public function register()
{
if (isset($_POST['username']) && isset($_POST['password']) && isset($_POST['confirmPassword']) && isset($_POST['email'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$cPassword = $_POST['confirmPassword'];
$email = $_POST['email'];
if ($password != $cPassword) {
header('Location: /php_project/application/public/');
}
$cleaner = new \Framework\Common();
$newUser['username'] = $cleaner->normalize($username, 'trim|xss|string');
$newUser['password'] = $cleaner->normalize($password, 'trim|xss|string');
$newUser['email'] = $cleaner->normalize($email, 'trim|xss|string');
$userDb = new \Models\User();
$user = $userDb->add($newUser);
if (!is_numeric($user)) {
header('Location: /php_project/application/public/');
exit;
} else {
$this->loginAfterRegister($user, $newUser['username']);
}
}
$this->view->appendToLayout('body', 'register');
$this->view->display('layouts.default');
}
public function login()
{
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$cleaner = new \Framework\Common();
$username = $cleaner->normalize($username, 'xss|string');
$password = $cleaner->normalize($password, 'xss|string');
$userDb = new \Models\User();
$user = $userDb->getUser($username)[0];
if (!$user || $user['password'] != $password) {
header('Location: /php_project/application/public/');
}
$_SESSION['userId'] = $user['user_id'];
$_SESSION['username'] = $user['username'];
$_SESSION[$user['type']] = true;
if ($user['type'] == 'admin') {
header('Location: /php_project/application/public/admin/index');
} else {
if ($user['type'] == 'editor') {
header('Location: /php_project/application/public/editor/index');
} else {
header('Location: /php_project/application/public/user/index');
}
}
}
$this->view->appendToLayout('body', 'login');
$this->view->display('layouts.default');
}
public function edit()
{
if (!isset($_SESSION['userId']) && $_SESSION['editor'] != true && $_SESSION['admin'] != true) {
header('Location: /php_project/application/public/');
exit;
}
$category_id = $this->input->get(0);
$categoryDb = new \Models\Category();
$category = $categoryDb->get('category_id = ' . $category_id)[0];
if (isset($_POST['name'])) {
$cleaner = new \Framework\Common();
$name = $cleaner->normalize($_POST['name'], 'trim|xss|string');
if ($name == $category['name']) {
header('Location: /php_project/application/public/editor/index');
exit;
}
$updateCategory = array();
$updateCategory['name'] = $name;
$updateCategory['category_id'] = $category_id;
$categoryDb->update('category', $updateCategory);
header('Location: /php_project/application/public/editor/index');
exit;
}
if (!is_numeric($category_id) || !$category) {
header('Location: /php_project/application/public/');
exit;
}
$this->view->appendToLayout('body', 'editCategory');
$this->view->display('layouts.default', $category);
}
public function cash()
{
if (!isset($_SESSION['userId'])) {
header('Location: /php_project/application/public/');
exit;
}
if ($this->user == null) {
$this->getUser();
}
if (isset($_POST['cash']) && isset($_POST['password'])) {
$cash = $_POST['cash'];
$password = $_POST['password'];
$cleaner = new \Framework\Common();
$password = $cleaner->normalize($password, 'trim|xss|string');
$editUser['cash'] = $cleaner->normalize($cash, 'trim|xss|double');
$editUser['user_id'] = $_SESSION['userId'];
if ($this->user[0]['password'] != $password) {
header('Location: /php_project/application/public/user/profile');
} else {
$cash = $cleaner->normalize($this->user[0]['cash'], 'float');
$editUser['cash'] += $cash;
$userDb = new \Models\User();
$userDb->update('user', $editUser);
}
header('Location: /php_project/application/public/user/profile');
}
$this->view->appendToLayout('body', 'cash');
$this->view->display('layouts.default', $this->user);
}
public function add()
{
if (!isset($_SESSION['userId']) && $_SESSION['admin'] != true) {
header('Location: /php_project/application/public/');
exit;
}
if (isset($_POST['name'])) {
$cleaner = new \Framework\Common();
$newCat = array();
$newCat['name'] = $cleaner->normalize($_POST['name'], 'trim|xss|string');
$newCat['user_id'] = $_SESSION['userId'];
$categoryDb = new \Models\Category();
$categoryDb->add($newCat);
header('Location: /php_project/application/public/editor/index');
exit;
}
$this->view->appendToLayout('body', 'addPromotion');
$this->view->display('layouts.default');
}
public function edit()
{
if (!isset($_SESSION['userId']) && $_SESSION['editor'] != true && $_SESSION['admin'] != true) {
header('Location: /php_project/application/public/');
exit;
}
$productDb = new \Models\Product();
$product_id = $this->input->get(0);
if (isset($_POST['name']) || isset($_POST['description']) || isset($_POST['price']) || isset($_POST['quantity'])) {
$updateProduct = array();
$cleaner = new \Framework\Common();
if (isset($_POST['name'])) {
$name = $cleaner->normalize($_POST['name'], 'trim|xss|string');
$updateProduct['name'] = $name;
}
if (isset($_POST['description'])) {
$desciption = $cleaner->normalize($_POST['description'], 'trim|xss|string');
$updateProduct['desciption'] = $desciption;
}
if (isset($_POST['price'])) {
$price = $cleaner->normalize($_POST['price'], 'trim|xss|float');
$updateProduct['price'] = $price;
}
if (isset($_POST['quantity'])) {
$quantity = $cleaner->normalize($_POST['quantity'], 'trim|xss|int');
$updateProduct['quantity'] = $quantity;
}
$updateProduct['product_id'] = $product_id;
$productDb->update('product', $updateProduct);
header('Location: /php_project/application/public/');
exit;
}
$product = $productDb->get('product_id=' . $product_id)[0];
if (!is_numeric($product_id) || !$product) {
header('Location: /php_project/application/public/');
exit;
}
$this->view->appendToLayout('body', 'editProduct');
$this->view->display('layouts.default', $product);
}
public function edit()
{
if (!isset($_SESSION['userId']) || $_SESSION['admin'] != true) {
header('Location: /php_project/application/public/');
exit;
}
$userDb = new \Models\User();
$user_id = $this->input->get(0);
if (isset($_POST['username']) || isset($_POST['email']) || isset($_POST['password']) || isset($_POST['type']) || isset($_POST['banned'])) {
$updateUser = array();
$cleaner = new \Framework\Common();
if (isset($_POST['username'])) {
$username = $cleaner->normalize($_POST['username'], 'trim|xss|string');
$updateUser['username'] = $username;
}
if (isset($_POST['email'])) {
$email = $cleaner->normalize($_POST['email'], 'trim|xss|string');
$updateUser['email'] = $desciption;
}
if (isset($_POST['password'])) {
$password = $cleaner->normalize($_POST['password'], 'trim|xss|string');
$updateUser['password'] = $password;
}
if (isset($_POST['type'])) {
$type = $cleaner->normalize($_POST['quantity'], 'trim|xss|string');
if ($type == 'user' || $type == 'editor' || $type == 'admin') {
$updateUser['type'] = $type;
}
}
if (isset($_POST['banned'])) {
$banned = $cleaner->normalize($_POST['banned'], 'trim|xss|int');
$updateUser['banned'] = $banned;
}
$updateUser['user_id'] = $user_id;
$userDb->update('user', $updateUser);
header('Location: /php_project/application/public/admin/index');
exit;
}
$user = $userDb->get('user_id=' . $user_id)[0];
if (!is_numeric($user_id) || !$user) {
header('Location: /php_project/application/public/');
exit;
}
$this->view->appendToLayout('body', 'editUser');
$this->view->display('layouts.default', $user);
}