public function login($username, $password)
{
//valider login
//valider password
//pour éviter sql injection
//$userdao = new UserDao(new User());
//$userdao->test();
// $dao = new DAO(array('username' =>$username, 'password' =>$password), $this->table );
//$user = $dao->select();
$userDao = new UserDao(new User());
//$where = array('email'=>"$email");
$user = $userDao->getRow(array('username' => $username, 'password' => $password));
if (isset($user)) {
require_once WEBAPPROOT . 'security/UserSession.php';
$session = new UserSession();
$session->start();
$session->set($user);
//var_dump($session->get());
return $user;
}
}
function index()
{
$success = array('success' => '1');
if (isset($_POST['email'])) {
$email = trim($_POST['email']);
$userDao = new UserDao(new User());
$where = array("email" => $email);
$user = $userDao->getRow($where);
if ($user) {
$id = $user->getId();
$user->setIs_admin(1);
$userDao = new UserDao($user);
$userDao->update($id);
} else {
$success = array('success' => '0');
}
}
$userDao = new UserDao(new User());
$where = array("is_admin" => '1');
$list = $userDao->getAllDataActive($where);
$this->set(array("membres" => $list, "success" => $success));
$this->render("administrateur");
}
function userExist($where)
{
$userDao = new UserDao(new User());
//$where = array('email'=>"$email");
return $userDao->getRow($where);
}
