public function log() { $usermanager = new \Manager\UserManager(); $auth = new \W\Security\AuthentificationManager(); $passwordError = ""; if ($_POST) { if ($_POST['logger'] == null || $_POST['password'] == null) { $passwordError = "vide!"; } else { $logger = $_POST['logger']; $password = $_POST['password']; $pos = strpos($logger, '@'); //on test sur le champ username if ($pos === false) { $username = $logger; if ($usermanager->usernameExists($username)) { if ($auth->isValidLoginInfo($username, $password)) { $user = $usermanager->getUserByUsernameOrEmail($username); $auth->logUserIn($user); if ($_POST['remember']) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true); } $this->show('logger/log', ["passwordError" => $passwordError]); } else { $passwordError = "Wrong login/mp couple!"; } } else { $passwordError = "Login not found!"; } } else { //sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email $email = $logger; if ($usermanager->emailExists($email)) { if ($auth->isValidLoginInfo($email, $password)) { $user = $usermanager->getUserByUsernameOrEmail($email); $auth->logUserIn($user); if ($_POST['remember']) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true); } $this->show('logger/log', ["passwordError" => $passwordError]); } else { $passwordError = "Wrong email/mp couple!"; } } else { $passwordError = "Email not found"; } } } } $this->show('logger/log', ["passwordError" => $passwordError]); }
public function controlProfilModify() { unset($_SESSION['error']); if ($_POST) { if (isset($_POST['nom'])) { $login = $_POST['nom']; } if (isset($_POST['user_mail'])) { $email = $_POST['user_mail']; } if (isset($_POST['birthday'])) { $birthday = $_POST['birthday']; } if (isset($_POST['country'])) { $country = $_POST['country']; } if (isset($_POST['bio'])) { $bio = $_POST['bio']; } if (preg_match("#^([A-Z]|[a-z])(a-z)*(_)?[a-z]+\$#", $login)) { if (filter_var($email, FILTER_VALIDATE_EMAIL)) { $urlphoto = \uploadUserPicture(); $usermanager = new \Manager\UserManager(); $usermanager->update(['username' => $login, 'urlpicture' => $urlphoto, 'email' => $email, 'birthday' => $birthday, 'country' => $country, 'biography' => trim($bio)], $_SESSION['user']['id']); // die('rrrr'); $user = $usermanager->getUserByUsernameOrEmail($email); $auth = new \W\Security\AuthentificationManager(); $auth->logUserIn($user); $_SESSION['error']['controlProfilModify'] = "Votre profil a bien été modifié ! "; } else { $_SESSION['error']['controlProfilModify'] = "L'email n'est pas dans un format valide ! "; } } else { $_SESSION['error']['controlProfilModify'] = "Le login ne peut comporter de caractère spéciaux ( [ { / \\ & # @ ] } ) ainsi que les accents! "; } } $this->redirectToRoute('profilmodify'); }
public function forgetpassword() { unset($_SESSION['error']); if ($_POST) { if (\isIsset($_POST)) { $emailPasswordRecovery = $_POST['emailPasswordRecovery']; if (filter_var($emailPasswordRecovery, FILTER_VALIDATE_EMAIL)) { $usermanager = new \Manager\UserManager(); if ($usermanager->emailExists($emailPasswordRecovery)) { $user = $usermanager->getUserByUsernameOrEmail($emailPasswordRecovery); if (\isComfirmedAccount($user['id'])) { //On ne peut pas réinitialiser son password si le compte n'est pas confirmé $token = \W\Security\StringUtils::randomString(32); $tokentime = time() + 20 * 60; $usermanager->update(['token' => password_hash($token, PASSWORD_DEFAULT), 'token_timestamp' => $tokentime], $user['id']); $lien = '<a href="' . $this->generateUrl('mailPassword', ['token' => $token, 'id' => $user['id']], true) . '">http://www.mudeo.com/verif/u675CXIV9YOLHbYIjhgc8O7UNM</a>'; $lien_img = "od972.free.fr/logo.png"; $msg = "<img src='" . $lien_img . "' style='width:100px;height:100px'/> <h2>Mudéo </h2>"; $msg .= "<h4>MFF Corp.</h4><br/><br/>"; $msg .= "Pour pouvoir changer votre mot de passe <span style='font-weight:bold;'>" . strtoupper($user['username']) . "</span>. Veuillez cliquer sur le lien suivant qui vous redirigera vers notre site<br/><br/>" . $lien; require_once 'assets/inc/mailer.php'; smtpmailer('*****@*****.**', '*****@*****.**', 'Admin', 'Vérification de la création de compte Mudéo', $msg); if (isset($errorMail)) { $_SESSION['error']['forgetpassword'] = $error; } else { $_SESSION['error']['forgetpassword'] = "******"; } } else { $_SESSION['error']['forgetpassword'] = "******" . $user['email'] . " avant de pouvoir utiliser cette fonctionalité"; } } else { $_SESSION['error']['forgetpassword'] = "******"; } } else { $_SESSION['error']['forgetpassword'] = "******"; } } else { $_SESSION['error']['forgetpassword'] = "******"; } } $this->show('Default/home'); }
/** * Page détail de mon compte */ public function detailAccount($username) { // on crée l'instance UserManager $userManager = new \Manager\UserManager(); // on crée une instance security manager $authentificationManager = new \W\Security\AuthentificationManager(); // - on récupère l'utilisateur connecté $userConnect = $authentificationManager->getLoggedUser(); // 2 - on récupère les données du user $user = $userManager->getUserByUsernameOrEmail($username); // 3 - on affiche la page si user trouvé if ($user) { if ($user['image'] == '') { $user['image'] = 'imageprofildefaut.png'; } // Contrôle si l'utilisateur connecté n'est pas l'utilisateur du compte demandé // renvoi page détail kikologue if ($userConnect['username'] != $username) { $newform = new \Controller\FormationController(); $formations = $newform->listFormations($user['username'], 1, true); $this->show('user/detail_kikologue', ['kikologue' => $user, 'formations' => $formations]); // Sinon renvoie page détail account } else { $this->show('user/detail_account', ['user' => $user]); } } else { // sinon page interdite $this->showForbidden(); } }