public static function checkUser() { // Предотвращение перехвата сеанса $sessUserId = Session::get('user_id'); if (!isset($sessUserId)) { Session::destroy(); // unset($this->user); Session::setMsg('Произошла ошибка. Пожалуйста авторизуйтесь заново', 'warning'); return FALSE; } // Предотвращение фиксации сеанса (включая ini_set('session.use_only_cookies', true);) $sessGenerated = Session::get('generated'); if (!isset($sessGenerated) || $sessGenerated < time() - 30) { session_regenerate_id(); $_SESSION['generated'] = time(); } if ($sessUserId) { $userModel = new UserTableModel(); $userModel->setId($sessUserId); $userModel->setTable('user'); $username = $userModel->readRecordsById('id', 'username')[0]['username']; Session::set('username', $username); return TRUE; } return FALSE; }
public function getUserActivity($limit = FALSE) { $output = []; if ($limit) { $limit = 'LIMIT ' . $limit; } $model = new UserTableModel(); $model->setTable('operation_log'); $model->readAllRecords('*', 'ORDER BY time DESC LIMIT 30'); $records = $model->getAllRecords(); $model->readAllRecords("DISTINCT DATE_FORMAT(`time`, '%Y-%m-%d') as time", "GROUP BY time ORDER BY time DESC {$limit}"); $groupRecords = $model->getAllRecords(); foreach ($groupRecords as $key => $record) { $date = explode(' ', $record['time'])[0]; $model->readAllRecords("*", "WHERE DATE_FORMAT(`time`, '%Y-%m-%d') = '{$date}'"); $records = $model->getAllRecords(); foreach ($records as $key2 => $record) { if (!empty($record['manager'])) { $model->setTable('user'); $model->setId($record['manager']); $records[$key2]['manager_name'] = $model->readRecordsById('id', 'username')[0]['username']; } } $model->setTable('operation_log'); $groupRecords[$key]['records'] = $records; } return $groupRecords; }
protected function rememberMeChecker() { if (filter_has_var(INPUT_COOKIE, 'remember')) { $remember = filter_input(INPUT_COOKIE, 'remember'); $user_id = (int) substr($remember, 0, strpos($remember, '-')); $userModel = new UserTableModel(); if ($user_id) { $userModel->setId($user_id); $userModel->setTable('user'); $userModel->readRecordsById('id', 'password_hash'); $password = $userModel->getRecordsById()[0]['password_hash']; } $joinStr = $user_id . '-' . md5($user_id . $_SERVER['REMOTE_ADDR'] . $password); return $remember === $joinStr ? $user_id : FALSE; } }
public function __construct($title = '', $subTitle = '') { $this->title = $title; $userModel = new UserTableModel(); $userModel->setId(Session::get('user_id')); $userModel->setTable('user'); $userModel->readRecordsById('id', '`id`,`username`, `full_name`, `photo`, `email`'); $userModel->readUserAddress(); $userModel->readUserPhones(); $this->setData(['title' => $title, 'subTitle' => $subTitle, 'user' => $userModel->getRecordsById()[0], 'userContacts' => $userModel->getUserContacts()]); }
public function viewAction() { $fc = FrontController::getInstance(); $model = new FrontModel(); $articleModel = new ArticleTableModel(); $userModel = new UserTableModel(); $id = filter_var($fc->getParams()['id'], FILTER_SANITIZE_NUMBER_INT); if (!$id) { header('Location: /admin/notFound'); exit; } $articleModel->setId($id); $articleModel->setTable('article'); $article = $articleModel->readRecordsById(); $userModel->setId($article[0]['author']); $userModel->setTable('user'); $model->setData(['article' => $article, 'author' => $userModel->readRecordsById('id', 'id, username')]); $output = $model->render('../views/blog/view.php', 'withoutSlider'); $fc->setPage($output); }
public function validateAction() { $fc = FrontController::getInstance(); $model = new UserTableModel(); $model->setTable('user'); if (empty($fc->getParams()['email']) && empty($fc->getParams()['key'])) { header('Location: /'); exit; } $model->setValidateUserData($fc->getParams()); if ($model->checkValidKey()) { $output = $model->render('../views/user/validate.php', 'withoutSliderAndSidebarAndFooter'); $fc->setPage($output); } else { Session::setMsg('Невозможно активировать данный аккаунт. Пожалуйста зарегистрируйтесь заново', 'warning'); header('Location: /user/login'); exit; } }
public function __construct() { parent::__construct(); }
public function deleteUserAction() { header('Content-Type: application/json; charset=utf-8'); header('Cache-Control: no-store, no-cache'); header('Expires: ' . date('r')); if (filter_has_var(INPUT_GET, 'id')) { $id = filter_input(INPUT_GET, 'id', FILTER_SANITIZE_NUMBER_INT); } if (!$id) { throw new Exception('не задан id пользователя для удаления!'); } $userModel = new UserTableModel(); $userModel->deleteUser($id); echo TRUE; }
public function editArticleAction() { $fc = FrontController::getInstance(); $model = new AdminModel('Редактирование статьи'); $articleModel = new ArticleTableModel(); $userModel = new UserTableModel(); $id = filter_var($fc->getParams()['id'], FILTER_SANITIZE_NUMBER_INT); $articleModel->setId($id); $articleModel->setTable('article'); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $articleModel->setData(); $articleModel->updateRecord(); Session::setMsg('Статья успешно обновлена', 'success'); header('Location: /admin/viewArticle/id/' . $articleModel->getArticle()->getData()['id']); exit; } else { $article = $articleModel->readRecordsById(); $userModel->setId($article[0]['author']); $userModel->setTable('user'); $model->setData(['article' => $article, 'author' => $userModel->readRecordsById('id', 'id, username')]); $output = $model->render('../views/admin/blog/editArticle.php', 'admin'); $fc->setPage($output); } }