public function handleForm(Context $context, $action) { if ($action == "createUser") { if (isset($_POST['username']) && $_POST['username'] != "" && (isset($_POST['userlevel']) && $_POST['userlevel'] != "") && (isset($_POST['name']) && $_POST['name'] != "") && (isset($_POST['email']) && $_POST['email'] != "")) { $password = ""; if (Config::login_type == LOGIN_TYPE_DB) { $password = CryptoUtil::generatePassword(9, 4); } UserDao::createUser($_POST['username'], $_POST['name'], $_POST['email'], $_POST['userlevel'], $password); $message = "Created User -- Username: "******" Password: "******"Required Field Left Blank."); } } else { $context->addError("Incorrect Action."); } }
<?php $errors = array(); $userObj = new User(); if (array_key_exists('signin', $_POST)) { $data = array('email' => $_POST['user']['email'], 'user_password' => $_POST['user']['user_password']); UserMapper::map($userObj, $data); $errors = Validator::validate($userObj); if (empty($errors)) { $dao = new UserDao(); $_SESSION['user_id'] = $dao->createUser($userObj)->getId(); Utils::redirect(dashboard); } }
<?php if (isset($_POST['user'])) { $errors = array(); $userObj = new User(); $dao = new UserDao(); //checking if there is singin or signup in the post, depending on if user is //new member or existing, then either create new user or //only get the user id from DB if (array_key_exists('signin', $_POST)) { $data = array('email' => trim(filter_var($_POST['user']['email'], FILTER_SANITIZE_EMAIL)), 'user_password' => trim(filter_var($_POST['user']['user_password'], FILTER_SANITIZE_STRING))); UserMapper::map($userObj, $data); $errors = Validator::validate($userObj); $errors = Validator::validateLoginFields(); if (empty($errors)) { $_SESSION['user_id'] = $dao->findUserByEmail($userObj); Utils::redirect(dashboard); } } if (array_key_exists('signup', $_POST)) { $data = array('email' => trim(filter_var($_POST['user']['email'], FILTER_SANITIZE_EMAIL)), 'user_password' => trim(filter_var($_POST['user']['new_user_password'], FILTER_SANITIZE_STRING))); UserMapper::map($userObj, $data); $errors = Validator::validateSignupFields(); if (empty($errors)) { // server does not allow double up email address and throws an error $dao->createUser($userObj); $_SESSION['user_id'] = $dao->findUserByEmail($userObj); Utils::redirect(dashboard); } } }