public function __construct($route) { if (!isset($_SESSION)) { session_start(); } if (!isset($_SESSION['ok'])) { $_SESSION['ok'] = false; } if ($_SESSION['ok']) { //accedemos con user y pass correcto a la plicación //echo '<h2>Bienvenido <mark>' . $_SESSION['user'] . '</mark> a Mexflix te has autenticado</h2>'; $this->route = isset($_GET['r']) ? $_GET['r'] : 'home'; $controller = new ViewController(); switch ($this->route) { case 'home': $controller->load_view('home'); break; case 'movieseries': case 'movieseries': if (!isset($_POST['r'])) { $controller->load_view('movieseries'); } else { if ($_POST['r'] == 'movieserie-add') { $controller->load_view('movieserie-add'); } else { if ($_POST['r'] == 'movieserie-edit') { $controller->load_view('movieserie-edit'); } else { if ($_POST['r'] == 'movieserie-delete') { $controller->load_view('movieserie-delete'); } else { if ($_POST['r'] == 'movieserie-show') { $controller->load_view('movieserie-show'); } } } } } break; case 'usuarios': if (!isset($_POST['r'])) { $controller->load_view('users'); } else { if ($_POST['r'] == 'user-add') { $controller->load_view('user-add'); } else { if ($_POST['r'] == 'user-edit') { $controller->load_view('user-edit'); } else { if ($_POST['r'] == 'user-delete') { $controller->load_view('user-delete'); } } } } break; case 'status': if (!isset($_POST['r'])) { $controller->load_view('status'); } else { if ($_POST['r'] == 'status-add') { $controller->load_view('status-add'); } else { if ($_POST['r'] == 'status-edit') { $controller->load_view('status-edit'); } else { if ($_POST['r'] == 'status-delete') { $controller->load_view('status-delete'); } } } } break; case 'salir': $user_session = new SessionController(); $user_session->logout(); break; default: $controller->load_view('error404'); break; } } else { //la aplicación nos muestra un form de login if (!isset($_POST['user']) && !isset($_POST['pass'])) { //echo 'Tengo que mostrar un login form'; $login_form = new ViewController(); $login_form->load_view('login'); } else { //echo 'Validar los datos que el usuario envía'; $user_session = new SessionController(); $session = $user_session->login($_POST['user'], $_POST['pass']); if (empty($session)) { //echo 'El usuario y el password son incorrectos'; $login_form = new ViewController(); $login_form->load_view('login'); header('Location: ./?error=El usuario ' . $_POST['user'] . ' y el password proporcionado no coinciden'); } else { //echo 'El usuario y el password son correctos'; //var_dump($session); $_SESSION['ok'] = true; foreach ($session as $row) { $_SESSION['user'] = $row['user']; $_SESSION['email'] = $row['email']; $_SESSION['name'] = $row['name']; $_SESSION['birthday'] = $row['birthday']; $_SESSION['pass'] = $row['pass']; $_SESSION['role'] = $row['role']; } header('Location: ./'); } } } }
RecipeController::edit($id); }); $routes->post('/:id/edit', 'check_logged_in', function ($id) { RecipeController::update($id); }); $routes->post('/:id/delete_keyword/:keyword', 'check_logged_in', function ($id, $keyword) { RecipeController::delete_keyword($id, $keyword); }); $routes->post('/:id/delete_ingredient/:ingredient_name', 'check_logged_in', function ($id, $ingredient_name) { RecipeController::delete_ingredient($id, $ingredient_name); }); $routes->post('/:id/destroy', 'check_logged_in', function ($id) { RecipeController::destroy($id); }); $routes->post('/:id/newcomment', 'check_logged_in', function ($id) { RecipeController::new_comment($id); }); $routes->post('/:id/comment/:chef_id/delete', 'check_logged_in', function ($id, $chef_id) { RecipeController::delete_comment($id, $chef_id); }); }); $routes->get('/login', function () { SessionController::login(); }); $routes->post('/login', function () { SessionController::handle_login(); }); // uloskirjautuminen gettinä, sillä en vielä tiedä kuinka saisin sen linkin näköisenä postiksi $routes->post('/logout', 'check_logged_in', function () { SessionController::handle_logout(); });
if (isset($errors) && isset($errors[$errName])) { print 'style="display:inline"'; } } //prepare form-action return url $returnURL = isset($_GET['returnURL']) ? $_GET['returnURL'] : ""; $returnURLAddition = ""; //part that is added to form action if ($returnURL != "") { $returnURLAddition = "?returnURL={$returnURL}"; } //get data from either frmLogin or login if (isset($_POST['frmLoginBtn']) || isset($_POST['btnLogin'])) { extract($_POST); //gets $username and $password $result = SessionController::login($username, $password); if (is_array($result)) { //there were problems logging in $errors = $result; } else { //login successful gtInclude("scripts/redirect.php"); } } ?> <!DOCTYPE html> <html> <head> <title>Login</title>