function action_index()
{
$data = '';
if ($_POST) {
try {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
//checking entered data
if (empty($username) || empty($password)) {
throw new Exception("All fields are required!", 1);
}
// check if user exists
$userD = $this->model->userExists($username, 'username');
if (!$userD) {
throw new Exception("Incorrect username or password.", 1);
}
if (password_verify($password, $userD['password'])) {
Session::set('admin', $username);
Session::addNotification('Successfully logged in!', 'success');
Redirect::url('/');
} else {
throw new Exception("Incorrect username or password.", 1);
}
} catch (Exception $e) {
// defining message of error
$data["access_denied"] = $e->getMessage();
}
}
$this->view->generate('login_view.php', 'template_view.php', $data);
}
public function logout()
{
unset($_SESSION['adminId']);
unset($_SESSION['adminEmail']);
textMsg("Logout Success", "success");
Redirect::url("administrator");
exit;
}
function isAdminLogin()
{
if (isset($_SESSION['adminId'])) {
return 1;
} else {
Redirect::url("administrator");
exit;
}
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle($request, Closure $next)
{
if (env('APP_ENV') === 'testing') {
return $next($request);
}
if (Auth::guest() || !Auth::user()->can('accessDashboard')) {
return \Redirect::url('/');
}
return $next($request);
}
function action_index()
{
$data = '';
if ($_POST) {
try {
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$password2 = trim($_POST['password2']);
$email = trim($_POST['email']);
$registered = time();
$hashedpassword = password_hash($password, PASSWORD_DEFAULT);
$activation_key = md5(uniqid(rand(), true));
// verify data
if (empty($username) || empty($password) || empty($email)) {
throw new Exception("All fields are required", 1);
}
if ($password !== $password2) {
throw new Exception("Please verify your password correclty!", 1);
}
// allow only alphanumeric, hyphen and underscores
if (preg_match('/[^a-z_\\-0-9]/i', $username)) {
throw new Exception("Username cannot have any space. It MUST be one word with 6 or more characters.", 1);
}
if (strlen($username) < 6) {
throw new Exception("Username MUST be 6 or more characters.", 1);
}
if ($this->model->isRegistered($username, 'username')) {
throw new Exception("Username is already taken", 1);
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
throw new Exception("Please use a valid email address!", 1);
}
if ($this->model->isRegistered($email, 'email')) {
throw new Exception("Email is invalid or already taken", 1);
}
$userData = [$username, $hashedpassword, $email, $registered, $activation_key];
$insertUser = $this->model->addUser($userData);
if ($insertUser) {
Session::addNotification('Your account was successfully created!', 'success');
Redirect::url('/login');
} else {
throw new Exception("An error has occured!", 1);
}
} catch (Exception $e) {
$data["access_denied"] = $e->getMessage();
}
}
$this->view->generate('register_view.php', 'template_view.php', $data);
}
public function control()
{
$url = isset($_GET['url']) ? $_GET['url'] : null;
$url = trim($url, "/");
$url = filter_var($url, FILTER_SANITIZE_URL);
if (!empty($url)) {
$requestString = explode("/", $url);
} else {
$requestString = null;
}
if (!empty($requestString)) {
$controllerName = strtolower($requestString[0]);
if (file_exists('./Controller/' . $controllerName . '.php')) {
require_once './Controller/' . $controllerName . '.php';
$controller = new $controllerName();
if (!isset($requestString[1])) {
$actionName = "index";
} else {
$actionName = $requestString[1];
}
if (method_exists($controller, $actionName)) {
if (empty($requestString[2])) {
$controller->{$actionName}();
} else {
$data = $requestString[2];
$controller->{$actionName}($data);
}
} else {
Redirect::url("home/notFound");
exit;
}
} else {
Redirect::url("home/notFound");
exit;
}
} else {
$controllerName = DefaultController;
$actionName = DefaultFuncation;
require_once './Controller/' . $controllerName . '.php';
$controller = new $controllerName();
if (method_exists($controller, $actionName)) {
$controller->{$actionName}();
} else {
Redirect::url("home/");
exit;
}
}
}
public function control()
{
echo $url = isset($_GET['url']) ? $_GET['url'] : null;
exit;
$requestUrl = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$requestString = substr($requestUrl, strlen(BASEURL));
if (!empty($requestString)) {
$requestString = substr($requestString, 0);
$urlParams = explode('/', $requestString);
$controllerName = strtolower(ucfirst(array_shift($urlParams)));
$actionName = strtolower(array_shift($urlParams));
if (empty($actionName)) {
Redirect::url();
exit;
}
if (file_exists('./Controller/' . $controllerName . '.php')) {
require_once './Controller/' . $controllerName . '.php';
$controller = new $controllerName();
if (method_exists($controller, $actionName)) {
if (empty($urlParams)) {
$controller->{$actionName}();
} else {
$data = $urlParams[0];
$controller->{$actionName}($data);
}
} else {
Redirect::url("home/notFound");
exit;
}
} else {
Redirect::url("home/notFound");
exit;
}
} else {
$controllerName = DefaultController;
$actionName = DefaultFuncation;
require_once './Controller/' . $controllerName . '.php';
$controller = new $controllerName();
if (method_exists($controller, $actionName)) {
$controller->{$actionName}();
} else {
Redirect::url("home/");
exit;
}
}
}
public function changePassword()
{
if (Input::exists("opass") || Input::exists("npass") || Input::exists("cpass")) {
$opass = Input::get("opass");
$npass = Input::get("npass");
$cpass = Input::get("cpass");
if (empty($opass) || empty($npass) || empty($cpass)) {
textMsg("Required fields are empty.", "error");
Redirect::url("shippingUser/setting");
exit;
} else {
if ($npass == $cpass) {
$user = User::find($_SESSION['userId']);
$check = Pass::verify($user->password, $opass);
if ($check) {
$user->password = Pass::hash($npass);
if ($user->save()) {
textMsg("password has been updated.", "success");
Redirect::url("shippingUser/setting");
exit;
} else {
textMsg("Something went wrong try again.", "error");
Redirect::url("shippingUser/setting");
exit;
}
} else {
textMsg("Old password did not match.", "error");
Redirect::url("shippingUser/setting");
exit;
}
} else {
textMsg("Confirm password did not match.", "error");
Redirect::url("shippingUser/setting");
exit;
}
}
} else {
textMsg("Something went wrong try again.", "error");
Redirect::url("shippingUser/dashboard");
exit;
}
}
protected function download(\Concrete\Core\File\File $file, $rcID = null)
{
$filename = $file->getFilename();
$file->trackDownload($rcID);
$fsl = $file->getFileStorageLocationObject();
$configuration = $fsl->getConfigurationObject();
$fv = $file->getVersion();
if ($configuration->hasPublicURL()) {
return \Redirect::url($fv->getURL())->send();
} else {
return $fv->forceDownload();
}
}
public function UserPasswordReset()
{
if (Input::exists("key") || Input::exists("uId") || Input::exists("autnKey") || Input::exists("npass") || Input::exists("cpass")) {
$key = Input::get("key");
$uId = Input::get("uId");
$authKey = Input::get("autnKey");
$npass = Input::get("npass");
$cpass = Input::get("cpass");
if (empty($key) || empty($uId) || empty($authKey) || empty($npass) || empty($cpass)) {
textMsg("unable to do this action.", "error");
Redirect::url("home/index");
exit;
} else {
if ($_SESSION['key'] == $authKey) {
if ($npass == $cpass) {
$user = User::all(['id' => $uId])[0];
if (count($user) > 0) {
if ($key == $user->key) {
$code = md5(time() . "aas^5s&dw#2" . rand());
$code = str_replace(array('/', '\\/'), '', Pass::hash($code));
$user->password = Pass::hash($npass);
$user->key = $code;
if ($user->save()) {
textMsg("Password has been reset successfully.", "success");
Redirect::url("home/index");
exit;
}
} else {
textMsg("Invalid key to reset password.", "error");
Redirect::url("home/index");
exit;
}
} else {
textMsg("User did not find.", "error");
Redirect::url("home/index");
exit;
}
} else {
textMsg("Confirm password did not match.", "error");
Redirect::url("home/index");
exit;
}
} else {
textMsg("You are roobot.", "error");
Redirect::url("home/index");
exit;
}
}
}
}
function __construct()
{
Session::destroy();
Redirect::url('/');
}
