function action_login() { $this->template->content = new View('kwalbum/user/login'); if (isset($_POST['act'])) { $user = Model_Kwalbum_User::login($_POST['name'], $_POST['password'], $_POST['length']); if ($user) { $this->template->content->success = true; $this->user = $user; $this->template->set_global('user', $this->user); } else { $this->template->content->error = '<p class="error">You\'re login name or password was wrong.</p>'; } } $this->template->title = 'Logging In'; }
public function action_upload() { if (!$this->user->is_logged_in) { if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="Upload"'); header('HTTP/1.1 401 Unauthorized'); die('Invalid login'); } $this->user = Model_Kwalbum_User::login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']); if (!$this->user) { die('Invalid login'); } } if (!$this->user->can_add) { $this->request->response()->status(500); die('You do not have permission to add items'); } if (!empty($_FILES)) { $adder = new Kwalbum_ItemAdder($this->user); $errors = array(); $files = array(); if (isset($_FILES['files'])) { $files = is_array($_FILES['files']) ? $_FILES['files'] : array($_FILES['files']); } elseif (isset($_FILES['userfile'])) { $files = array($_FILES['userfile']); } try { foreach ($files as $file) { $result = $adder->save_upload($file); if ($result != (int) $result) { $errors[] = $result; } } } catch (Exception $e) { $errors[] = $e->getMessage(); } if (!empty($errors)) { $this->request->response()->status(500); echo json_encode(array('errors' => $errors)); } else { echo 'success'; } return; } $this->request->response()->status(500); echo 'No files sent'; }