public function Delete($files, \Slim\Slim &$app, $page)
{
$obj = new Files();
$obj->parseFile($files);
$user_id = $obj->user_id;
//$cookieDB = $obj->cookie;
$cookie = $app->getCookie('username');
$db = $app->db;
$logged = new Logged();
$id = $logged->getLogged($db, $cookie);
//checking of the user is registered in Users table as the user or anonymous which added this file and getting his id
if ($id == $user_id) {
$foo = new Foo();
$foo->token = $page;
$mapper = new FooMapper($db);
$files = $mapper->delete($foo);
$path = $obj->path;
$filename = "uploads/" . $path;
//deleting file from the folder
unlink($filename);
$app->redirect('/TwigBlog/');
} else {
$app->error();
}
}
/**
* authorize users with a valid token
*
* users without a valid token are
* forbidden(code: 401) from proceeding.
**/
public function handle(\Slim\Slim $app)
{
$token_cookie = $app->getCookie(AuthController::TOKEN_COOKIE);
if (empty($token_cookie)) {
$app->response->setStatus(401);
$app->response->finalize();
return $app->response->finalize();
}
$token = TokenModel::findToken($token_cookie);
if ($token == null) {
$app->response->setStatus(401);
$app->response->finalize();
return $app->response->finalize();
}
}
// to a numeric `id` field on the Contacts database table.
\Slim\Route::setDefaultConditions(array('id' => '[0-9]{1,}'));
// Autentification
// POST sends username and password na route /login
// route /login catches POST request and sets setEncryptedCookie('username', $username, '1 day');
// When you call get(/article .... $checkLoggedOn($app) is called
// $checkLoggedOn = function ($app) validates and if user password is valid will return true
// and rest of get(/article route will be triggered
function isValidLogin($username, $password)
{
// return true;
return $username == 'Greg' && $password == 'letMeIn';
}
$authenticateUser = function ($app) {
return function () use($app) {
if (!isValidLogin($app->getCookie('username'), $app->getCookie('password'))) {
$app->halt(401);
// Unauthorized access
}
};
};
$app->post('/login', function () use($app) {
try {
// get user and pass from post if from form as dataType=html
//$username = $app->request->post('username');
//$password = $app->request->post('password');
// get user and pass from post - get and decode JSON request body
$body = $app->request()->getBody();
$input = json_decode($body);
$username = (string) $input->username;
$password = (string) $input->password;
}
}
$app->redirect('/admin/settings');
});
$app->get('/admin(/page/:page)', function ($page = 1) use($app, $container) {
$images = $container['imageService']->findAll();
$paginator = $container['pagination']->newPaginator($images, $page, 25);
$projectDay = $container['imageService']->getProjectDay();
$daysLeft = 365 - $projectDay;
$photoCount = $container['imageService']->countImages();
$percentage = $photoCount / $projectDay * 100;
$viewData = array('images' => $images, 'paginator' => $paginator, 'pages' => $paginator->getPages(), 'projectDay' => $projectDay, 'photoCount' => $photoCount, 'percentage' => $percentage, 'daysLeft' => $daysLeft);
$app->render('admin/index.html', $viewData);
});
$app->get('/admin/settings', function () use($app) {
$user = json_decode($app->getCookie('identity'), true);
$app->render('admin/settings.html', array('user' => $user));
});
$app->post('/admin/user', function () use($app, $container) {
$user = json_decode($app->getCookie('identity'), true);
$params = $app->request()->post();
$email = filter_var($params['email'], FILTER_SANITIZE_EMAIL);
if (filter_var($email, FILTER_VALIDATE_EMAIL) && $email != $user['email']) {
$container['userService']->updateEmail($user, $email);
$app->log->info(sprintf('Email changed from %s to %s', $user['email'], $email));
$app->flash('emailSuccess', 'Your email is now ' . $email);
}
if ($params['form-type'] == 'change-password' && $params['password']) {
$app->log->info(sprintf('About to change password for %s', $user['email']));
try {
$result = $container['userService']->changePassword($user['email'], $params['password'], $params['new-password'], $params['confirm-password']);
// $user = $_SESSION['user'];
// }
if (isset($_SESSION['sid'])) {
$sid = $_SESSION['sid'];
}
if (isset($_SESSION['usr'])) {
$usr = $_SESSION['usr'];
}
$app->view()->setData('usr', $usr);
$app->view()->setData('sid', $sid);
});
/**
* HOME ROUTE
**/
$app->get('/', function () use($app, $dl) {
$app->render('home.twig', array('code' => $app->getCookie('code'), 'email' => $app->getCookie('email'), 'album' => $app->getCookie('album'), 'subscribe' => $app->getCookie('subscribe'), 'albums' => $dl->get_albums()));
})->name('home');
/**
* HOME ROUTE POST HANDELING
**/
$app->post('/', function () use($app, $dl, $mail) {
// setup variables from the incoming post
$album = $app->request->post('album');
$email = $app->request->post('email');
$code = strtoupper($app->request->post('code'));
$subscribe = $app->request->post('mailing_list');
$address = $app->request->post('address');
// Set current entries to cookies
$app->setCookie('code', $code);
$app->setCookie('email', $email);
$app->setCookie('album', $album);
/**
* Returns the contents of storage
*
* Behavior is undefined when storage is empty.
*
* @throws Zend_Auth_Storage_Exception If reading contents from
* storage is impossible
* @return mixed
*/
public function read()
{
$value = $this->app->getCookie($this->cookieName);
return json_decode($value, true);
}
