function indexAction()
{
$user = new usersModel();
$rs = $user->select('*');
$this->assign('title', 'rccoder sb');
$this->display();
}
public function deleteAction(Application $app, Request $request)
{
$usersModel = new usersModel($app);
$id = (int) $request->get('id', 0);
$user = $usersModel->getUser($id);
if (count($user)) {
$usersModel->deleteUser($id);
$app['session']->getFlashBag()->add('message', array('type' => 'success', 'content' => $app['translator']->trans('User deleted.')));
return $app->redirect($app['url_generator']->generate('users_index'), 301);
$this->view['id'] = $id;
} else {
return $app->redirect($app['url_generator']->generate('users_index'));
}
return $app['twig']->render('users/delete.twig', $this->view);
}
public function registerAction(Application $app, Request $request)
{
$data = array('login' => 'Login', 'password' => 'Password', 'mail' => 'Email', 'role_id' => '3');
$form = $app['form.factory']->createBuilder(new RegisterForm(), $data)->getForm();
$form->handleRequest($request);
if ($form->isValid()) {
$data = $form->getData();
$data['password'] = $app['security.encoder.digest']->encodePassword($data['password'], '');
$usersModel = new usersModel($app);
$usersModel->saveUser($data);
$app['session']->getFlashBag()->add('message', array('type' => 'success', 'content' => $app['translator']->trans('Welcome, you!')));
return $app->redirect($app['url_generator']->generate('main_index'), 301);
}
$this->view['form'] = $form->createView();
return $app['twig']->render('main/register.twig', $this->view);
}
private static function init()
{
if (!self::$loaded) {
self::$db = new DataBase();
self::$loaded = true;
}
self::$db->Connect();
}
private function Authorize($login, $password)
{
if (authModel::checkInBase($login, $password)) {
classModel::setSession(array('login' => true));
// set loggined user data
authModel::$userData = usersModel::getUser("login_user = '******' AND " . "password_user = '******'");
// write to session
classModel::setSession(array('userData' => authModel::$userData));
// go to main admin page
header("Location: " . $this->makeURI(array('controller' => 'archive')));
exit;
} else {
authModel::$errors[] = 'Wrong login\\password';
}
return null;
}
public static function tryLogin($login, $password = "")
{
$query = usersModel::getUserByName($login);
if (count($query) == 0) {
return false;
}
$query = $query[0];
// If password db field is not empty, use MD5
if (strlen($query['password']) > 0) {
$password = md5($password);
}
if ($query['password'] == $password) {
$_SESSION['userID'] = $query['id'];
$_SESSION['ttl'] = time() + self::$ttl;
return true;
}
return false;
}
public function performFormAction()
{
$result = array();
if (check_RequestMethod()) {
if ($this->checkData($_POST)) {
if ($_POST['id_user'] == "new") {
$user_data = usersModel::getUser("login_user = '******'login_user']) . "'");
print usersModel::createUser($_POST);
} else {
usersModel::updateUser($_POST);
}
} else {
$result['errors'] = usersModel::$errors;
}
set_Json_header();
print json_encode($result);
exit;
} else {
_404();
}
}
/**
* @param $login
* @param $password
* @return int
* Check login\password pare in base
*/
public static function checkInBase($login, $password)
{
return usersModel::checkInBase($login, $password);
}
<?php
require_once './app/models/userMod.php';
$uMod = new usersModel();
if (isset($_POST['fname'])) {
$uMod->register($_POST['fname'], $_POST['lname'], $_POST['uname'], $_POST['pass'], $_POST['email'], $_POST['terms']);
} elseif (isset($_GET['password'])) {
$uMod->login($_GET['username'], $_GET['password']);
} elseif (isset($_FILES['userfile'])) {
$imageUp = $uMod->upload($_SESSION['userId'], $_SESSION['username'], $_FILES['userfile'], $_POST['title'], $_POST['description']);
$images = $uMod->getImgs($_SESSION['userId']);
header("Location: ./");
} elseif (isset($_GET['logout'])) {
session_destroy();
header("Location: ./");
} elseif (isset($_SESSION['userId']) && !isset($_GET['photostream']) && !isset($_GET['upload'])) {
$images = $uMod->getImgs($_SESSION['userId']);
require_once 'app/views/photostream.php';
} elseif (isset($_SESSION['userId']) && isset($_GET['photostream'])) {
$images = $uMod->getImgs($_SESSION['userId']);
require_once 'app/views/photostream.php';
} elseif (isset($_SESSION['userId']) && isset($_GET['upload'])) {
require_once 'app/views/upload.php';
}
public static function remove($uid)
{
$um = new usersModel();
$um->delete($uid);
}
<?php
require_once 'models/userMod.php';
$uMod = new usersModel();
if (isset($_GET['yaPass'])) {
$uMod->login($_GET['yaName'], $_GET['yaPass']);
} elseif (isset($_GET['userId'])) {
$clients = $uMod->getClients();
require_once 'views/userpage.php';
} elseif (isset($_GET['delClient'])) {
$uMod->deleteClient($_GET['delClient']);
header('Location: ./');
} elseif (isset($_GET['update'])) {
$uMod->update($_GET['id'], $_GET['title'], $_GET['message']);
header('Location: ./?clientId=' . $clientId);
} elseif (isset($_GET['delete'])) {
$uMod->delete($_GET['id']);
header('Location: ./?clientId=' . $_GET['clientId']);
} elseif (isset($_GET['title'])) {
$uMod->insert($_GET['clientId'], $_GET['title'], $_GET['message']);
header('Location: ./?clientId=' . $_GET['clientId']);
} elseif (isset($_GET['signout'])) {
session_destroy();
header('Location: index.php');
} elseif (isset($_GET['newClient'])) {
$uMod->newClient($_GET['newClient']);
header('Location: index.php');
} elseif (isset($_GET['clientId'])) {
$messages = $uMod->getMsgs($_GET['clientId']);
require_once 'views/msgview.php';
} elseif (isset($_SESSION['userId'])) {
public function sessionPageStart($pageID, $currentIP)
{
$this->storgeCheck();
$this->authSetting->pageID = $pageID;
if ($this->sessionID != null) {
//$GLOBALS['registry']->db->setDebug(DEBUG_FULL_MODE);
$this->authSetting->userObject = $GLOBALS['registry']->db->getRecord('users', 'u.*', USERS_TABLE . ' u,' . SESSIONS_TABLE . ' s', 'AND u.User_Status = ' . ACTIVE_STATUS . ' AND s.User_ID = u.User_ID AND s.Session_ID = \'' . $this->sessionID . '\'');
if (!is_object($this->authSetting->userObject)) {
$this->errorHandle(ERR_NO_EXISTS_USER_LOGIN_KEY);
} else {
$sessionIPCheck = substr($this->sessionUser->sessionIP, 0, 6);
$currentIPCheck = substr($currentIP, 0, 6);
if ($sessionIPCheck == $currentIPCheck) {
//check if the ip login == ip in the session
//$SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? $session_id : '';
if ($this->authSetting->currentTime - $userObject->User_Session_Time > 60) {
$sessionsModel = new sessionsModel();
$sessionsModel->Session_Time = $this->authSetting->currentTime;
$sessionsModel->Session_Page = $this->authSetting->pageID;
$sessionsModel->setCondition(array('Session_ID' => $this->sessionID));
//$update_admin = (!defined('IN_ADMIN') && $current_time - $user['session_time'] > ($config['session_length']+60)) ? ', session_admin = 0' : '';
if (!$GLOBALS['registry']->db->editStmtPrep($sessionsModel, true) > 0) {
$this->errorHandle(ERR_UPDATE_SESSION_LOGIN_KEY);
}
if ($this->authSetting->userID != ANONYMOUS) {
$usersModel = new usersModel();
$usersModel->User_Session_Time = $this->authSetting->currentTime;
$usersModel->User_Session_Page = $this->authSetting->pageID;
$usersModel->setCondition(array('user_ID' => $this->authSetting->userID));
if (!$GLOBALS['registry']->db->editStmtPrep($usersModel, true) > 0) {
$this->errorHandle(ERR_UPDATE_USER_LOGIN_KEY);
}
}
$this->cleanSession();
$this->saveSession();
}
if (isset($this->sessionData['autologinID']) && $this->sessionData['autologinID'] != '') {
$this->sessionUser->sessionKey = $this->sessionData['autologinID'];
}
return $this->sessionUser;
}
}
$this->authSetting->userID = isset($this->sessionData['userID']) ? intval($this->sessionData['userID']) : ANONYMOUS;
if (!($this->sessionUser = $this->sessionUserBegin())) {
$this->errorHandle(ERR_CREATE_USER_SESSION_KEY);
}
}
return $this->sessionUser;
}
public function getLevel($id)
{
if (empty(self::$conn)) {
self::$conn = $this->connect_pdo();
}
$sql = "SELECT vaitro \n\t\t\t\t\tFROM users AS u\n\t\t\t\t\tLEFT JOIN level AS l\n\t\t\t\t\t\tON l.level=u.level\n\t\t\t\t\tWHERE u.id=?";
$stmt = self::$conn->prepare($sql);
$stmt->bindParam(1, $id);
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$users = $stmt->fetch();
return $users['vaitro'];
}
