コード例 #1
0
ファイル: LoginHandler.php プロジェクト: ritchiefitz/iris-php
 public function handleAction()
 {
     $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
     $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
     if ($username == NULL || $username == FALSE || $password == NULL || $password == FALSE) {
         $error = 'Must enter valid input.';
         include 'pages/login.php';
     } else {
         $model = new IrisModel();
         $user = $model->getUser($username);
         if ($user != null && $user != false) {
             if (password_verify($password, $user['password'])) {
                 $_SESSION['user'] = $user;
                 $_SESSION['logged_in'] = true;
                 $error = '';
                 $journals = $model->getJournals($user['uid']);
                 include 'pages/user-home.php';
             } else {
                 $error = 'Username and password do not match any accounts.';
                 include 'pages/login.php';
             }
         } else {
             $error = 'Username or email do not exist';
             include 'pages/login.php';
         }
     }
 }
コード例 #2
0
 public function handleAction()
 {
     $jid = filter_input(INPUT_POST, 'jid', FILTER_VALIDATE_INT);
     $search = filter_input(INPUT_POST, 'q', FILTER_SANITIZE_STRING);
     // Validate
     $model = new IrisModel();
     $user = $_SESSION['user'];
     $html = '<div class="matched-results">';
     if ($jid == NULL || $jid == FALSE || $search == NULL || $search == FALSE) {
         $html .= "<h2>No Results</h2>";
     } else {
         $matched_pages = $model->searchContent($user['uid'], $jid, $search);
         if ($matched_pages) {
             $html .= "<h2>Results</h2>";
             foreach ($matched_pages as $page) {
                 $html .= '<div class="matched-result">';
                 $html .= '<div class="row">';
                 $html .= '<div class="col-sm-4 title">' . $page['title'] . '</div>';
                 $html .= '<div class="col-sm-4 date">' . $page['event_date'] . '</div>';
                 $html .= '<div class="col-sm-4 number">' . $page['page_number'] . '</div>';
                 $html .= '</div>';
                 $html .= '</div>';
             }
         } else {
             $html .= "<h2>No Results</h2>";
         }
     }
     $html .= '</div>';
     echo $html;
 }
コード例 #3
0
 public function handleAction()
 {
     $user = $_SESSION['user'];
     $model = new IrisModel();
     $journals = $model->getJournals($user['uid']);
     include 'pages/add_journal.php';
 }
コード例 #4
0
 public function handleAction()
 {
     $first_name = filter_input(INPUT_POST, 'first_name', FILTER_SANITIZE_STRING);
     $last_name = filter_input(INPUT_POST, 'last_name', FILTER_SANITIZE_STRING);
     $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
     $email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
     $password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
     if ($first_name == NULL || $first_name == FALSE || $last_name == NULL || $last_name == FALSE || $username == NULL || $username == FALSE || $email == NULL || $email == FALSE || $password == NULL || $password == FALSE) {
         $error = 'Must enter valid inputs.';
         include 'pages/login.php';
     } else {
         $model = new IrisModel();
         $hashedPassword = password_hash($password, PASSWORD_BCRYPT, array('cost' => 12));
         $is_registered = $model->addUser($first_name, $last_name, $username, $email, $hashedPassword);
         if ($is_registered) {
             $user = $model->getUser($username);
             $_SESSION['user'] = $user;
             $_SESSION['logged_in'] = true;
             $error = '';
             $journals = $model->getJournals($user['uid']);
             include 'pages/user-home.php';
         } else {
             $error = 'An error has occured while registering user';
             include 'pages/login.php';
         }
     }
 }
コード例 #5
0
 public function handleAction()
 {
     $jid = filter_input(INPUT_GET, 'jid', FILTER_VALIDATE_INT);
     $user = $_SESSION['user'];
     $model = new IrisModel();
     $journals = $model->getJournals($user['uid']);
     // Do not alert errors for $jid it is a hacking attempt.
     if ($jid == NULL || $jid == FALSE) {
         include 'pages/user-home.php';
     } else {
         include 'pages/add_page.php';
     }
 }
コード例 #6
0
 public function handleAction()
 {
     $jid = filter_input(INPUT_GET, 'jid', FILTER_VALIDATE_INT);
     $pid = filter_input(INPUT_GET, 'pid', FILTER_VALIDATE_INT);
     $user = $_SESSION['user'];
     $model = new IrisModel();
     // Do not alert errors for $jid or $pid it is a hacking attempt.
     if ($jid == NULL || $jid == FALSE || $pid == NULL || $pid == FALSE) {
         $journals = $model->getJournals($user['uid']);
         include 'pages/user-home.php';
     } else {
         $result = $model->deletePage($user['uid'], $jid, $pid);
         header("Location: index.php?action=read_journal&jid={$jid}");
     }
 }
コード例 #7
0
 public function handleAction()
 {
     $jid = filter_input(INPUT_GET, 'jid', FILTER_VALIDATE_INT);
     $pid = filter_input(INPUT_GET, 'pid', FILTER_VALIDATE_INT);
     $user = $_SESSION['user'];
     $model = new IrisModel();
     $journals = $model->getJournals($user['uid']);
     // Do not alert errors for $jid or $pid it is a hacking attempt.
     if ($jid == NULL || $jid == FALSE || $pid == NULL || $pid == FALSE) {
         include 'pages/user-home.php';
     } else {
         $page = $model->getPage($user['uid'], $jid, $pid);
         $content = str_replace('<br />', "\n", $page['content']);
         include 'pages/edit_page.php';
     }
 }
コード例 #8
0
 public function handleAction()
 {
     $title = filter_input(INPUT_POST, 'title', FILTER_SANITIZE_STRING);
     $user = $_SESSION['user'];
     $model = new IrisModel();
     if ($title == NULL || $title == FALSE) {
         $journals = $model->getJournals($user['uid']);
         $error = 'Must enter a valid string.';
         include 'pages/add_journal.php';
     } else {
         $error = '';
         $model->addJournal($user['uid'], $title);
         $journals = $model->getJournals($user['uid']);
         include 'pages/user-home.php';
     }
 }
コード例 #9
0
 public function handleAction()
 {
     $jid = filter_input(INPUT_GET, 'jid', FILTER_VALIDATE_INT);
     $user = $_SESSION['user'];
     $model = new IrisModel();
     // Do not alert errors for $jid it is a hacking attempt.
     if ($jid == NULL || $jid == FALSE) {
         $journals = $model->getJournals($user['uid']);
         include 'pages/user-home.php';
     } else {
         $readJournal = $model->getJournal($user['uid'], $jid);
         $pages = $model->getPages($user['uid'], $jid);
         $evenPages = count($pages) % 2 == 1;
         include 'pages/view_journal.php';
     }
 }
コード例 #10
0
 public function handleAction()
 {
     $jid = filter_input(INPUT_POST, 'jid', FILTER_VALIDATE_INT);
     $title = filter_input(INPUT_POST, 'title', FILTER_SANITIZE_STRING);
     $user = $_SESSION['user'];
     $model = new IrisModel();
     // Do not alert errors for $jid it is a hacking attempt.
     if ($jid == NULL || $jid == FALSE || $title == NULL || $title == FALSE) {
         $error = 'Must enter a valid title.';
         $journals = $model->getJournals($user['uid']);
         include 'pages/user-home.php';
     } else {
         $error = '';
         $model->updateJournal($user['uid'], $jid, $title);
         $journals = $model->getJournals($user['uid']);
         include 'pages/user-home.php';
     }
 }
コード例 #11
0
 public function handleAction()
 {
     $jid = filter_input(INPUT_POST, 'jid', FILTER_VALIDATE_INT);
     $page_title = filter_input(INPUT_POST, 'page-title', FILTER_SANITIZE_STRING);
     $page_date = filter_input(INPUT_POST, 'page-date', FILTER_SANITIZE_STRING);
     $page_content = filter_input(INPUT_POST, 'page-content', FILTER_SANITIZE_STRING);
     $user = $_SESSION['user'];
     $model = new IrisModel();
     if ($jid == NULL || $jid == FALSE || $page_title == NULL || $page_title == FALSE || $page_date == NULL || $page_date == FALSE || $page_content == NULL || $page_content == FALSE) {
         // Don't let them know about the jid.
         // If that is different it is a hacking attempt.
         $error = 'Must enter valid strings.';
         $journals = $model->getJournals($user['uid']);
         include 'pages/add_page.php';
     } else {
         $error = '';
         $page_num = $model->addPage($user['uid'], $jid, $page_title, $page_date, $page_content);
         header("Location: index.php?action=read_journal&jid={$jid}&pn={$page_num}");
     }
 }