => sha1(Utils::getParam('password'))); // Load the user details $data = DBLayer::getInstance()->executeQuery('users.select_user', $params); // Check to see if we have a valid user or not if ($data) { $userData = $data[0]; // Get the userId $_SESSION['userId'] = $userData['id']; // Set the user details $_SESSION['user'] = new User($userData['id']); // Make sure all session content is flushed before redirected session_write_close(); // We found the user login valid - redirect to the application page. header("Location: /views/playlist/playlist.php"); exit; } else { $_REQUEST['error'] = 'Wrong user name/password. Please try again'; } }
<?php use Moood\helpers\Utils; /** * This file will print out the playlist songs so user can choose from the list */ if (!isset($_REQUEST['songs'])) { return; } echo '<h1>Search results for: <span class="skew">' . Utils::getParam('query', '') . '</span></h1>'; // Get the playlist content $songs = $_REQUEST['songs']; // Get the playlist HTML code // Print out the playlist foreach ($songs as $song) { // In real life i would have used templates here to generate the content. // I have digged into this list: http://www.webresourcesdepot.com/19-promising-php-template-engines/ // But did not had enough time to play with it and test them out. ?> <div class="spacer"></div> <section class="dialog playlistEntry"> <details open> <summary><?= $song['title']?></summary> <? include '../playlist/playlist_dropdown.php'; ?> <p><?= $song['content'] ?></p>
<input id="query" name="query" type="text" value="<?php echo Utils::getParam('query', ''); ?> " placeholder="Type here search phrase"/> <br/> <label class="label" for="numberOfSongs">Number of songs</label> <div class="slider"> <input class="bar" name="numberOfSongs" type="range" id="numberOfSongs" value="<?php echo Utils::getParam('numberOfSongs', '10'); ?> " min="1" max="25"/> <span class="rangeValue" id="rangeValue"><?php echo Utils::getParam('numberOfSongs', '10'); ?> </span> </div> <br/> <div class="buttons"> <span class="button orange" data-action="search" id="searchButton">Search</span> </div> </form> </div> <br/> </div>