public function login() { $am = new authentificationManager(); $error = ""; $username = ""; //$date = []; // traitement du formulaire if (!empty($_POST)) { $username = $_POST['username']; $password = $_POST['password']; $result = $am->isValidLoginInfo($username, $password); // si valide : connexion if ($result > 0) { $userId = $result; // récuper l'utilisateur $userManager = new \Manager\UserManager(); $user = $userManager->find($userId); // connexion l'user*********************************************** $am->logUserIn($user); $user = $this->getUser(); // redirection $this->redirectToRoute('catalogue'); } else { $error = "Mauvais identifiant ! ou Mauvais mot de passe !"; echo $error; } } // $date['error'] = $error; // $data['username'] = $username; $this->show('temps/connexion'); }
public function login() { $am = new AuthentificationManager(); $error = ""; $username = ""; $data = []; //traitement du formulaire if (!empty($_POST)) { debug($_POST); //VALIDATION $username = $_POST['username']; $password = $_POST['password']; $result = $am->isValidLoginInfo($username, $password); //SI VALIDE : CONNEXION if ($result > 0) { //la fonction isValidLoginInfo nous a donné l'id du User $userId = $result; //Récupère l'utilisateur $userManager = new \Manager\UserManager(); $user = $userManager->find($userId); //connecte l'user $am->logUserIn($user); //redirection $this->redirectToRoute('show_all_terms'); } else { $error = "no"; } } $data['error'] = $error; $data['username'] = $username; $this->show('user/login', $data); $this->show('user/login'); }
public function login() { $authentificationManager = new AuthentificationManager(); $username = ""; $password = ""; $error = ""; $data = []; if (!empty($_POST)) { $username = $_POST['username']; $password = $_POST['password']; $result = $authentificationManager->isValidLoginInfo($username, $password); if ($result > 0) { $userId = $result; //recupere l'utilisateur $userManager = new \Manager\UserManager(); $user = $userManager->find($userId); //connecte l'user $authentificationManager->logUserIn($user); $this->redirectToRoute('show_all_terms'); } else { $error = "Mauvais identifiant !"; } } $data['error'] = $error; $data['username'] = $username; $this->show('users/login', $data); }
public function register() { $this->allowTo('admin'); $userManager = new UserManager(); $error = ""; $username = ""; $email = ""; //formulaire d'inscription soumis ? if (!empty($_POST)) { //ninja shit ? foreach ($_POST as $key => $value) { //créer une variable $username, $email, $password, etc... ${$key} = trim(strip_tags($value)); } // //La boucle foreach revient à écrire v // $username = trim(strip_tags($_POST['username'])); // $email = trim(strip_tags($_POST['email'])); // $password = trim(strip_tags($_POST['password'])); // $password_confirm = trim(strip_tags($_POST['password_confirm'])); /*Validadation*/ //----------------------------------------------------- //username assez long ? if (strlen($username) < 4) { $error = "Votre pseudo est trop court"; } //----------------------------------------------------- //pseudo déjà présent dans la bdd ? if ($userManager->usernameExists($username)) { $error = "Pseudo déjà utilisé !"; } //----------------------------------------------------- //email déjà présent dans la bdd ? if ($userManager->emailExists($email)) { $error = "Email déjà existant !"; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error = "Email non valide"; } //----------------------------------------------------- //mot de passe correspondent? if ($password != $password_confirm) { $error = "Les mots de passe ne correspondent pas !"; } //----------------------------------------------------- /*Fin de validation*/ //si valide .. if (empty($error)) { //hacher le mot de passe $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $newAdmin = ["username" => $username, "email" => $email, "password" => $hashedPassword, "role" => "admin", "dateCreated" => date("Y-m-d H:i:s"), "dateModified" => date("Y-m-d H:i:s")]; //insérer en base $userManager->insert($newAdmin); } } //afficher bravo ou rediriger ou faire quelque chose de bien // si invalide.. //envoyer les erreurs et les données soumises à la vue $dataToPassToTheView = ["username" => $username, "email" => $email, "error" => $error]; $this->show('user/register_administrator', $dataToPassToTheView); }
public function register() { $userManager = new UserManager(); $error = ""; $username = ""; $email = ""; //formulaire d'inscription soumis ? if (!empty($_POST)) { $username = trim(strip_tags($_POST['username'])); $email = trim(strip_tags($_POST['email'])); $password = trim(strip_tags($_POST['password'])); $password_confirm = trim(strip_tags($_POST['password_confirm'])); /* validation */ //username assez long if (strlen($username) < 4) { $error = "Pseudo trop court"; } //username déjà présent ? if ($userManager->usernameExists($username)) { $error = "Pseudo déjà utilisé !"; } //email valide if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error = "Email non valide !"; } //email déjà présent ? if ($userManager->emailExists($email)) { $error = "Email déjà utilisé !"; } //mots de passe correspondent ? if ($password != $password_confirm) { $error = "Les mots de passe ne correspondent pas !"; } /* fin validation */ //si valide... if (empty($error)) { //hacher le mot de passe $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $newAdmin = ["username" => $username, "email" => $email, "password" => $hashedPassword, "role" => "admin", "dateCreated" => date("Y-m-d H:i:s"), "dateModified" => date("Y-m-d H:i:s")]; //insérer en base $userManager->insert($newAdmin); //afficher bravo ou rediriger ou faire quelque chose de bien } //si invalide... //envoyer les erreurs et les données soumises à la vue } $dataToPassToTheView = ["error" => $error, "username" => $username, "email" => $email]; $this->show('user/register_administrator', $dataToPassToTheView); }
public function register() { $this->allowTo('admin'); $userManager = new UserManager(); $error = ""; $username = ""; $email = ""; if (!empty($_POST)) { foreach ($_POST as $k => $v) { ${$k} = trim(strip_tags($v)); } // $username = trim(strip_tags($_POST['username'])); // $email = trim(strip_tags($_POST['email'])); // $password = trim(strip_tags($_POST['password'])); // $confirmPassword = trim(strip_tags($_POST['confirmPassword'])); if (strlen($username) < 4) { $error = 'Identifiant trop court !'; } if ($userManager->usernameExists($username)) { $error = "Pseudo déjà utilisé !"; } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error = "Email non valide !"; } if ($userManager->emailExists($email)) { $error = "Email déjà utilisé !"; } //mots de passe correspondent if ($password != $confirmPassword) { $error = "les mots de passe ne corresponds pas!"; } //si valide if (empty($error)) { $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $newAdmin = ["username" => $username, "email" => $email, "password" => $hashedPassword, "role" => "admin", "dateCreated" => date("Y-m-d H:i:s"), "dateModified" => date("Y-m-d H:i:s")]; //inserer en base $userManager->insert($newAdmin); } } $dataToPassToTheView = ["error" => $error, "username" => $username, "email" => $email]; $this->show('users/register_administrator', $dataToPassToTheView); }
public function returnOrder() { $cartManager = new CartManager(); $bookManager = new BookManager(); $userManager = new UserManager(); $cartId = ""; $books = ""; if (!empty($_POST)) { $cartId = trim(strip_tags($_POST['cartId'])); // Retrouver la commande correspondante $booksIds = $cartManager->findAllBooksIdsInCart($cartId); $books = $bookManager->showBooks($booksIds); // Récupérer l'id de l'utilisateur $userId = $cartManager->getUserIdByCart($cartId); $user = $userManager->find($userId); $data = ['books' => $books, 'user' => $user]; $this->show('admin/confirm_order_return', $data); } else { $this->show('admin/confirm_order_return'); } }
public function changePassword() { $token = $_GET['token']; $username = $_GET['username']; $userManager = new UserManager(); $user = $userManager->getUsername($username); if (!password_verify($token, $user['token'])) { echo 'die mutherfucker'; } $confirm_password = ""; $errorConfirm_password = ""; if (!empty($_POST)) { $password = trim(strip_tags($_POST['password'])); $confirm_password = trim(strip_tags($_POST['confirm_password'])); if ($password != $confirm_password) { $errorConfirm_password = "******"; } else { if (strlen($password) < 6) { $errorConfirm_password = "******"; } else { $containsLetter = preg_match('/[a-zA-Z]/', $password); $containsDigit = preg_match('/\\d/', $password); $containsSpecial = preg_match('/[^a-zA-Z\\d]/', $password); if (!$containsLetter || !$containsDigit || !$containsSpecial) { $errorConfirm_password = "******"; } } } if (empty($errorConfirm_password)) { $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $id = $user['id']; $newPassword = ["password" => $hashedPassword]; $userManager->update($newPassword, $id); } } $data['errorConfirm_password'] = $errorConfirm_password; $this->show('user/change_password', $data); }
public function register() { $this->allowTo('admin'); $userManager = new UserManager(); $usernameError = ""; $emailError = ""; $passwordError = ""; if (!empty($_POST)) { foreach ($_POST as $k => $v) { ${$k} = trim(strip_tags($v)); } // validation // username assez long if (empty($username)) { $usernameError = "Veuillez indiquer un pseudo !"; } else { if (strlen($username) < 4) { $usernameError = "Nom d'utilisateur trop court !"; } else { if ($userManager->usernameExists($username)) { $usernameError = "Ce pseudo est déjà utilisé !"; } } } // email valide if (empty($email)) { $emailError = "Veuillez entrer une adresse email !"; } else { if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $emailError = "L'adresse email n'est pas valide"; } else { if ($userManager->emailExists($email)) { $emailError = "Cet adresse email est déjà utilisée !"; } } } // mot de passe valide if (empty($password)) { $passwordError = "Veuillez entrer un mot de passe !"; } else { if (strlen($password) <= 6) { $passwordError = "Veuillez entrer un mot de passe d'au moins 7 caractères !"; } } // mots de passe correspondent ? if ($password != $password_again) { $passwordError = "Les mots de passe que vous avez indiqué ne correspondent pas !"; } // si valide ... if ($usernameError == "" && $emailError == "" && $passwordError == "") { // hacher le mot de passe $password_hashed = password_hash($password, PASSWORD_DEFAULT); $newAdmin = ['username' => $username, 'email' => $email, 'password' => $password_hashed, 'role' => 'admin', 'date_created' => date('Y-m-d H:i:s'), 'date_modified' => date('Y-m-d H:i:s')]; // insérer en bdd $insertSuccess = $userManager->insert($newAdmin); // afficher bravo ou rediriger if ($insertSuccess) { $this->redirectToRoute('show_all_terms'); } } else { // envoyer les erreurs et les données soumises à la vue $dataToPassToTheView = ['username' => $username, 'email' => $email, 'usernameError' => $usernameError, 'emailError' => $emailError, 'passwordError' => $passwordError]; $this->show('user/register_administrator', $dataToPassToTheView); } } $this->show('user/register_administrator'); }
public function register() { // $this->allowTo('admin'); $user = $this->getUser(); $UserManager = new UserManager(); $error = []; $username = ""; $email = ""; $password = ""; $password_confirm = ""; $hashedPassword = ""; $nom = ""; $prenom = ""; $code_postal = ""; $adress = ""; $tel = ""; $code_postalRegexp = "/^[0-9]{5}\$/"; $telRegexp = "/^[0-9]{10}\$/"; // formulaire d'inscription ------------------------------------- // if(!empty($_POST)){ // foreach ($$_POST as $k => $v) { // // crée une variable $username, $email, $password, etc... // $$k = trim(strip_tags($v)); // } ------------------------------------------------------------ if (!empty($_POST)) { $username = trim(strip_tags($_POST['username'])); $email = trim(strip_tags($_POST['email'])); $password = trim(strip_tags($_POST['password'])); $password_confirm = trim(strip_tags($_POST['password_confirm'])); $nom = trim(strip_tags($_POST['nom'])); $prenom = trim(strip_tags($_POST['prenom'])); $adress = trim(strip_tags($_POST['adress'])); $code_postal = trim(strip_tags($_POST['code_postal'])); $tel = trim(strip_tags($_POST['tel'])); /* validation */ if (empty($username)) { $error['username'] = "******"; } // username assez long if (strlen($username) < 4) { $error['username'] = "******"; } /*else{ $sql = "SELECT username FROM users WHERE username = :username"; $sth = $dbh->prepare($sql); $sth -> execute(array(":username"=> $username)); $foundUsername = $sth->fetchColumn(); if ($foundUsername){ $error= "ce username existe déjà"; } }*/ // email if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error['email'] = "email non valide !"; } elseif (strlen($email) > 250) { $error['email'] = "email trop long non valide !"; } // mot de passe correspondent if ($password != $password_confirm) { $error['password'] = "******"; } elseif (strlen($password) < 6) { $error['password'] = "******"; } if (empty($nom)) { $error['nom'] = "Veuillez saisir votre nom !"; } if (empty($prenom)) { $error['prenom'] = "Veuillez saisir votre prenom !"; } if (empty($adress)) { $error['adress'] = "Veuillez saisir votre adress !"; } if (empty($code_postal)) { $error['code_postal'] = "Veuillez saisir votre code postal!"; } elseif (!preg_match($code_postalRegexp, $code_postal)) { $error['code_postal'] = "votre code postal doit correspondre à 5 chiffres"; } if (empty($tel)) { $error['tel'] = "Veuillez saisir votre tel!"; } elseif (!preg_match($telRegexp, $tel)) { $error['tel'] = "votre numero de tel doit correspondre à 10 chiffres"; } /* fin de la validation */ // si valide... if (empty($error)) { //} // hacher le mot de passe $hashedPassword = password_hash($password, PASSWORD_DEFAULT); $newUser = ["username" => $username, "email" => $email, "password" => $hashedPassword, "nom" => $nom, "prenom" => $prenom, "code_postal" => $code_postal, "adress" => $adress, "tel" => $tel, "date_created" => date("Y-m-d H:i:s"), "date_modified" => date("Y-m-d H:i:s")]; // debug($_POST); // die(); //inseérrer en base $UserManager->insert($newUser); } //afficher bravo ou rediriger ou faire quelque //si invalide.. //envoyer les erreurs et les données soumises à la vue } $dataToPassToTheView = ["username" => $username, "email" => $email, "password" => $password, "nom" => $nom, "prenom" => $prenom, "code_postal" => $code_postal, "adress" => $adress, "tel" => $tel, "errors" => $error]; $this->show('temps/abonnement', $dataToPassToTheView); // $this->RedirectToRoute('abonnement'); }
public function editProfile() { //page modification profil // modif du profil if (isset($_POST)) { if (!empty($_POST["editPseudo"]) || !empty($_POST["editLastname"]) || !empty($_POST["editFirstname"]) || !empty($_POST["datenaissance"]) || !empty($_POST["gender"]) || !empty($_POST["ville"]) || !empty($_POST["loisirs"])) { /* -trouver l'identifiant du pseudo -récuperer son id -insérer les données dans la BDD */ $userManager = new UserManager(); $user = $this->getUser(); $userManager->update(["user_pseudo" => $_POST["editPseudo"], "user_lastname" => $_POST["editLastname"], "user_firstname" => $_POST["editFirstname"], "user_age" => $_POST["datenaissance"], "user_gender" => $_POST["gender"], "user_location" => $_POST["ville"]], $user["id"]); } } $this->show('user/editProfile', ['title' => "toetter | modifie ton profil"]); }
public function editPassword() { $authentificationManager = new AuthentificationManager(); $userManager = new UserManager(); $old_passwordError = ""; $passwordError = ""; if (!empty($_POST)) { foreach ($_POST as $k => $v) { ${$k} = trim(strip_tags($v)); } // On s'assure que l'ancien mot de passe est valide $result = $authentificationManager->isValidLoginInfo($_SESSION['user']['username'], $old_password); // Si c'est valide, if ($result > 0) { // On vérifie que les nouveaux mots de passe sont bien identiques if ($password != $confirmPassword) { $passwordError = "le mot de passe ne correspond pas !"; } // On hache le nouveau mot de passe $hashedPassword = password_hash($password, PASSWORD_DEFAULT); if ($userManager->update(['password' => $hashedPassword], $_SESSION['user']['id'])) { $refreshUser = $userManager->find($_SESSION['user']['id']); $_SESSION['user'] = $refreshUser; } } else { $old_passwordError = "Mauvais mot de passe !"; } } $data = ['old_passwordError' => $old_passwordError, 'passwordError' => $passwordError]; $this->show('user/edit_password', $data); }
public function register() { $am = new AuthentificationManager(); $userManager = new UserManager(); $error = ""; $username = ""; $email = ""; $firstname = ""; $lastname = ""; $streetname = ""; $phonenumber = ""; $zipcode = ""; $pic_name = "default.png"; $user_name_regex = "/^[\\p{L}0-9._-]{2,100}\$/u"; $adresse_regex = "^([\\d\\/-]*[\\h]?(bis|ter)?)[\\h]*([\\D]{3}.*)\$"; if (!empty($_POST)) { $email = trim(strip_tags($_POST['email'])); $username = trim(strip_tags($_POST['username'])); $password = trim(strip_tags($_POST['password'])); $confirm = trim(strip_tags($_POST['confirm'])); $firstname = trim(strip_tags($_POST['firstname'])); $lastname = trim(strip_tags($_POST['lastname'])); $streetname = trim(strip_tags($_POST['streetname'])); $zipcode = trim(strip_tags($_POST['zipcode'])); $phonenumber = trim(strip_tags($_POST['phonenumber'])); // username valide ? if (strlen($username) < 4) { $error = "Votre Pseudo doit comporter 4 lettres minimum !"; } if (!preg_match($user_name_regex, $username)) { $error = "Votre Pseudo ne doit pas contenir de caractère spéciaux !"; } if ($userManager->usernameExists($username)) { $error = "Ce Pseudo est deja utillisé !"; } // Email valide ? if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error = "Email non valide"; } if ($userManager->emailExists($email)) { $error = "Cet Email est deja utillisé !"; } // Adresse valide FAIL //if (!preg_match($adresse_regex, $streetname)) { // $error = "Votre adresse n'es pas valide !"; //} // ZIPCODE valide if ($zipcode <= "75000" || $zipcode >= "75021") { $error = "Vous devez habiter Paris pour vous inscrire à notre service !"; } // Téléphone valide if (preg_match("/^[0-9]{2}-[0-9]{2}-[0-9]{2}-[0-9]{2}\$/", $phonenumber)) { // $phonenumber is valid $error = "Votre numéro de téléphone n'est pas valide !"; } // 2er cihffre du Telephone coresponde a 01,02,03,04,05,06,07,08 ou 09 if (substr($phonenumber, 0, 2) < "01" || substr($phonenumber, 0, 2) > "09") { $error = "Votre numéro de téléphone n'est pas valide !"; } else { $containsLetter = preg_match('/[a-zA-Z]/', $password); $containsDigit = preg_match('/\\d/', $password); if (!$containsLetter || !$containsDigit) { $error = "Merci de choisir un mot de passe comportant au moins une lettre et un chiffre !"; } } // Password identiques ? if ($password != $confirm) { $error = "Vos mots de passe doivent être identiques !"; } //si valide... if (empty($error)) { //hasher le mot de passe $hash = password_hash($password, PASSWORD_DEFAULT); //insérer en base $newSubscriber = ["username" => $username, "email" => $email, "password" => $hash, "firstname" => $firstname, "lastname" => $lastname, "zip_code" => $zipcode, "street_name" => $streetname, "phone_number" => $phonenumber, "date_modified" => date("Y-m-d H:i:s"), "date_created" => date("Y-m-d H:i:s"), "pic_name" => $pic_name]; $userManager = new \Manager\UserManager(); $userManager->insert($newSubscriber); $am->LogUserIn($newSubscriber); $user = $this->getUser(); $this->redirectToRoute('catalogue'); } } /* Afficher la page */ $data = []; $data['error'] = $error; $data['username'] = $username; $data['email'] = $email; $data['firstname'] = $firstname; $data['lastname'] = $lastname; $data['zipcode'] = $zipcode; $data['streetname'] = $streetname; $data['phonenumber'] = $phonenumber; $data['pic_name'] = $pic_name; $this->show('user/register', $data); }