/** * Création d'un utilisateur */ public function create() { function securise($string) { if (ctype_digit($string)) { $string = intval($string); } else { $string = mysql_real_escape_string($string); $string = addcslashes($string, '%_'); $string = htmlspecialchars($string); } return $string; } if (isset($_POST['page_name']) && isset($_POST['passwrd']) && isset($_POST['mail']) && !empty($_POST['page_name']) && !empty($_POST['passwrd']) && !empty($_POST['mail'])) { // Si on a toutes les infos $pagename = securise($_POST['page_name']); $passwrd = securise($_POST['passwrd']); $mail = securise($_POST['mail']); $usersManager = new \Manager\UsersManager(); $usersManager->insert(['page_name' => $pagename, 'passwrd' => password_hash($passwrd, PASSWORD_DEFAULT), 'mail' => $mail]); $userSession = new \W\Security\AuthentificationManager(); $userSession->logUserIn($user); $usersManager = new \Manager\UsersManager(); $user = $usersManager->find($userId); unset($user['password']); // on instancie les datas de base en DB $userID = $user['id']; $name = 'avatar_1'; $value = 'gergregegregergegregregregrege'; $initdata = new \Manager\OptionsManager(); $initdata->insertInit($userID, $name, $value); } $this->redirectToRoute('backoffice'); }
/** * Login de l'utilisateur * Affichage de la page des choriste **/ public function login() { $userLogin = new \W\Security\AuthentificationManager(); if ($this->getuser() != NULL) { $this->redirectToRoute('choristes_actus'); // si l'utilisateur est deja connecté on le renvoi vers le coin des choristes } if (isset($_POST['sent'])) { // si il n'est pas connecté il arrive sur le formulaire de connexion ou il renseigne mail et mdp $login = $_POST['login']; $password = $_POST['password']; $id = $userLogin->isValidLoginInfo($login, $password); if ($id) { $findUser = new \Manager\UsersManager(); $user = $findUser->find($id); $userLogin->logUserIn($user); $this->getUser(); $this->redirectToRoute('choristes_actus'); } } $this->show('default/login'); }
public function login() { if (isset($_POST['login-submit'])) { // Si on a reçu une soumission de formulaire if (!isset($_POST['login']) || empty($_POST['login']) || !isset($_POST['password']) || empty($_POST['password'])) { // S'il manque des informations $this->redirectToRoute('login'); } $authManager = new \W\Security\AuthentificationManager(); $userId = $authManager->isValidLoginInfo($_POST['login'], $_POST['password']); if ($userId) { // Les infos sont coherentes $usersManager = new \Manager\UsersManager(); $user = $usersManager->find($userId); unset($user['password']); // Enregistrement des infos utilisateur en session $authManager->logUserIn($user); $this->redirectToRoute('todolist_list'); } $this->show('default/login', ['errorConnection' => true]); } $this->show('default/login'); }
/** * Modification du user coté utilisateur. * @return envoi à view. **/ public function userAccount() { $data = array(); $options = $this->getOptions(); $user = $this->getuser(); $layout = array('name' => 'useraccount', 'user' => $user, 'options' => $options, 'tags' => array('link' => array('css/modify.css'))); $usersManager = new \Manager\UsersManager(); $user = $this->getUser(); $id = $user['id']; if (isset($_POST['sentmail'])) { $forUpdate = array('email' => $_POST['email']); $_SESSION['user']['email'] = $_POST['email']; $usersManager->update($forUpdate, $id); } if (isset($_POST['senttel'])) { $forUpdate = array('tel' => $_POST['tel']); $_SESSION['user']['tel'] = $_POST['tel']; $usersManager->update($forUpdate, $id); } if (isset($_POST['sentpass'])) { $thisUser = $usersManager->find($id); if (password_verify($_POST['password'], $thisUser['password']) && $_POST['newpass'] == $_POST['checkpass']) { $newpass = password_hash($_POST['newpass'], PASSWORD_DEFAULT); $forUpdate = array('password' => $newpass); $_SESSION['user']['password'] = $_POST['newpass']; $usersManager->update($forUpdate, $id); } } if (isset($_POST['sentimage'])) { //Si on soumet le formulaire #image /* Upload images */ $finfo = new \finfo(FILEINFO_MIME_TYPE); // Récupération du Mime $mimeType = $finfo->file($_FILES['image']['tmp_name']); $extFoundInArray = array_search($mimeType, array('jpg' => 'image/jpeg', 'png' => 'image/png')); if ($extFoundInArray === false) { //Si le fichier envoyé n'est pas une image echo 'Le fichier n\'est pas une image'; //die(); } //On renomme l'image et on l'envoie dans le bon dossier $path = '../public/assets/img/avatar/' . date('d-m-Y-h-i-s') . '.' . $extFoundInArray; $moved = move_uploaded_file($_FILES['image']['tmp_name'], $path); if (!$moved) { echo 'Erreur lors de l\'enregistrement'; } //Insertion en base de données avec le fichier renommé et le bon chemin pour l'appel en FrontOffice $path = '/img/avatar/' . date('d-m-Y-h-i-s') . '.' . $extFoundInArray; $forUpdate = array('avatar' => $path); $usersManager->update($forUpdate, $id); $layout['user']['avatar'] = $path; $_SESSION['user']['avatar'] = $path; } $this->show('choristes/modify', ['data' => $data, 'layout' => $layout]); }
public function login() { function securise($string) { if (ctype_digit($string)) { $string = intval($string); } else { $string = mysql_real_escape_string($string); $string = addcslashes($string, '%_'); $string = htmlspecialchars($string); } return $string; } if (isset($_POST['login-submit'])) { // Si on a reçu une soumission de formulaire if (!isset($_POST['login']) || empty($_POST['login']) || !isset($_POST['password']) || empty($_POST['password'])) { // S'il manque des informations $this->redirectToRoute('login'); } $authManager = new \W\Security\AuthentificationManager(); $login = securise($_POST['login']); $password = securise($_POST['password']); $userId = $authManager->isValidLoginInfo($login, $password); if ($userId) { // Les infos sont coherentes $usersManager = new \Manager\UsersManager(); $user = $usersManager->find($userId); unset($user['password']); // insertion des datas initiales en db // Enregistrement des infos utilisateur en session $authManager->logUserIn($user); $this->redirectToRoute('backoffice'); } $this->show('Default/login', ['errorConnection' => true]); } $this->show('Default/login'); }