public function log()
{
$usermanager = new \Manager\UserManager();
$auth = new \W\Security\AuthentificationManager();
$passwordError = "";
if ($_POST) {
if ($_POST['logger'] == null || $_POST['password'] == null) {
$passwordError = "vide!";
} else {
$logger = $_POST['logger'];
$password = $_POST['password'];
$pos = strpos($logger, '@');
//on test sur le champ username
if ($pos === false) {
$username = $logger;
if ($usermanager->usernameExists($username)) {
if ($auth->isValidLoginInfo($username, $password)) {
$user = $usermanager->getUserByUsernameOrEmail($username);
$auth->logUserIn($user);
if ($_POST['remember']) {
setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true);
}
$this->show('logger/log', ["passwordError" => $passwordError]);
} else {
$passwordError = "Wrong login/mp couple!";
}
} else {
$passwordError = "Login not found!";
}
} else {
//sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email
$email = $logger;
if ($usermanager->emailExists($email)) {
if ($auth->isValidLoginInfo($email, $password)) {
$user = $usermanager->getUserByUsernameOrEmail($email);
$auth->logUserIn($user);
if ($_POST['remember']) {
setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true);
}
$this->show('logger/log', ["passwordError" => $passwordError]);
} else {
$passwordError = "Wrong email/mp couple!";
}
} else {
$passwordError = "Email not found";
}
}
}
}
$this->show('logger/log', ["passwordError" => $passwordError]);
}
public function controlProfilModify()
{
unset($_SESSION['error']);
if ($_POST) {
if (isset($_POST['nom'])) {
$login = $_POST['nom'];
}
if (isset($_POST['user_mail'])) {
$email = $_POST['user_mail'];
}
if (isset($_POST['birthday'])) {
$birthday = $_POST['birthday'];
}
if (isset($_POST['country'])) {
$country = $_POST['country'];
}
if (isset($_POST['bio'])) {
$bio = $_POST['bio'];
}
if (preg_match("#^([A-Z]|[a-z])(a-z)*(_)?[a-z]+\$#", $login)) {
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$urlphoto = \uploadUserPicture();
$usermanager = new \Manager\UserManager();
$usermanager->update(['username' => $login, 'urlpicture' => $urlphoto, 'email' => $email, 'birthday' => $birthday, 'country' => $country, 'biography' => trim($bio)], $_SESSION['user']['id']);
// die('rrrr');
$user = $usermanager->getUserByUsernameOrEmail($email);
$auth = new \W\Security\AuthentificationManager();
$auth->logUserIn($user);
$_SESSION['error']['controlProfilModify'] = "Votre profil a bien été modifié ! ";
} else {
$_SESSION['error']['controlProfilModify'] = "L'email n'est pas dans un format valide ! ";
}
} else {
$_SESSION['error']['controlProfilModify'] = "Le login ne peut comporter de caractère spéciaux ( [ { / \\ & # @ ] } ) ainsi que les accents! ";
}
}
$this->redirectToRoute('profilmodify');
}
public function forgetpassword()
{
unset($_SESSION['error']);
if ($_POST) {
if (\isIsset($_POST)) {
$emailPasswordRecovery = $_POST['emailPasswordRecovery'];
if (filter_var($emailPasswordRecovery, FILTER_VALIDATE_EMAIL)) {
$usermanager = new \Manager\UserManager();
if ($usermanager->emailExists($emailPasswordRecovery)) {
$user = $usermanager->getUserByUsernameOrEmail($emailPasswordRecovery);
if (\isComfirmedAccount($user['id'])) {
//On ne peut pas réinitialiser son password si le compte n'est pas confirmé
$token = \W\Security\StringUtils::randomString(32);
$tokentime = time() + 20 * 60;
$usermanager->update(['token' => password_hash($token, PASSWORD_DEFAULT), 'token_timestamp' => $tokentime], $user['id']);
$lien = '<a href="' . $this->generateUrl('mailPassword', ['token' => $token, 'id' => $user['id']], true) . '">http://www.mudeo.com/verif/u675CXIV9YOLHbYIjhgc8O7UNM</a>';
$lien_img = "od972.free.fr/logo.png";
$msg = "<img src='" . $lien_img . "' style='width:100px;height:100px'/> <h2>Mudéo </h2>";
$msg .= "<h4>MFF Corp.</h4><br/><br/>";
$msg .= "Pour pouvoir changer votre mot de passe <span style='font-weight:bold;'>" . strtoupper($user['username']) . "</span>. Veuillez cliquer sur le lien suivant qui vous redirigera vers notre site<br/><br/>" . $lien;
require_once 'assets/inc/mailer.php';
smtpmailer('*****@*****.**', '*****@*****.**', 'Admin', 'Vérification de la création de compte Mudéo', $msg);
if (isset($errorMail)) {
$_SESSION['error']['forgetpassword'] = $error;
} else {
$_SESSION['error']['forgetpassword'] = "******";
}
} else {
$_SESSION['error']['forgetpassword'] = "******" . $user['email'] . " avant de pouvoir utiliser cette fonctionalité";
}
} else {
$_SESSION['error']['forgetpassword'] = "******";
}
} else {
$_SESSION['error']['forgetpassword'] = "******";
}
} else {
$_SESSION['error']['forgetpassword'] = "******";
}
}
$this->show('Default/home');
}
/**
* Page détail de mon compte
*/
public function detailAccount($username)
{
// on crée l'instance UserManager
$userManager = new \Manager\UserManager();
// on crée une instance security manager
$authentificationManager = new \W\Security\AuthentificationManager();
// - on récupère l'utilisateur connecté
$userConnect = $authentificationManager->getLoggedUser();
// 2 - on récupère les données du user
$user = $userManager->getUserByUsernameOrEmail($username);
// 3 - on affiche la page si user trouvé
if ($user) {
if ($user['image'] == '') {
$user['image'] = 'imageprofildefaut.png';
}
// Contrôle si l'utilisateur connecté n'est pas l'utilisateur du compte demandé
// renvoi page détail kikologue
if ($userConnect['username'] != $username) {
$newform = new \Controller\FormationController();
$formations = $newform->listFormations($user['username'], 1, true);
$this->show('user/detail_kikologue', ['kikologue' => $user, 'formations' => $formations]);
// Sinon renvoie page détail account
} else {
$this->show('user/detail_account', ['user' => $user]);
}
} else {
// sinon page interdite
$this->showForbidden();
}
}
