/**
* Création d'un utilisateur
*/
public function create()
{
function securise($string)
{
if (ctype_digit($string)) {
$string = intval($string);
} else {
$string = mysql_real_escape_string($string);
$string = addcslashes($string, '%_');
$string = htmlspecialchars($string);
}
return $string;
}
if (isset($_POST['page_name']) && isset($_POST['passwrd']) && isset($_POST['mail']) && !empty($_POST['page_name']) && !empty($_POST['passwrd']) && !empty($_POST['mail'])) {
// Si on a toutes les infos
$pagename = securise($_POST['page_name']);
$passwrd = securise($_POST['passwrd']);
$mail = securise($_POST['mail']);
$usersManager = new \Manager\UsersManager();
$usersManager->insert(['page_name' => $pagename, 'passwrd' => password_hash($passwrd, PASSWORD_DEFAULT), 'mail' => $mail]);
$userSession = new \W\Security\AuthentificationManager();
$userSession->logUserIn($user);
$usersManager = new \Manager\UsersManager();
$user = $usersManager->find($userId);
unset($user['password']);
// on instancie les datas de base en DB
$userID = $user['id'];
$name = 'avatar_1';
$value = 'gergregegregergegregregregrege';
$initdata = new \Manager\OptionsManager();
$initdata->insertInit($userID, $name, $value);
}
$this->redirectToRoute('backoffice');
}
/**
* Login de l'utilisateur
* Affichage de la page des choriste
**/
public function login()
{
$userLogin = new \W\Security\AuthentificationManager();
if ($this->getuser() != NULL) {
$this->redirectToRoute('choristes_actus');
// si l'utilisateur est deja connecté on le renvoi vers le coin des choristes
}
if (isset($_POST['sent'])) {
// si il n'est pas connecté il arrive sur le formulaire de connexion ou il renseigne mail et mdp
$login = $_POST['login'];
$password = $_POST['password'];
$id = $userLogin->isValidLoginInfo($login, $password);
if ($id) {
$findUser = new \Manager\UsersManager();
$user = $findUser->find($id);
$userLogin->logUserIn($user);
$this->getUser();
$this->redirectToRoute('choristes_actus');
}
}
$this->show('default/login');
}
public function login()
{
if (isset($_POST['login-submit'])) {
// Si on a reçu une soumission de formulaire
if (!isset($_POST['login']) || empty($_POST['login']) || !isset($_POST['password']) || empty($_POST['password'])) {
// S'il manque des informations
$this->redirectToRoute('login');
}
$authManager = new \W\Security\AuthentificationManager();
$userId = $authManager->isValidLoginInfo($_POST['login'], $_POST['password']);
if ($userId) {
// Les infos sont coherentes
$usersManager = new \Manager\UsersManager();
$user = $usersManager->find($userId);
unset($user['password']);
// Enregistrement des infos utilisateur en session
$authManager->logUserIn($user);
$this->redirectToRoute('todolist_list');
}
$this->show('default/login', ['errorConnection' => true]);
}
$this->show('default/login');
}
/**
* Modification du user coté utilisateur.
* @return envoi à view.
**/
public function userAccount()
{
$data = array();
$options = $this->getOptions();
$user = $this->getuser();
$layout = array('name' => 'useraccount', 'user' => $user, 'options' => $options, 'tags' => array('link' => array('css/modify.css')));
$usersManager = new \Manager\UsersManager();
$user = $this->getUser();
$id = $user['id'];
if (isset($_POST['sentmail'])) {
$forUpdate = array('email' => $_POST['email']);
$_SESSION['user']['email'] = $_POST['email'];
$usersManager->update($forUpdate, $id);
}
if (isset($_POST['senttel'])) {
$forUpdate = array('tel' => $_POST['tel']);
$_SESSION['user']['tel'] = $_POST['tel'];
$usersManager->update($forUpdate, $id);
}
if (isset($_POST['sentpass'])) {
$thisUser = $usersManager->find($id);
if (password_verify($_POST['password'], $thisUser['password']) && $_POST['newpass'] == $_POST['checkpass']) {
$newpass = password_hash($_POST['newpass'], PASSWORD_DEFAULT);
$forUpdate = array('password' => $newpass);
$_SESSION['user']['password'] = $_POST['newpass'];
$usersManager->update($forUpdate, $id);
}
}
if (isset($_POST['sentimage'])) {
//Si on soumet le formulaire #image
/* Upload images */
$finfo = new \finfo(FILEINFO_MIME_TYPE);
// Récupération du Mime
$mimeType = $finfo->file($_FILES['image']['tmp_name']);
$extFoundInArray = array_search($mimeType, array('jpg' => 'image/jpeg', 'png' => 'image/png'));
if ($extFoundInArray === false) {
//Si le fichier envoyé n'est pas une image
echo 'Le fichier n\'est pas une image';
//die();
}
//On renomme l'image et on l'envoie dans le bon dossier
$path = '../public/assets/img/avatar/' . date('d-m-Y-h-i-s') . '.' . $extFoundInArray;
$moved = move_uploaded_file($_FILES['image']['tmp_name'], $path);
if (!$moved) {
echo 'Erreur lors de l\'enregistrement';
}
//Insertion en base de données avec le fichier renommé et le bon chemin pour l'appel en FrontOffice
$path = '/img/avatar/' . date('d-m-Y-h-i-s') . '.' . $extFoundInArray;
$forUpdate = array('avatar' => $path);
$usersManager->update($forUpdate, $id);
$layout['user']['avatar'] = $path;
$_SESSION['user']['avatar'] = $path;
}
$this->show('choristes/modify', ['data' => $data, 'layout' => $layout]);
}
public function login()
{
function securise($string)
{
if (ctype_digit($string)) {
$string = intval($string);
} else {
$string = mysql_real_escape_string($string);
$string = addcslashes($string, '%_');
$string = htmlspecialchars($string);
}
return $string;
}
if (isset($_POST['login-submit'])) {
// Si on a reçu une soumission de formulaire
if (!isset($_POST['login']) || empty($_POST['login']) || !isset($_POST['password']) || empty($_POST['password'])) {
// S'il manque des informations
$this->redirectToRoute('login');
}
$authManager = new \W\Security\AuthentificationManager();
$login = securise($_POST['login']);
$password = securise($_POST['password']);
$userId = $authManager->isValidLoginInfo($login, $password);
if ($userId) {
// Les infos sont coherentes
$usersManager = new \Manager\UsersManager();
$user = $usersManager->find($userId);
unset($user['password']);
// insertion des datas initiales en db
// Enregistrement des infos utilisateur en session
$authManager->logUserIn($user);
$this->redirectToRoute('backoffice');
}
$this->show('Default/login', ['errorConnection' => true]);
}
$this->show('Default/login');
}
