public static function checkUser()
{
// Предотвращение перехвата сеанса
$sessUserId = Session::get('user_id');
if (!isset($sessUserId)) {
Session::destroy();
// unset($this->user);
Session::setMsg('Произошла ошибка. Пожалуйста авторизуйтесь заново', 'warning');
return FALSE;
}
// Предотвращение фиксации сеанса (включая ini_set('session.use_only_cookies', true);)
$sessGenerated = Session::get('generated');
if (!isset($sessGenerated) || $sessGenerated < time() - 30) {
session_regenerate_id();
$_SESSION['generated'] = time();
}
if ($sessUserId) {
$userModel = new UserTableModel();
$userModel->setId($sessUserId);
$userModel->setTable('user');
$username = $userModel->readRecordsById('id', 'username')[0]['username'];
Session::set('username', $username);
return TRUE;
}
return FALSE;
}
public function getUserActivity($limit = FALSE)
{
$output = [];
if ($limit) {
$limit = 'LIMIT ' . $limit;
}
$model = new UserTableModel();
$model->setTable('operation_log');
$model->readAllRecords('*', 'ORDER BY time DESC LIMIT 30');
$records = $model->getAllRecords();
$model->readAllRecords("DISTINCT DATE_FORMAT(`time`, '%Y-%m-%d') as time", "GROUP BY time ORDER BY time DESC {$limit}");
$groupRecords = $model->getAllRecords();
foreach ($groupRecords as $key => $record) {
$date = explode(' ', $record['time'])[0];
$model->readAllRecords("*", "WHERE DATE_FORMAT(`time`, '%Y-%m-%d') = '{$date}'");
$records = $model->getAllRecords();
foreach ($records as $key2 => $record) {
if (!empty($record['manager'])) {
$model->setTable('user');
$model->setId($record['manager']);
$records[$key2]['manager_name'] = $model->readRecordsById('id', 'username')[0]['username'];
}
}
$model->setTable('operation_log');
$groupRecords[$key]['records'] = $records;
}
return $groupRecords;
}
protected function rememberMeChecker()
{
if (filter_has_var(INPUT_COOKIE, 'remember')) {
$remember = filter_input(INPUT_COOKIE, 'remember');
$user_id = (int) substr($remember, 0, strpos($remember, '-'));
$userModel = new UserTableModel();
if ($user_id) {
$userModel->setId($user_id);
$userModel->setTable('user');
$userModel->readRecordsById('id', 'password_hash');
$password = $userModel->getRecordsById()[0]['password_hash'];
}
$joinStr = $user_id . '-' . md5($user_id . $_SERVER['REMOTE_ADDR'] . $password);
return $remember === $joinStr ? $user_id : FALSE;
}
}
public function __construct($title = '', $subTitle = '')
{
$this->title = $title;
$userModel = new UserTableModel();
$userModel->setId(Session::get('user_id'));
$userModel->setTable('user');
$userModel->readRecordsById('id', '`id`,`username`, `full_name`, `photo`, `email`');
$userModel->readUserAddress();
$userModel->readUserPhones();
$this->setData(['title' => $title, 'subTitle' => $subTitle, 'user' => $userModel->getRecordsById()[0], 'userContacts' => $userModel->getUserContacts()]);
}
public function viewAction()
{
$fc = FrontController::getInstance();
$model = new FrontModel();
$articleModel = new ArticleTableModel();
$userModel = new UserTableModel();
$id = filter_var($fc->getParams()['id'], FILTER_SANITIZE_NUMBER_INT);
if (!$id) {
header('Location: /admin/notFound');
exit;
}
$articleModel->setId($id);
$articleModel->setTable('article');
$article = $articleModel->readRecordsById();
$userModel->setId($article[0]['author']);
$userModel->setTable('user');
$model->setData(['article' => $article, 'author' => $userModel->readRecordsById('id', 'id, username')]);
$output = $model->render('../views/blog/view.php', 'withoutSlider');
$fc->setPage($output);
}
public function validateAction()
{
$fc = FrontController::getInstance();
$model = new UserTableModel();
$model->setTable('user');
if (empty($fc->getParams()['email']) && empty($fc->getParams()['key'])) {
header('Location: /');
exit;
}
$model->setValidateUserData($fc->getParams());
if ($model->checkValidKey()) {
$output = $model->render('../views/user/validate.php', 'withoutSliderAndSidebarAndFooter');
$fc->setPage($output);
} else {
Session::setMsg('Невозможно активировать данный аккаунт. Пожалуйста зарегистрируйтесь заново', 'warning');
header('Location: /user/login');
exit;
}
}
public function __construct()
{
parent::__construct();
}
public function deleteUserAction()
{
header('Content-Type: application/json; charset=utf-8');
header('Cache-Control: no-store, no-cache');
header('Expires: ' . date('r'));
if (filter_has_var(INPUT_GET, 'id')) {
$id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT);
}
if (!$id) {
throw new Exception('не задан id пользователя для удаления!');
}
$userModel = new UserTableModel();
$userModel->deleteUser($id);
echo TRUE;
}
public function editArticleAction()
{
$fc = FrontController::getInstance();
$model = new AdminModel('Редактирование статьи');
$articleModel = new ArticleTableModel();
$userModel = new UserTableModel();
$id = filter_var($fc->getParams()['id'], FILTER_SANITIZE_NUMBER_INT);
$articleModel->setId($id);
$articleModel->setTable('article');
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$articleModel->setData();
$articleModel->updateRecord();
Session::setMsg('Статья успешно обновлена', 'success');
header('Location: /admin/viewArticle/id/' . $articleModel->getArticle()->getData()['id']);
exit;
} else {
$article = $articleModel->readRecordsById();
$userModel->setId($article[0]['author']);
$userModel->setTable('user');
$model->setData(['article' => $article, 'author' => $userModel->readRecordsById('id', 'id, username')]);
$output = $model->render('../views/admin/blog/editArticle.php', 'admin');
$fc->setPage($output);
}
}
