public function Delete($files, \Slim\Slim &$app, $page) { $obj = new Files(); $obj->parseFile($files); $user_id = $obj->user_id; //$cookieDB = $obj->cookie; $cookie = $app->getCookie('username'); $db = $app->db; $logged = new Logged(); $id = $logged->getLogged($db, $cookie); //checking of the user is registered in Users table as the user or anonymous which added this file and getting his id if ($id == $user_id) { $foo = new Foo(); $foo->token = $page; $mapper = new FooMapper($db); $files = $mapper->delete($foo); $path = $obj->path; $filename = "uploads/" . $path; //deleting file from the folder unlink($filename); $app->redirect('/TwigBlog/'); } else { $app->error(); } }
/** * authorize users with a valid token * * users without a valid token are * forbidden(code: 401) from proceeding. **/ public function handle(\Slim\Slim $app) { $token_cookie = $app->getCookie(AuthController::TOKEN_COOKIE); if (empty($token_cookie)) { $app->response->setStatus(401); $app->response->finalize(); return $app->response->finalize(); } $token = TokenModel::findToken($token_cookie); if ($token == null) { $app->response->setStatus(401); $app->response->finalize(); return $app->response->finalize(); } }
// to a numeric `id` field on the Contacts database table. \Slim\Route::setDefaultConditions(array('id' => '[0-9]{1,}')); // Autentification // POST sends username and password na route /login // route /login catches POST request and sets setEncryptedCookie('username', $username, '1 day'); // When you call get(/article .... $checkLoggedOn($app) is called // $checkLoggedOn = function ($app) validates and if user password is valid will return true // and rest of get(/article route will be triggered function isValidLogin($username, $password) { // return true; return $username == 'Greg' && $password == 'letMeIn'; } $authenticateUser = function ($app) { return function () use($app) { if (!isValidLogin($app->getCookie('username'), $app->getCookie('password'))) { $app->halt(401); // Unauthorized access } }; }; $app->post('/login', function () use($app) { try { // get user and pass from post if from form as dataType=html //$username = $app->request->post('username'); //$password = $app->request->post('password'); // get user and pass from post - get and decode JSON request body $body = $app->request()->getBody(); $input = json_decode($body); $username = (string) $input->username; $password = (string) $input->password;
} } $app->redirect('/admin/settings'); }); $app->get('/admin(/page/:page)', function ($page = 1) use($app, $container) { $images = $container['imageService']->findAll(); $paginator = $container['pagination']->newPaginator($images, $page, 25); $projectDay = $container['imageService']->getProjectDay(); $daysLeft = 365 - $projectDay; $photoCount = $container['imageService']->countImages(); $percentage = $photoCount / $projectDay * 100; $viewData = array('images' => $images, 'paginator' => $paginator, 'pages' => $paginator->getPages(), 'projectDay' => $projectDay, 'photoCount' => $photoCount, 'percentage' => $percentage, 'daysLeft' => $daysLeft); $app->render('admin/index.html', $viewData); }); $app->get('/admin/settings', function () use($app) { $user = json_decode($app->getCookie('identity'), true); $app->render('admin/settings.html', array('user' => $user)); }); $app->post('/admin/user', function () use($app, $container) { $user = json_decode($app->getCookie('identity'), true); $params = $app->request()->post(); $email = filter_var($params['email'], FILTER_SANITIZE_EMAIL); if (filter_var($email, FILTER_VALIDATE_EMAIL) && $email != $user['email']) { $container['userService']->updateEmail($user, $email); $app->log->info(sprintf('Email changed from %s to %s', $user['email'], $email)); $app->flash('emailSuccess', 'Your email is now ' . $email); } if ($params['form-type'] == 'change-password' && $params['password']) { $app->log->info(sprintf('About to change password for %s', $user['email'])); try { $result = $container['userService']->changePassword($user['email'], $params['password'], $params['new-password'], $params['confirm-password']);
// $user = $_SESSION['user']; // } if (isset($_SESSION['sid'])) { $sid = $_SESSION['sid']; } if (isset($_SESSION['usr'])) { $usr = $_SESSION['usr']; } $app->view()->setData('usr', $usr); $app->view()->setData('sid', $sid); }); /** * HOME ROUTE **/ $app->get('/', function () use($app, $dl) { $app->render('home.twig', array('code' => $app->getCookie('code'), 'email' => $app->getCookie('email'), 'album' => $app->getCookie('album'), 'subscribe' => $app->getCookie('subscribe'), 'albums' => $dl->get_albums())); })->name('home'); /** * HOME ROUTE POST HANDELING **/ $app->post('/', function () use($app, $dl, $mail) { // setup variables from the incoming post $album = $app->request->post('album'); $email = $app->request->post('email'); $code = strtoupper($app->request->post('code')); $subscribe = $app->request->post('mailing_list'); $address = $app->request->post('address'); // Set current entries to cookies $app->setCookie('code', $code); $app->setCookie('email', $email); $app->setCookie('album', $album);
/** * Returns the contents of storage * * Behavior is undefined when storage is empty. * * @throws Zend_Auth_Storage_Exception If reading contents from * storage is impossible * @return mixed */ public function read() { $value = $this->app->getCookie($this->cookieName); return json_decode($value, true); }