public function findByUsername($username)
 {
     $statement = $this->db->prepare("\n            SELECT * FROM users WHERE username = ?\n        ");
     $statement->execute([$username]);
     $data = $statement->fetch();
     $user = null;
     if ($statement->rowCount() > 0) {
         $data['roles'] = RoleService::getUserRoles($data['id']);
         $user = new User($data);
     }
     return $user;
 }
Exemplo n.º 2
0
 private function loadRoles()
 {
     self::$roles = RoleService::getRoles();
 }
 /**
  * @param LoginBindingModel $model
  * @throws \Exception
  * @POST
  */
 public function login(LoginBindingModel $model)
 {
     $username = $model->getUsername();
     $password = $model->getPassword();
     $user = $this->eshopData->getUsersRepository()->findByUsername($username);
     if ($user === false || !password_verify($password, $user->getPassword())) {
         throw new \Exception('Invalid credentials');
     }
     if ($user->getIsBanned()) {
         throw new \Exception("This account is banned");
     }
     Session::put('userId', $user->getId());
     Session::put('roles', implode(', ', RoleService::getUserRoles($user->getId())));
     RouteService::redirect('account', 'profile', true);
 }
Exemplo n.º 4
0
<div class="col-sm-9 padding-right">
    <div class="features_items"><!--features_items-->
        <h2 class="title text-center">Features Items</h2>
        <?php 
if (\DF\Services\RoleService::isAdministrator() || \DF\Services\RoleService::isEditor()) {
    ?>
        <form action="<?php 
    echo \DF\Services\RouteService::getUrl('products', '');
    ?>
" method="POST">
            <input type="text" name="productName" placeholder="name">
            <input type="text" name="productPrice" placeholder="price">
            <input type="text" name="categoryId" placeholder="category id">
            <input type="text" name="quantity" placeholder="quantity">
            <input type="hidden" name="csrf_token" value="<?php 
    echo \DF\Helpers\Csrf::getCSRFToken();
    ?>
">
            <input type="submit" value="Add Product">
        </form>
        <?php 
}
?>
        <?php 
foreach ($model->products as $product) {
    ?>
        <div class="col-sm-4">
            <div class="product-image-wrapper">
                <div class="single-products">
                    <div class="productinfo text-center">
                        <img src="images/home/product1.jpg" alt="" />
 private function checkAuthorization()
 {
     if (!Session::exists('userId') && $this->getRouter()->routeInfo['authorize'] == true) {
         throw new \Exception("Unauthorized");
     }
     if (count($this->getRouter()->routeInfo['roles']) > 0) {
         if (!RoleService::userInRoles(Session::get('userId'), $this->getRouter()->routeInfo['roles'])) {
             throw new \Exception("You do not have the rights");
         }
     }
 }