예제 #1
0
 public function mailPasswordRecovery($token, $id)
 {
     unset($_SESSION['error']);
     if (isset($token) && isset($id)) {
         $usermanager = new \Manager\UserManager();
         $auth = new \W\Security\AuthentificationManager();
         $user = $usermanager->find($id);
         $tokenVerif = $user['token'];
         if (password_verify($token, $tokenVerif)) {
             $usermanager->update(['token' => '', 'token_timestamp' => 0], $id);
             $auth->logUserIn($user);
             $_SESSION['error']['forgetpassword'] = "******";
             $this->show('user/changepassword', ['id' => $id]);
         } else {
             $_SESSION['error']['forgetpassword'] = "******";
         }
     } else {
         $_SESSION['error']['forgetpassword'] = "******";
     }
     $this->show('default/home');
 }
 public function changePassword($token)
 {
     // je regarde si le token existe en DB
     $tokenManager = new \Manager\TokenManager();
     $tokenExist = $tokenManager->tokenExists($token);
     if ($tokenExist) {
         // a la 1ere arrivée sur la page, le formulaire n'a pas été soumis
         // je regarde si l'utilisateur a mis les 2 même mot de passe
         if (isset($_POST['password']) && isset($_POST['password-confirm']) && !empty($_POST['password']) && !empty($_POST['password-confirm'])) {
             // je compare si les mots de passe sont egaux
             if ($_POST['password'] == $_POST['password-confirm']) {
                 // mise a jour du mot de passe
                 $userManager = new \Manager\UserManager();
                 $updateUser = $userManager->update(['password' => password_hash($_POST['password'], PASSWORD_DEFAULT)], $tokenExist['id_users']);
                 if ($updateUser) {
                     // suppresion du token
                     $tokenManager->delete($tokenExist['id']);
                     $this->redirectToRoute('login');
                 }
             } else {
                 $this->show('user/change_password', ['token' => $token, 'errorPass' => true]);
             }
         }
         $this->show('user/change_password', ['token' => $token]);
     }
     //le token n'existe pas en DB
     $this->show('user/change_password', ['errorToken' => true]);
 }
예제 #3
0
 public function forgetpassword()
 {
     unset($_SESSION['error']);
     if ($_POST) {
         if (\isIsset($_POST)) {
             $emailPasswordRecovery = $_POST['emailPasswordRecovery'];
             if (filter_var($emailPasswordRecovery, FILTER_VALIDATE_EMAIL)) {
                 $usermanager = new \Manager\UserManager();
                 if ($usermanager->emailExists($emailPasswordRecovery)) {
                     $user = $usermanager->getUserByUsernameOrEmail($emailPasswordRecovery);
                     if (\isComfirmedAccount($user['id'])) {
                         //On ne peut pas réinitialiser son password si le compte n'est pas confirmé
                         $token = \W\Security\StringUtils::randomString(32);
                         $tokentime = time() + 20 * 60;
                         $usermanager->update(['token' => password_hash($token, PASSWORD_DEFAULT), 'token_timestamp' => $tokentime], $user['id']);
                         $lien = '<a href="' . $this->generateUrl('mailPassword', ['token' => $token, 'id' => $user['id']], true) . '">http://www.mudeo.com/verif/u675CXIV9YOLHbYIjhgc8O7UNM</a>';
                         $lien_img = "od972.free.fr/logo.png";
                         $msg = "<img src='" . $lien_img . "' style='width:100px;height:100px'/> <h2>Mudéo </h2>";
                         $msg .= "<h4>MFF Corp.</h4><br/><br/>";
                         $msg .= "Pour pouvoir changer votre mot de passe <span style='font-weight:bold;'>" . strtoupper($user['username']) . "</span>. Veuillez cliquer sur le lien suivant qui vous redirigera vers notre site<br/><br/>" . $lien;
                         require_once 'assets/inc/mailer.php';
                         smtpmailer('*****@*****.**', '*****@*****.**', 'Admin', 'Vérification de la création de compte Mudéo', $msg);
                         if (isset($errorMail)) {
                             $_SESSION['error']['forgetpassword'] = $error;
                         } else {
                             $_SESSION['error']['forgetpassword'] = "******";
                         }
                     } else {
                         $_SESSION['error']['forgetpassword'] = "******" . $user['email'] . " avant de pouvoir utiliser cette fonctionalité";
                     }
                 } else {
                     $_SESSION['error']['forgetpassword'] = "******";
                 }
             } else {
                 $_SESSION['error']['forgetpassword'] = "******";
             }
         } else {
             $_SESSION['error']['forgetpassword'] = "******";
         }
     }
     $this->show('Default/home');
 }
예제 #4
0
 public function controlProfilModify()
 {
     unset($_SESSION['error']);
     if ($_POST) {
         if (isset($_POST['nom'])) {
             $login = $_POST['nom'];
         }
         if (isset($_POST['user_mail'])) {
             $email = $_POST['user_mail'];
         }
         if (isset($_POST['birthday'])) {
             $birthday = $_POST['birthday'];
         }
         if (isset($_POST['country'])) {
             $country = $_POST['country'];
         }
         if (isset($_POST['bio'])) {
             $bio = $_POST['bio'];
         }
         if (preg_match("#^([A-Z]|[a-z])(a-z)*(_)?[a-z]+\$#", $login)) {
             if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
                 $urlphoto = \uploadUserPicture();
                 $usermanager = new \Manager\UserManager();
                 $usermanager->update(['username' => $login, 'urlpicture' => $urlphoto, 'email' => $email, 'birthday' => $birthday, 'country' => $country, 'biography' => trim($bio)], $_SESSION['user']['id']);
                 // die('rrrr');
                 $user = $usermanager->getUserByUsernameOrEmail($email);
                 $auth = new \W\Security\AuthentificationManager();
                 $auth->logUserIn($user);
                 $_SESSION['error']['controlProfilModify'] = "Votre profil a bien été modifié ! ";
             } else {
                 $_SESSION['error']['controlProfilModify'] = "L'email n'est pas dans un format valide ! ";
             }
         } else {
             $_SESSION['error']['controlProfilModify'] = "Le login ne peut comporter de caractère spéciaux ( [ { / \\ & # @ ] } ) ainsi que les accents! ";
         }
     }
     $this->redirectToRoute('profilmodify');
 }
예제 #5
0
 /**
  * Page de modification du profil 
  */
 public function profile($username)
 {
     $error = array();
     $isValid = true;
     //  on crée l'instance UserManager
     $userManager = new \Manager\UserManager();
     // on crée une instance security manager
     $authentificationManager = new \W\Security\AuthentificationManager();
     // - on récupère l'utilisateur connecté
     $userConnect = $authentificationManager->getLoggedUser();
     // formulaire soumis ?
     if ($_POST) {
         $username = $_POST['username'];
         $lastname = $_POST['lastname'];
         $firstname = $_POST['firstname'];
         $birthyear = $_POST['birthyear'];
         $sex = $_POST['sex'];
         $job = $_POST['job'];
         $instructorDescription = $_POST['instructorDescription'];
         $studentDescription = $_POST['studentDescription'];
         // validation des données => à coder
         $isValid = true;
         // Contrôle des champs obligatoires sur la formation
         $validator = new \Utils\FormValidator();
         $validator->validateNotEmpty($username, "username", "Le pseudo est obligatoire !");
         $validator->validateNotEmpty($lastname, "lastname", "Saisir votre nom !");
         $validator->validateNotEmpty($firstname, "firstname", "Saisir votre prénom !");
         $validator->validateNotEmpty($birthyear, "birthyear", "Saisir votre année de naissance !");
         $validator->validateNotEmpty($sex, "sex", "Indiquer votre sexe !");
         $validator->validateNotEmpty($job, "job", "Saisir votre métier !");
         $validator->validateNotEmpty($instructorDescription, "instructorDescription", "Saisir votre description en tant que formateur !");
         $validator->validateNotEmpty($studentDescription, "studentDescription", "Saisir votre description en tant qu'étudiant !");
         if ($validator->isValid()) {
             $validator->validateYear($birthyear, "birthyear", "Votre année de naissance doit être comprise entre 1900-2099 !");
             $validator->validateCharacter($username, "username", "Le pseudo comporte des caractères interdits !");
         }
         if (!$validator->isValid()) {
             $error = $validator->getErrors();
             $isValid = false;
         }
         if ($isValid) {
             // 1 - on crée l'instance
             $userManager = new \Manager\UserManager();
             if ($userConnect['username'] != $username) {
                 if ($userManager->usernameExists($username)) {
                     $isValid = false;
                     $error['username'] = '******';
                 }
             }
         }
         // upload du fichier
         if ($_FILES['image']['size'] != 0) {
             $file = new \Utils\ImageUpload($_FILES['image'], 'assets/img/users/');
             $file->uploadFile();
             $file->reduceImage(false);
             if (!$file->isValid()) {
                 $isValid = false;
                 $error['image'] = $file->getErrors();
             } else {
                 $error['image'] = 'img/users/' . $file->getFileName();
                 $_SESSION['image_user'] = $file->getFileName();
             }
         } else {
             $_SESSION['image_user'] = '******';
         }
         // si c'est valide
         if ($isValid) {
             // Mise à jour dans la base de données
             // 2 - on appelle la méthode update
             $user = $userManager->update(["username" => $_POST['username'], "lastname" => $_POST['lastname'], "firstname" => $_POST['firstname'], "birthyear" => $_POST['birthyear'], "sex" => $_POST['sex'], "job" => $_POST['job'], "instructorDescription" => $_POST['instructorDescription'], "studentDescription" => $_POST['studentDescription'], "image" => $_SESSION['image_user']], $userConnect['id']);
             // on met à jour les données utilisateurs
             $authentificationManager->refreshUser();
             $userConnect = $authentificationManager->getLoggedUser();
         }
     } else {
         $_POST = $userConnect;
     }
     // 3 - on affiche la page si user trouvé
     if ($userConnect) {
         if ($userConnect['image'] == '') {
             $error['image'] = 'imageprofildefaut.png';
         } else {
             $error['image'] = $userConnect['image'];
         }
         if ($userConnect['username'] == $username) {
             $this->show('user/profile', ['error' => $error]);
         }
     }
     // Sinon on redirige vers une page erreur
     $this->showForbidden();
 }