public function login()
{
if (isset($_POST["username"])) {
// reaching via HTTP Post...
//process login form
if ($this->userMapper->isValidUser($_POST["username"], $_POST["passwd"])) {
$_SESSION["currentuser"] = $_POST["username"];
$_SESSION["tipoUsuario"] = $this->userMapper->userType($_POST["username"]);
switch ($this->userMapper->userType($_POST["username"])) {
case "organizador":
$this->view->moveToFragment($_POST["username"]);
$this->view->redirect("organizador", "index");
break;
case "juradoPopular":
$this->view->moveToFragment($_POST["username"]);
$this->view->redirect("juradoPopular", "index");
break;
case "juradoProfesional":
$this->view->moveToFragment($_POST["username"]);
$this->view->redirect("juradoProfesional", "index");
break;
case "establecimiento":
$this->view->moveToFragment($_POST["username"]);
$this->view->redirect("establecimiento", "index");
break;
}
} else {
$errors = array();
$errors["general"] = "<span id=\"error\">El usuario o la contraseña no es correcta</span>";
$this->view->setVariable("errors", $errors);
}
}
// render the view (/view/users/login.php)
$this->view->render("users", "login");
}
public function login()
{
if (isset($_POST["login"])) {
// reaching via HTTP Post...
//process login form
$usuarioLogueado = $this->userMapper->isValidUser($_POST["login"], $_POST["passwd"]);
if ($usuarioLogueado) {
$_SESSION["currentuser"] = $_POST["login"];
// send user to the restricted area (HTTP 302 code)
$this->view->redirect("users", "index");
} else {
$errors = array();
$errors["general"] = "Username is not valid";
$this->view->setVariable("errors", $errors);
}
}
// render the view (/view/users/login.php)
$this->view->setLayout("index");
$this->view->render("users", "body");
}
public static function login_user($user, $pass)
{
if ($user && $pass) {
if ($usertype = UserMapper::isValidUser($user, $pass)) {
return UserMapper::findByEmail($user, $usertype);
} else {
echo "ERROR: user or password incorrect";
}
} else {
return "error, fields not validated";
}
}
public function update()
{
$userid = $_REQUEST["usuario"];
$user = $this->userMapper->findById($userid);
$errors = array();
$pass = md5($_POST["passActual"]);
if ($this->userMapper->isValidUser($_POST["usuario"], $pass)) {
if (isset($_POST["usuario"])) {
$user->setNombre($_POST["nombre"]);
$user->setApellidos($_POST["apellidos"]);
$user->setCorreo($_POST["correo"]);
if (isset($_FILES['img'])) {
$img = $_FILES['img']['name'];
$ext = strrchr($img, '.');
$ruta = 'imagenes/user_' . $user->getId() . $ext;
if (move_uploaded_file($_FILES['img']['tmp_name'], $ruta)) {
$user->setImagen($user->getId() . $ext);
}
}
if (!(strlen(trim($_POST["passNew"])) == 0)) {
if ($_POST["passNew"] == $_POST["passNueva"]) {
$passNew = md5($_POST["passNew"]);
$user->setPassword($passNew);
} else {
$errors["pass"] = i18n("Passwords must be equal");
$this->view->setVariable("errors", $errors);
$this->view->setVariable("user", $user);
$this->view->render("users", "modificar");
return false;
}
}
try {
$this->userMapper->update($user);
$this->view->setFlash(i18n("Modified user correctly"));
$this->view->redirect("users", "perfil");
} catch (ValidationException $ex) {
$errors = $ex->getErrors();
$this->view->setVariable("errors", $errors);
}
}
} else {
$errors["passActual"] = i18n("Incorrect password");
$this->view->setVariable("errors", $errors);
$this->view->setVariable("user", $user);
$this->view->render("users", "modificar");
}
}
/**
* Authenticates the current request. If the request does not contain
* auth credentials, it will generate a 401 response code and end PHP processing
* If the request contain credentials, it will be checked against the database.
* If the credentials are ok, it will return the User object just logged. If the
* credentials are invalid, it will generate a 401 code as well and end PHP
* processing.
*
* @return User the user just authenticated.
*/
public function authenticateUser()
{
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header($_SERVER['SERVER_PROTOCOL'] . ' 401 Unauthorized');
header('WWW-Authenticate: Basic realm="Rest API of MVCBLOG"');
die('This operation requires authentication');
} else {
$userMapper = new UserMapper();
if ($userMapper->isValidUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
return new User($_SERVER['PHP_AUTH_USER']);
} else {
header($_SERVER['SERVER_PROTOCOL'] . ' 401 Unauthorized');
header('WWW-Authenticate: Basic realm="Rest API of MVCBLOG"');
die('The username/password is not valid');
}
}
}
