/**
* @param \NekoPHP\Modules\User\Models\User $user
* @param string $permission
* @param bool $redirect
* @return bool
*/
public static function checkPermission($user, $permission = null, $redirect = false)
{
// check if the user is logged in
if (!$user instanceof self) {
if ($redirect) {
Session::setOnce('login-redirect-to', NekoPHP::getCurrentUrl());
Session::setOnce('error', 'You must be logged in to view this page');
return NekoPHP::redirect(NekoPHP::getBaseUrl() . '/user/login');
}
return false;
}
// if no permission is set, we only wanted the user to be logged in properly
if ($permission === null) {
return true;
}
$method = 'get' . $permission;
// check wether the user has the requested permission
if (!$user->getPermissions()->{$method}()) {
if ($redirect) {
Session::setOnce('error', 'You do not have permission to view this page');
return NekoPHP::redirect(NekoPHP::getBaseUrl());
}
return false;
}
return true;
}
/**
* @param array[string] $parts
* @param array[string] $mod
* @return string
*/
public static function main($parts, $mod)
{
$user = Models\User::getByEmail($_POST['email']);
if ($user === null || !$user->checkPassword($_POST['password'])) {
return $mod['twig']->render('login.twig', ['error' => 'Username or password incorrect', 'form_url' => \NekoPHP\NekoPHP::getModuleUrl() . '/login']);
}
Session::set('user_id', $user->getId());
Session::setOnce('success', "You have been logged in as {$user->getEmail()}");
if (Session::existsOnce('login-redirect-to')) {
return NekoPHP::redirect(Session::getOnce('login-redirect-to'));
}
return NekoPHP::redirect(NekoPHP::getModuleUrl() . '/profile');
}
/**
* @param array[string] $parts
* @param array[string => mixed] $mod
* @return string
*/
public static function main($parts, $mod)
{
Models\User::checkPermissions($mod['cuser'], 'UserAdmin', true);
$errors = [];
if (empty($_POST['email'])) {
$errors[] = 'No email address given';
} elseif (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
$errors[] = 'Invalid email address';
}
if (empty($_POST['password']) || empty($_POST['password_confirm'])) {
$errors[] = 'Both password fields need to be filled out';
} elseif ($_POST['password'] !== $_POST['password_confirm']) {
$errors[] = 'The passwords don\'t match';
}
if (count($errors) > 0) {
Session::setOnce('error', $errors);
return NekoPHP::redirect(NekoPHP::getModuleUrl() . '/create');
}
try {
$user = new Models\User();
$user->setEmail($_POST['email']);
$user->setPassword($_POST['password']);
if (!$user->create()) {
throw new \Exception($user->exception()->getMessage());
}
$user->getInfo()->setRealname($_POST['realname']);
$user->getInfo()->update();
$user->getPermissions()->setUserAdmin(isset($_POST['permission_user_admin']));
$user->getPermissions()->update();
// @todo: send out an email to the newly created user
} catch (\Exception $e) {
Session::setOnce('error', $e->getMessage());
return NekoPHP::redirect(NekoPHP::getModuleUrl() . '/create/');
}
Session::setOnce('success', 'Account created');
return NekoPHP::redirect(NekoPHP::getModuleUrl() . '/profile/' . $user->getId());
}
<?php
namespace NekoPHP\Modules\User;
use NekoPHP\Console;
use NekoPHP\Modules\User\Models\User;
Console::printInfo('Welcome to interactive user creation!');
do {
$email = Console::ask('Email address');
} while (filter_var($email, FILTER_VALIDATE_EMAIL) === false);
do {
$pass = Console::ask('Password');
} while ($pass === '');
$user = new User();
$user->setEmail($email);
$user->setPassword($pass);
if (!$user->create()) {
Console::printError($user->exception()->getMessage());
exit;
}
Console::printDebug('User created with ID ' . $user->getId());
/**
* @param array[string] $parts
* @param array[string] $mod
* @return string
*/
public static function main($parts, $mod)
{
Models\User::checkPermission($mod['cuser'], 'UserAdmin', true);
return $mod['twig']->render('create.twig', ['form_url' => \NekoPHP\NekoPHP::getModuleUrl() . '/create']);
}