public function addCategory() { $viewModel = new CategoryAddInformation(); if (isset($_POST['categoryText'])) { $bm = new CategoryAddBindingModel(); try { $acsrf = new \Hyper\Core\Csrf(); if ($acsrf->validateToken()) { $user = $bm->getCategoryText(); //$_POST['username']; $categoryModel = new Category(self::DB_INSTANCE); $categoryModel->add($categoryText); } else { throw new \Exception('Anti-CSRF token does not match'); } } catch (\Exception $e) { $viewModel->error = $e->getMessage(); return new View($viewModel); } } return new View($viewModel); }
public function profile() { if (!$this->isLogged()) { header("Location: " . Helpers::url() . 'editor/login'); exit; } $userModel = new Editor(self::DB_INSTANCE); $viewModel = new ProfileInformation(); $userRow = $userModel->getInfo($_SESSION['id']); $user = new EditorViewModel($userRow['username'], $userRow['password'], $userRow['id'], $userRow['email']); $viewModel->setUser($user); if (isset($_POST['edit'])) { try { $bm = new UserEditBindingModel(); if ($_POST['password'] != $_POST['confirm'] || empty($_POST['password'])) { throw new \Exception('Empty password or passwords do not match'); } $acsrf = new \Hyper\Core\Csrf(); if ($acsrf->validateToken()) { $user = new EditorViewModel($bm->getUsername(), $bm->getPassword(), $_SESSION['id'], $bm->getEmail()); if ($userModel->edit($user)) { $viewModel->getUser()->setUsername($user->getUsername()); $viewModel->success = 'Edit successful'; } } else { throw new \Exception('Anti-CSRF token does not match'); } } catch (\Exception $e) { $viewModel->error = $e->getMessage(); return new View($viewModel); } } return new View($viewModel); }