public function validateFormulaire() { $username = $this->post['username']; $email = $this->post['email']; $password = $this->post['password']; $passwordConfirm = $this->post['passwordConfirm']; $lastname = $this->post['lastname']; $firstname = $this->post['firstname']; $birthyear = $this->post['birthyear']; $sex = $this->post['sex']; $job = $this->post['job']; $instructorDescription = $this->post['instructorDescription']; $studentDescription = $this->post['studentDescription']; // Contrôle des champs obligatoires sur la formation $validator = new \Utils\FormValidator(); $validator->validateNotEmpty($username, "username", "Le pseudo est obligatoire !"); $validator->validateNotEmpty($email, "email", "L'email est obligatoire !"); $validator->validateNotEmpty($password, "password", "Choisir un mot de passe !"); $validator->validateNotEmpty($passwordConfirm, "passwordConfirm", "Ressaisir le mot de passe !"); $validator->validateNotEmpty($lastname, "lastname", "Saisir votre nom !"); $validator->validateNotEmpty($firstname, "firstname", "Saisir votre prénom !"); $validator->validateNotEmpty($birthyear, "birthyear", "Saisir votre année de naissance !"); $validator->validateNotEmpty($sex, "sex", "Indiquer votre sexe !"); $validator->validateNotEmpty($job, "job", "Saisir votre métier !"); $validator->validateNotEmpty($instructorDescription, "instructorDescription", "Saisir votre description en tant que formateur !"); $validator->validateNotEmpty($studentDescription, "studentDescription", "Saisir votre description en tant qu'étudiant !"); if ($validator->isValid()) { $validator->validateEmail($email, "email", "L'email est incorrect !"); $validator->validateYear($birthyear, "birthyear", "Votre année de naissance doit être comprise entre 1900-2099 !"); $validator->validateCharacter($username, "username", "Le pseudo comporte des caractères interdits !"); } if (!$validator->isValid()) { $this->error = $validator->getErrors(); $this->isValid = false; } if ($this->isValid) { // 1 - on crée l'instance $userManager = new \Manager\UserManager(); // erreur pour le mail (déjà existant) if ($userManager->emailExists($email)) { $this->isValid = false; $this->error['email'] = 'Email déjà utlisé !'; } if ($userManager->usernameExists($username)) { $this->isValid = false; $this->error['username'] = '******'; } // erreur sur le mdp if ($password != $passwordConfirm) { $this->isValid = false; $this->error['passwordConfirm'] = 'Les mots de passe ne correspondent pas !'; } } }
public function log() { $usermanager = new \Manager\UserManager(); $auth = new \W\Security\AuthentificationManager(); $passwordError = ""; if ($_POST) { if ($_POST['logger'] == null || $_POST['password'] == null) { $passwordError = "vide!"; } else { $logger = $_POST['logger']; $password = $_POST['password']; $pos = strpos($logger, '@'); //on test sur le champ username if ($pos === false) { $username = $logger; if ($usermanager->usernameExists($username)) { if ($auth->isValidLoginInfo($username, $password)) { $user = $usermanager->getUserByUsernameOrEmail($username); $auth->logUserIn($user); if ($_POST['remember']) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true); } $this->show('logger/log', ["passwordError" => $passwordError]); } else { $passwordError = "Wrong login/mp couple!"; } } else { $passwordError = "Login not found!"; } } else { //sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email $email = $logger; if ($usermanager->emailExists($email)) { if ($auth->isValidLoginInfo($email, $password)) { $user = $usermanager->getUserByUsernameOrEmail($email); $auth->logUserIn($user); if ($_POST['remember']) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true); } $this->show('logger/log', ["passwordError" => $passwordError]); } else { $passwordError = "Wrong email/mp couple!"; } } else { $passwordError = "Email not found"; } } } } $this->show('logger/log', ["passwordError" => $passwordError]); }
public function profile() { unset($_SESSION['error']); if ($_POST) { $usermanager = new \Manager\UserManager(); if (isset($_POST['loginUpdate'])) { $login = $_POST['loginUpdate']; } else { $_SESSION['error']['profile'] = 'vide!'; } if ($usermanager->usernameExists($login)) { $_SESSION['error']['profile'] = "Login déja existant !"; } else { $_SESSION['error']['profile'] = 'Success !'; } } $this->show('user/profile'); }
public function log() { $usermanager = new \Manager\UserManager(); $auth = new \W\Security\AuthentificationManager(); unset($_SESSION['error']); $isValid = true; if ($_POST) { if (\isIsset($_POST)) { $logger = $_POST['logger']; $password = $_POST['password']; $pos = strpos($logger, '@'); //on test sur le champ username if ($pos === false) { $username = $logger; if ($usermanager->usernameExists($username)) { if ($auth->isValidLoginInfo($username, $password)) { $user = $usermanager->getUserByUsernameOrEmail($username); $auth->logUserIn($user); if (isset($_POST['remember'])) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', 'mudeo.dev', false, true); } $return = \confirmAccount($user['token_timestamp']); $_SESSION['error']['log'] = $return[1]; } else { $isValid = false; $_SESSION['error']['log'] = "Wrong login/mp couple!"; } } else { $isValid = false; $_SESSION['error']['log'] = "Login not found!"; } } else { //sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email $email = $logger; if (filter_var($email, FILTER_VALIDATE_EMAIL)) { if ($usermanager->emailExists($email)) { if ($auth->isValidLoginInfo($email, $password)) { $user = $usermanager->getUserByUsernameOrEmail($email); $auth->logUserIn($user); if (isset($_POST['remember'])) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', 'localhost', false, true); } $return = \confirmAccount($user['token_timestamp'], $_SESSION['user']['subscription']); $isValid = $return[0]; $_SESSION['error']['log'] = $return[1]; } else { $isValid = false; $_SESSION['error']['log'] = "Mauvais couple email/mot de passe !"; } } else { $isValid = false; $_SESSION['error']['log'] = "Email pas présent dans la base ! "; } } else { $isValid = false; $_SESSION['error']['log'] = "Le format de l'email n'est pas valide !"; } } // fin si mail } else { $isValid = false; $_SESSION['error']['log'] = "Veuillez remplir tous les champs !"; } } if ($isValid) { $this->redirectToRoute('userhome'); } else { $this->redirectToRoute('home'); } }
/** * Page de modification du profil */ public function profile($username) { $error = array(); $isValid = true; // on crée l'instance UserManager $userManager = new \Manager\UserManager(); // on crée une instance security manager $authentificationManager = new \W\Security\AuthentificationManager(); // - on récupère l'utilisateur connecté $userConnect = $authentificationManager->getLoggedUser(); // formulaire soumis ? if ($_POST) { $username = $_POST['username']; $lastname = $_POST['lastname']; $firstname = $_POST['firstname']; $birthyear = $_POST['birthyear']; $sex = $_POST['sex']; $job = $_POST['job']; $instructorDescription = $_POST['instructorDescription']; $studentDescription = $_POST['studentDescription']; // validation des données => à coder $isValid = true; // Contrôle des champs obligatoires sur la formation $validator = new \Utils\FormValidator(); $validator->validateNotEmpty($username, "username", "Le pseudo est obligatoire !"); $validator->validateNotEmpty($lastname, "lastname", "Saisir votre nom !"); $validator->validateNotEmpty($firstname, "firstname", "Saisir votre prénom !"); $validator->validateNotEmpty($birthyear, "birthyear", "Saisir votre année de naissance !"); $validator->validateNotEmpty($sex, "sex", "Indiquer votre sexe !"); $validator->validateNotEmpty($job, "job", "Saisir votre métier !"); $validator->validateNotEmpty($instructorDescription, "instructorDescription", "Saisir votre description en tant que formateur !"); $validator->validateNotEmpty($studentDescription, "studentDescription", "Saisir votre description en tant qu'étudiant !"); if ($validator->isValid()) { $validator->validateYear($birthyear, "birthyear", "Votre année de naissance doit être comprise entre 1900-2099 !"); $validator->validateCharacter($username, "username", "Le pseudo comporte des caractères interdits !"); } if (!$validator->isValid()) { $error = $validator->getErrors(); $isValid = false; } if ($isValid) { // 1 - on crée l'instance $userManager = new \Manager\UserManager(); if ($userConnect['username'] != $username) { if ($userManager->usernameExists($username)) { $isValid = false; $error['username'] = '******'; } } } // upload du fichier if ($_FILES['image']['size'] != 0) { $file = new \Utils\ImageUpload($_FILES['image'], 'assets/img/users/'); $file->uploadFile(); $file->reduceImage(false); if (!$file->isValid()) { $isValid = false; $error['image'] = $file->getErrors(); } else { $error['image'] = 'img/users/' . $file->getFileName(); $_SESSION['image_user'] = $file->getFileName(); } } else { $_SESSION['image_user'] = '******'; } // si c'est valide if ($isValid) { // Mise à jour dans la base de données // 2 - on appelle la méthode update $user = $userManager->update(["username" => $_POST['username'], "lastname" => $_POST['lastname'], "firstname" => $_POST['firstname'], "birthyear" => $_POST['birthyear'], "sex" => $_POST['sex'], "job" => $_POST['job'], "instructorDescription" => $_POST['instructorDescription'], "studentDescription" => $_POST['studentDescription'], "image" => $_SESSION['image_user']], $userConnect['id']); // on met à jour les données utilisateurs $authentificationManager->refreshUser(); $userConnect = $authentificationManager->getLoggedUser(); } } else { $_POST = $userConnect; } // 3 - on affiche la page si user trouvé if ($userConnect) { if ($userConnect['image'] == '') { $error['image'] = 'imageprofildefaut.png'; } else { $error['image'] = $userConnect['image']; } if ($userConnect['username'] == $username) { $this->show('user/profile', ['error' => $error]); } } // Sinon on redirige vers une page erreur $this->showForbidden(); }