public function register()
{
if (Session::get('loggedin')) {
Url::redirect('');
}
$data['title'] = "Registrace";
$model = new \Models\Users();
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$repeatPassword = $_POST['repeatPassword'];
$email = $_POST['email'];
if ($password == $repeatPassword) {
if (!$model->exists($username)) {
// array of values for new user
$postdata = array('name' => $username, 'pass' => Password::make($password), 'email' => $email);
$model->add($postdata);
Url::redirect('login');
} else {
$error[] = 'Jméno je již zabráno. Zkuste prosím jiné';
}
} else {
$error[] = 'Heslo a ověření hesla se neshodují. Zkuste je prosím vyplnit znovu.';
}
}
View::renderTemplate('header', $data);
View::render('auth\\register', $data, $error);
View::renderTemplate('footer', $data);
}
public function edit($id)
{
$data['title'] = 'Edit Member';
$data['row'] = $this->model->get_member($id);
if (isset($_POST['submit'])) {
if ($_POST['token'] != Session::get('token')) {
Url::redirect('admin/login');
}
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if ($username == '') {
$error[] = 'Username is required';
}
if ($password == '') {
$error[] = 'Password is required';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'Email is not valid';
}
if (!$error) {
$postdata = array('member_username' => $username, 'member_password' => Password::make($password), 'member_email' => $email);
$where = array('member_id' => $id);
$this->model->update_member($postdata, $where);
Session::set('message', 'Member Updated');
Url::redirect('admin/members');
}
}
View::renderadmintemplate('header', $data);
View::render('admin/members/edit', $data, $error);
View::renderadmintemplate('footer', $data);
}
public function create()
{
Session::init();
if (Session::get('username')) {
if (Session::get('admin')) {
Url::redirect('exec');
}
} else {
Url::redirect('');
}
$data['title'] = 'Wishlist';
$tripId = \helpers\Session::get("tripId");
$data['applicants'] = $this->mab->get_wishlist($tripId);
$data['roster'] = $this->mab->get_official_roster($tripId);
foreach ($data['applicants'] as $applicants_info) {
$applicants_info->age = $this->mab->get_age_at_time($applicants_info->dateOfBirth, date('Y-m-d', time()));
}
if (isset($_POST['draft'])) {
$trip_id = $this->mab->verify_applicant($_POST['applicationId']);
if ($trip_id == NULL) {
$this->mab->add_to_trip($_POST['applicationId'], $tripId);
$this->mab->applicant_becomes_person($_POST['applicationId']);
$this->mab->person_becomes_trip_member($_POST['applicationId'], $tripId);
} else {
if ($trip_id == $tripId) {
echo 'This is your participant';
} else {
echo 'Application has already been drafted.';
}
}
}
View::rendertemplate('header', $data);
View::render('wishlist/wishlist', $data, $error);
View::rendertemplate('footer', $data);
}
public function handleFirstStep($post)
{
/*
* @todo: xss security
* @todo: csrf security
* @todo: gump validation
*/
$name = $post['group_name'];
$descr = $post['group_descr'];
if (strlen($name) < 4) {
$error[] = 'Group name is too short.';
} else {
$check = $this->getGroupName($name);
if (strtolower($check[0]->nume) == strtolower($name)) {
$error[] = 'Group name already taken.';
}
}
$tokenString = hash('sha256', mt_rand());
$groupData = array('id_autor' => Session::get('id'), 'nume' => $name, 'descr' => $descr, 'completed' => $tokenString);
if (!isset($error)) {
$this->db->insert('grupuri', $groupData);
setcookie('unfinished_group', $tokenString, time() + COOKIE_RUNTIME);
Url::redirect(DIR . 'teacher/new-group-2', true);
}
return $error;
}
public function register()
{
if (Session::get('logged')) {
Url::redirect();
}
$data['title'] = 'הרשמה';
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if ($username == '') {
$error[] = 'שם משתמש הוא שדה נדרש';
}
if ($this->_model->get_user($username)) {
$error[] = 'שם המשתמש תפוס, בעסה';
}
if ($password == '') {
$error[] = 'צריך סיסמא כדי להירשם, אחרת כל אחד יוכל להיכנס במקומך...';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'כדי להירשם צריך מייל, למקרה ששכחת את הסיסמא';
}
if (!$error) {
$postdata = array('user_name' => $username, 'user_password' => Password::make($password), 'user_email' => $email);
$this->_model->add_user($postdata);
$this->login_user($username);
// Session::set('message','User Added');
Url::redirect();
}
}
View::renderTemplate('header', $data);
View::render('register', $data, $error);
View::renderTemplate('footer', $data);
}
public function index()
{
if (!Session::get('loggedin')) {
Url::redirect('login');
}
if (isset($_POST['submit']) && $_FILES['fileToUpload']['size'] > 0) {
$name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName'];
$price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']);
$description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if (isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
$error = "Sorry, file already exists." . $error;
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
$error = "Sorry, your file is too large." . $error;
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
$error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error;
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded." . $error;
// if everything is ok, try to upload file
} else {
//if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], str_replace(' ','-',strtolower($target_file)))) {
//echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
$product['product'] = array('name' => $name, 'price' => $price, 'description' => $description, 'lastUpdate' => date('Y-m-d G:i:s'));
$product['image'] = array('image' => file_get_contents($_FILES['fileToUpload']['tmp_name']), 'size' => $_FILES["fileToUpload"]["size"], 'type' => $imageFileType);
$this->_model->insertProduct($product);
//unlink(str_replace(' ','-',strtolower($target_file)));
}
}
Hooks::addHook('js', 'Controllers\\menu@indexJS');
Hooks::addHook('css', 'Controllers\\menu@indexCss');
$data['title'] = 'index';
$data['username'] = Session::get('username');
View::rendertemplate('header', $data);
View::render('menu/index', $data, $error);
View::rendertemplate('footer', $data);
}
public function index()
{
\helpers\Session::init();
if (\helpers\Session::get('username')) {
if (\helpers\Session::get('admin')) {
\helpers\url::redirect('exec');
} else {
\helpers\url::redirect('welcome');
}
}
if ($_POST['submit']) {
$is_valid = \helpers\gump::is_valid($_POST, array('fname' => 'required|alpha', 'lname' => 'required|alpha', 'dob' => 'required', 'gender' => 'required', 'year' => 'required', 'email' => 'required|valid_email', 'phone' => 'required', 'stunum' => 'required|numeric', 'issue1' => 'required', 'issue2' => 'required', 'issue3' => 'required'));
if ($is_valid === true) {
$this->submit();
} else {
$data['errors'] = $is_valid;
}
}
$data['title'] = "Apply";
$data['questions'] = $this->apply_model->getAllQuestions();
$data['issues'] = $this->apply_model->getAllIssues();
$data['options'] = $this->apply_model->getAllQuestionOptions();
$data['colleges'] = $this->apply_model->getAllColleges();
View::rendertemplate('header', $data);
View::render('apply/apply', $data, $error);
View::rendertemplate('footer', $data);
}
public function __construct()
{
parent::__construct();
if (!Session::get('loggedin')) {
Url::redirect('login');
}
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('admin-panel');
}
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$correo = $_POST['correo'];
$password = $_POST['password'];
if ($correo == '' || !isset($correo)) {
$data['error'][0] = 'Correo es un campo obligatorio';
}
if ($password == '' || !isset($password)) {
$data['error'][1] = 'Password es un campo obligatorio';
}
if (Password::verify($password, $this->_model->getHash($correo)) == false) {
$data['error'][2] = 'Correo o password incorrectos';
}
if (!$data['error']) {
$data['usuario'] = $this->_model->getUsuario($correo);
Session::set('loggedin', true);
Session::set('idUsuario', $data[usuario][0]->idUsuario);
Session::set('nombre', $data[usuario][0]->nombre);
Session::set('apellidoPaterno', $data[usuario][0]->apellidoPaterno);
$dataUsuario = array('fechaConexion' => date("Y-m-d H:i:s"));
$where = array('correo' => $correo);
$this->_model->updateUsuario($dataUsuario, $where);
Url::redirect('admin-panel');
}
}
View::renderTemplate('header', $data);
View::render('Auth/Login', $data);
View::renderTemplate('footer', $data);
}
public function incrementLevel()
{
$levelActuel = Ajax::get('levelActuel');
$nbInstruction = Ajax::get('tokensLength');
$nbInstructionExecuted = Ajax::get('nbInstructions');
$scoreValue = Ajax::get('score');
$idJoueur = Session::get('id');
$lvlJoueur = Session::get('level');
echo "Nous sommes au level " . $levelActuel . " le joueur est au level " . $lvlJoueur;
if ($levelActuel - 1 == $lvlJoueur) {
$sql = "insert into score values (" . Session::get('id') . "," . $levelActuel . "," . $nbInstructionExecuted . "," . $nbInstruction . "," . $scoreValue . ");";
$sql2 = "update personne set currentLvl = " . $levelActuel . " where id= " . $idJoueur . ";";
echo $sql;
echo $sql2;
$instanceofdb = $this->entityManager = DBManager::getInstance();
$instanceofdb->prepare($sql);
$instanceofdb->execute();
$instanceofdb->prepare($sql2);
$instanceofdb->execute();
//currentLvl ++
Session::set('level', $levelActuel);
} else {
//si le niveau du jeu est inférieur à celui du joueur, on update son score s'il est meilleur
$user = $this->userSQL->findById(Session::get('id'));
if ($user->score < $scoreValue) {
$sql = "update score set score = " . $scoreValue . ", nbInstructions= " . $nbInstructionExecuted . ", nbLignes= " . $nbInstruction . " where idPlayer= " . $idJoueur . ";";
$instanceofdb = $this->entityManager = DBManager::getInstance();
$instanceofdb->prepare($sql);
$instanceofdb->execute();
}
}
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('admin');
}
$model = new \Models\Admin\Auth();
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$username = $_POST['member_username'];
$password = $_POST['member_password'];
if (Password::verify($_POST['member_password'], $model->getHash($_POST['member_username'])) == 0) {
$error[] = 'Wrong username of password';
} else {
$data['user_infos'] = $model->get_user_infos($_POST['member_username']);
Session::set('member_id', $data['user_infos'][0]->member_id);
Session::set('member_username', $username);
Session::set('member_password', '' . $password . '');
Session::set('loggedin', true);
Url::redirect('admin');
}
}
View::renderadmintemplate('loginheader', $data);
View::render('admin/login', $data, $error);
View::renderadmintemplate('footer', $data);
}
public function applicationSpecificInitializations()
{
/**
* Application specific initializations
*/
define('THIS_USER_ID', \Helpers\Session::get('user_id'));
}
public function change_password()
{
//Sanitize Data using Gump helper
$_POST = Gump::sanitize($_POST);
if (isset($_POST['password'])) {
//Validate data using Gump
$is_valid = Gump::is_valid($_POST, array('current_password' => 'required', 'password' => 'required', 'password-again' => 'required'));
if ($is_valid === true) {
$user = $this->userSQL->find(Session::get('id'));
if (Password::verify($_POST['current_password'], $user->password) === true) {
if ($_POST['password'] != $_POST['password-again']) {
$error[] = 'Les deux mots de passe ne sont pas identiques';
}
} else {
$error[] = 'mot de passe courant incorrect';
}
} else {
// $is_valid holds an array for the errors.
$error = $is_valid;
}
if (!$error) {
$user->password = Password::make($_POST['password']);
$this->entityManager->save($user);
Session::set('message', 'Votre mot de passe a bien été mis à jour');
Url::redirect();
}
}
$data['title'] = 'Change Password';
View::rendertemplate('header', $data);
View::render('user/modification', $data, $error);
View::rendertemplate('footer', $data);
}
public function signin()
{
$userModel = new \Models\User();
$helper = $this->fb->getRedirectLoginHelper();
$permissions = ['email', 'user_likes'];
// optional
$callback_url = DIR . 'account/fblogin';
$this->data['loginUrl'] = $helper->getLoginUrl($callback_url, $permissions);
if (isset($_POST['email']) && !empty($_POST['email'])) {
$login = $userModel->login($_POST['email'], md5($_POST['password']));
if (!is_bool($login)) {
Session::set('user_id', $login->user_id);
Session::set('user', $login);
//redirects user to last visited page
$redirectUrl = Session::get('redirectLogin');
Session::destroy('redirectLogin');
if (isset($redirectUrl) && $redirectUrl != '') {
Url::redirect($redirectUrl);
} else {
Url::redirect('board');
}
} else {
Session::set('error', 'Login Fails!');
}
}
$this->data['title'] = 'Sign In';
View::rendertemplate('header', $this->data);
View::render('account/signin', $this->data);
View::rendertemplate('footer', $this->data);
}
public function login()
{
Hooks::addHook('js', 'Controllers\\auth@js');
Hooks::addHook('css', 'Controllers\\auth@css');
$error = 'hi';
$success = 'hi';
if (Session::get('loggedin')) {
Url::redirect();
}
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
//validation
if (Password::verify($password, $this->_model->getHash($username)) == false) {
$error[] = 'Wrong username or password';
}
//if validation has passed carry on
if (!$error) {
Session::set('loggedin', true);
Session::set('username', $username);
Session::set('memberID', $this->_model->getID($username));
$data = array('lastLogin' => date('Y-m-d G:i:s'));
$where = array('memberID' => $this->_model->getID($username));
$this->_model->update($data, $where);
$error = 'hi';
Url::redirect();
}
}
$data['title'] = 'Login';
View::rendertemplate('header', $data);
View::render('auth/login', $data, $error, $success);
View::rendertemplate('footer', $data);
}
public function index()
{
$data['title'] = $this->language->get('beheer klanten');
$rechten = \Helpers\Session::get('rechten') - 1;
$result = $this->getData('klanten', $rechten);
$i = 1;
foreach ($result as $key) {
$data["users"] .= '
<tr>
<td>' . $i . '</td>
<td>' . $key->voornaam . '</td>
<td>' . $key->tussenvoegsel . '</td>
<td>' . $key->achternaam . '</td>
<td>' . $key->email . '</td>
<td style="text-align: right">
<a href="#" data-id="' . $key->klant_id . '" class="EditRow"><i class="fa fa-pencil-square-o fa-lg"></i></a>
<a href="#" data-id="' . $key->klant_id . '" class="DeleteRow"><i class="fa fa-times fa-lg"></i></a>
</td>
</tr>
';
$i++;
}
View::renderTemplate('header', $data);
View::render('beheer/beheerklanten', $data);
View::renderTemplate('footer', $data);
}
/**
* Resgata o tipo da model
*/
public static function getTypeModel()
{
$type = base64_decode(Session::get(md5(Request::getArea() . Request::getController() . Request::getAction())));
if ($type == null) {
return 'stdClass';
}
return $type;
}
public function __construct()
{
parent::__construct();
if (!Session::get('loggedin')) {
Url::redirect('admin-login');
}
$this->_model = new \App\Models\Administrador();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Session::get('loggedin')) {
Url::redirect('login');
}
$this->language->load('Dashboard');
}
/**
* return absolute path to selected template directory
* @param string $path path to file from views folder
* @param array $data array of data
*/
public static function rendertemplate($path, $data = false)
{
if (!headers_sent()) {
foreach (self::$headers as $header) {
header($header, true);
}
}
require "app/templates/" . \helpers\Session::get('template') . "/{$path}.php";
}
public function about()
{
$data['title'] = 'About';
$data['css'] = 'app/templates/landing/css/About.css';
$data['logged'] = Session::get('loggedin');
$data = $this->handleHeader('about', $data);
View::renderTemplate('header', $data, 'landing');
View::render('landing/about', $data);
}
public function index()
{
$model = new \Models\Ratings();
$data['title'] = "Vaše recenze";
$data['ratings'] = $model->getRatingsAndTalesReview(Session::get('userID'));
View::renderTemplate('header', $data);
View::render('review\\ratings', $data, $error);
View::renderTemplate('footer', $data);
}
protected function before()
{
parent::before();
$userId = Session::get('userId');
if ($userId) {
$this->user = new Model_User();
$this->user->get($userId);
}
}
public function get_current_user()
{
if ($this->_user) {
return $this->_user;
}
if (Session::get('user')) {
$this->_user = Session::get('user');
}
return $this->_user;
}
public static function authRole($role)
{
//CHECK IF USER IS LOGGED IN
self::block();
$user = Session::get('user');
if ($user->role != $role) {
// var_dump($user->role);
Url::redirect('home');
}
}
public function getUserPermissions($user_id = NULL)
{
self::init();
if (empty($user_id)) {
$user_id = Session::get('id');
}
$userPermissions = self::$db->select(" \n\t\t\t(\n SELECT name as permission_name, permission_id\n FROM " . PREFIX . "user_has_permissions AS uhp\n LEFT JOIN " . PREFIX . "permissions AS p\n ON p.id = uhp.permission_id\n WHERE\n user_id = :user_id\n )\n UNION\n ( \n SELECT p.name as permission_name, permission_id\n FROM " . PREFIX . "role_has_permissions AS rhp\n LEFT JOIN " . PREFIX . "user_has_roles AS uhr\n ON rhp.role_id = uhr.role_id\n LEFT JOIN " . PREFIX . "roles AS r\n ON r.id = uhr.role_id\n LEFT JOIN " . PREFIX . "permissions AS p\n ON p.id = rhp.permission_id\n WHERE\n user_id = :user_id\n ) \n\t\t\t", array(':user_id' => $user_id));
$this->permissions = $userPermissions;
return $this->permissions;
}
public function wishlist()
{
$tripId = \helpers\Session::get("tripId");
$data['applicants'] = $this->wishListModel->get_wishlist($tripId);
foreach ($data['applicants'] as $applicants_info) {
$applicants_info->age = $this->wishListModel->get_age_at_time($applicants_info->dateOfBirth, date('Y-m-d', time()));
}
View::rendertemplate('iframe_header', $data);
View::render('draftBoard/wishlist', $data, $error);
}
public static function none($level)
{
$sessionLogin = Session::get('loggedin');
if ($sessionLogin) {
if ($level == 'student') {
Url::redirect(DIR, true);
} else {
Url::redirect(DIR . 'teacher', true);
}
}
}
protected static function getCurrentLanguage($code)
{
if ($code != LANGUAGE_CODE) {
// User defined Language Code; nothing to do.
} else {
if (Session::exists('language')) {
return Session::get('language');
}
}
return ucfirst($code);
}
public function login()
{
$data['title'] = "Login";
$data['css'] = array("css/login.css");
if (\Helpers\Session::get('loggedin')) {
View::renderTemplate('header', $data);
View::render('auth/loggedin', $data);
View::renderTemplate('footer', $data);
return;
}
// If login data posted
if (isset($_POST['submit'])) {
// Check everything's there
if (isset($_POST['username']) && isset($_POST['password'])) {
// Check the password
if ($_POST['password'] == "") {
$data['error_message'] = "Your password isn't blank, mate.";
} else {
$password_confirmation = $this->_users->check_user($_POST['username'], $_POST['password']);
if ($password_confirmation['correct']) {
// LOG EM IN
\helpers\session::set('loggedin', true);
\helpers\session::set('username', $_POST['username']);
// Redirect To URL
if (isset($_POST['redirect']) && $_POST['redirect'] != "") {
header('Location: ' . $_POST['redirect']);
} else {
header('Location: /manage/');
}
return;
} else {
$data['error_message'] = $password_confirmation['message'];
}
}
}
if (isset($_POST['redirect'])) {
$data['redirect'] = $_POST['redirect'];
}
}
// Set the redirect if it hasn't already been set
if (isset($_SERVER['HTTP_REFERER']) && (!isset($data['redirect']) || $data['redirect'] == "")) {
// Check if the redirect came from us
if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) == SITELOCATION) {
// Check the URL wasn't the logout URL
if (!strpos(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_PATH), '/logout')) {
$data['redirect'] = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_PATH);
}
}
}
View::renderTemplate('header', $data);
View::render('auth/login', $data);
View::renderTemplate('footer', $data);
}
