/**
* login process
*/
public static function login()
{
// form validation
if (!filter_input(INPUT_POST, "form_token") || Form::isFormTokenValid(filter_input(INPUT_POST, "form_token"))) {
View::setMessageFlash("danger", "Form tidak valid");
return FALSE;
}
if (!filter_input(INPUT_POST, "username") || !filter_input(INPUT_POST, "password")) {
View::setMessageFlash("danger", "Masukkan Username dan Password");
return FALSE;
}
$username = filter_input(INPUT_POST, "username", FILTER_SANITIZE_STRING);
$password = md5(filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING));
$mysqli = App::getConnection(true);
$sql = "SELECT user_id FROM users WHERE username='******' AND password='******'";
if (!($query = $mysqli->query($sql))) {
View::setMessageFlash("danger", $mysqli->error);
return FALSE;
}
if ($query->num_rows == 0) {
View::setMessageFlash("danger", "Username dan Password Salah");
return FALSE;
}
$row = $query->fetch_row();
$_SESSION['user_id'] = $row[0];
return TRUE;
}
private function saveProcess()
{
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
View::setMessageFlash("danger", "Form tidak valid");
return FALSE;
}
// form validation
if (!filter_input(INPUT_POST, "form_token") || Form::isFormTokenValid(filter_input(INPUT_POST, "form_token"))) {
View::setMessageFlash("danger", "Form tidak valid");
return FALSE;
}
// required fields
$filter = array("name" => FILTER_SANITIZE_STRING, "phone" => FILTER_SANITIZE_STRING, "address" => FILTER_SANITIZE_STRING);
$input = filter_input_array(INPUT_POST, $filter);
if (in_array('', $input) || in_array(NULL, $input)) {
View::setMessageFlash("danger", "Kolom tidak boleh kosong");
return FALSE;
}
// set member object
$staff = Authentication::getUser();
$staff->setData('name', $input['name']);
$staff->setData('phone', $input['phone']);
$staff->setData('address', $input['address']);
if (!($update = $staff->update())) {
View::setMessageFlash("danger", "Penyimpanan Gagal");
return;
}
View::setMessageFlash("success", "Penyimpanan Berhasil");
}
public static function auth()
{
// redirect to login page if id session is not exist
if (!Sessions::check('user_id')) {
self::redirectLogin();
}
// get user_id
$id = Sessions::get('user_id');
// self::$user = new User( $id );
$user = new User($id);
$user_role = $user->getRole();
switch ($user_role) {
case 'member':
$user = new Member($id);
break;
case 'staff':
$user = new Staff($id);
break;
case 'super_admin':
break;
default:
$user = null;
break;
}
self::$user = $user;
if (is_null(self::$user->getData())) {
View::setMessageFlash('danger', 'User Error');
self::redirectLogin(TRUE);
}
}
