public function start()
{
if (!isset($_SESSION['formToken'])) {
TokenHelper::setCSRFToken();
}
try {
$this->frontController->dispatch();
} catch (InvalidCredentialsException $credError) {
echo $credError->getMessage();
} catch (InvalidUserInputException $inputError) {
echo $inputError->getMessage();
} catch (InvalidUserOperationException $userOperError) {
echo $userOperError->getMessage();
} catch (UnauthorizedException $unathourError) {
echo $unathourError->getMessage();
}
// TODO TRY CATCH ERRORS BEFORE DISPATCH
}
public static function validateBindingModel($model)
{
if ($_POST['formToken'] != TokenHelper::getCSRFToken()) {
throw new UnauthorizedException("Invalid BindingModel ");
}
if (!$model instanceof IBindingModel) {
throw new InvalidUserInputException("Invalid BindingModel [Your BindingModel does not implemented IBindingModel]");
}
$reflection = new \ReflectionClass($model);
$bindingModelProperties = $reflection->getProperties(\ReflectionProperty::IS_PRIVATE);
$postKeys = array_keys($_POST);
foreach ($bindingModelProperties as $property) {
if (startsWith($property->getName(), '_')) {
$property = substr($property->getName(), 1, strlen($property->getName()));
}
if (!in_array($property, $postKeys) || empty($_POST[$property])) {
throw new InvalidUserInputException("Invalid BindingModel [Required parameters are empty/missing]");
}
}
}
public static function render()
{
self::$attributes["class"] = implode(" ", self::$classes);
$attributesString = "";
$innerAttribute = "";
foreach (self::$attributes as $attribute => $value) {
$attributesString .= " {$attribute} = " . "\"{$value}\"";
}
$result = "<form" . $attributesString . ">";
foreach (self::$elements as $element) {
$result .= "<{$element->elementName}";
$attributesString = "";
foreach ($element->attributes as $attribute => $value) {
if ($element->innerValue === false) {
$attributesString .= " {$attribute} = " . "\"{$value}\"";
}
}
$result .= $attributesString . ">";
if ($element->innerValue === true) {
$result .= $element->attributes['value'] != null ? $element->attributes['value'] : "";
$result .= "</{$element->elementName}>";
}
if ($element->innerElements) {
foreach ($element->innerElements as $innerElement) {
$result .= "<{$innerElement->elementName}";
$innerAttribute = "";
foreach ($innerElement->attributes as $a => $v) {
if ($a != 'text') {
$innerAttribute .= " {$a} = " . "\"{$v}\"";
}
}
$result .= $innerAttribute . ">";
$result .= $innerElement->attributes['text'] != null ? $innerElement->attributes['text'] : "";
$result .= "</{$innerElement->elementName}>";
}
}
}
$result .= '<input type="hidden" name="formToken" value="' . TokenHelper::getCSRFToken() . '" />';
$result .= "</form>";
echo $result;
}
?>
account/login" method="post" class="form-horizontal">
<fieldset>
<legend>Login</legend>
<div class="form-group">
<label for="inputUsername" class="col-lg-2 control-label">Username</label>
<div class="col-lg-6">
<input type="text" class="form-control" name="username" id="inputUsername" placeholder="Username">
</div>
</div>
<div class="form-group">
<label for="inputPassword" class="col-lg-2 control-label">Password</label>
<div class="col-lg-6">
<input type="password" class="form-control" name="password" id="inputPassword" placeholder="Password">
</div>
</div>
<input type="hidden" name="formToken" value="<?php
echo \EShop\Helpers\TokenHelper::getCSRFToken();
?>
" />
<div class="form-group">
<div class="col-lg-10 col-lg-offset-2">
<a href="register" class="btn btn-default">Go to register</a>
<button type="submit" class="btn btn-primary">Login</button>
</div>
</div>
</fieldset>
</form>
</div>
</div>
</div>
