public function login()
{
$am = new authentificationManager();
$error = "";
$username = "";
//$date = [];
// traitement du formulaire
if (!empty($_POST)) {
$username = $_POST['username'];
$password = $_POST['password'];
$result = $am->isValidLoginInfo($username, $password);
// si valide : connexion
if ($result > 0) {
$userId = $result;
// récuper l'utilisateur
$userManager = new \Manager\UserManager();
$user = $userManager->find($userId);
// connexion l'user***********************************************
$am->logUserIn($user);
$user = $this->getUser();
// redirection
$this->redirectToRoute('catalogue');
} else {
$error = "Mauvais identifiant ! ou Mauvais mot de passe !";
echo $error;
}
}
// $date['error'] = $error;
// $data['username'] = $username;
$this->show('temps/connexion');
}
public function login()
{
$am = new AuthentificationManager();
$error = "";
$username = "";
$data = [];
//traitement du formulaire
if (!empty($_POST)) {
debug($_POST);
//VALIDATION
$username = $_POST['username'];
$password = $_POST['password'];
$result = $am->isValidLoginInfo($username, $password);
//SI VALIDE : CONNEXION
if ($result > 0) {
//la fonction isValidLoginInfo nous a donné l'id du User
$userId = $result;
//Récupère l'utilisateur
$userManager = new \Manager\UserManager();
$user = $userManager->find($userId);
//connecte l'user
$am->logUserIn($user);
//redirection
$this->redirectToRoute('show_all_terms');
} else {
$error = "no";
}
}
$data['error'] = $error;
$data['username'] = $username;
$this->show('user/login', $data);
$this->show('user/login');
}
public function login()
{
$authentificationManager = new AuthentificationManager();
$username = "";
$password = "";
$error = "";
$data = [];
if (!empty($_POST)) {
$username = $_POST['username'];
$password = $_POST['password'];
$result = $authentificationManager->isValidLoginInfo($username, $password);
if ($result > 0) {
$userId = $result;
//recupere l'utilisateur
$userManager = new \Manager\UserManager();
$user = $userManager->find($userId);
//connecte l'user
$authentificationManager->logUserIn($user);
$this->redirectToRoute('show_all_terms');
} else {
$error = "Mauvais identifiant !";
}
}
$data['error'] = $error;
$data['username'] = $username;
$this->show('users/login', $data);
}
public function register()
{
$this->allowTo('admin');
$userManager = new UserManager();
$error = "";
$username = "";
$email = "";
//formulaire d'inscription soumis ?
if (!empty($_POST)) {
//ninja shit ?
foreach ($_POST as $key => $value) {
//créer une variable $username, $email, $password, etc...
${$key} = trim(strip_tags($value));
}
// //La boucle foreach revient à écrire v
// $username = trim(strip_tags($_POST['username']));
// $email = trim(strip_tags($_POST['email']));
// $password = trim(strip_tags($_POST['password']));
// $password_confirm = trim(strip_tags($_POST['password_confirm']));
/*Validadation*/
//-----------------------------------------------------
//username assez long ?
if (strlen($username) < 4) {
$error = "Votre pseudo est trop court";
}
//-----------------------------------------------------
//pseudo déjà présent dans la bdd ?
if ($userManager->usernameExists($username)) {
$error = "Pseudo déjà utilisé !";
}
//-----------------------------------------------------
//email déjà présent dans la bdd ?
if ($userManager->emailExists($email)) {
$error = "Email déjà existant !";
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = "Email non valide";
}
//-----------------------------------------------------
//mot de passe correspondent?
if ($password != $password_confirm) {
$error = "Les mots de passe ne correspondent pas !";
}
//-----------------------------------------------------
/*Fin de validation*/
//si valide ..
if (empty($error)) {
//hacher le mot de passe
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$newAdmin = ["username" => $username, "email" => $email, "password" => $hashedPassword, "role" => "admin", "dateCreated" => date("Y-m-d H:i:s"), "dateModified" => date("Y-m-d H:i:s")];
//insérer en base
$userManager->insert($newAdmin);
}
}
//afficher bravo ou rediriger ou faire quelque chose de bien
// si invalide..
//envoyer les erreurs et les données soumises à la vue
$dataToPassToTheView = ["username" => $username, "email" => $email, "error" => $error];
$this->show('user/register_administrator', $dataToPassToTheView);
}
public function register()
{
$userManager = new UserManager();
$error = "";
$username = "";
$email = "";
//formulaire d'inscription soumis ?
if (!empty($_POST)) {
$username = trim(strip_tags($_POST['username']));
$email = trim(strip_tags($_POST['email']));
$password = trim(strip_tags($_POST['password']));
$password_confirm = trim(strip_tags($_POST['password_confirm']));
/* validation */
//username assez long
if (strlen($username) < 4) {
$error = "Pseudo trop court";
}
//username déjà présent ?
if ($userManager->usernameExists($username)) {
$error = "Pseudo déjà utilisé !";
}
//email valide
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = "Email non valide !";
}
//email déjà présent ?
if ($userManager->emailExists($email)) {
$error = "Email déjà utilisé !";
}
//mots de passe correspondent ?
if ($password != $password_confirm) {
$error = "Les mots de passe ne correspondent pas !";
}
/* fin validation */
//si valide...
if (empty($error)) {
//hacher le mot de passe
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$newAdmin = ["username" => $username, "email" => $email, "password" => $hashedPassword, "role" => "admin", "dateCreated" => date("Y-m-d H:i:s"), "dateModified" => date("Y-m-d H:i:s")];
//insérer en base
$userManager->insert($newAdmin);
//afficher bravo ou rediriger ou faire quelque chose de bien
}
//si invalide...
//envoyer les erreurs et les données soumises à la vue
}
$dataToPassToTheView = ["error" => $error, "username" => $username, "email" => $email];
$this->show('user/register_administrator', $dataToPassToTheView);
}
public function register()
{
$this->allowTo('admin');
$userManager = new UserManager();
$error = "";
$username = "";
$email = "";
if (!empty($_POST)) {
foreach ($_POST as $k => $v) {
${$k} = trim(strip_tags($v));
}
// $username = trim(strip_tags($_POST['username']));
// $email = trim(strip_tags($_POST['email']));
// $password = trim(strip_tags($_POST['password']));
// $confirmPassword = trim(strip_tags($_POST['confirmPassword']));
if (strlen($username) < 4) {
$error = 'Identifiant trop court !';
}
if ($userManager->usernameExists($username)) {
$error = "Pseudo déjà utilisé !";
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = "Email non valide !";
}
if ($userManager->emailExists($email)) {
$error = "Email déjà utilisé !";
}
//mots de passe correspondent
if ($password != $confirmPassword) {
$error = "les mots de passe ne corresponds pas!";
}
//si valide
if (empty($error)) {
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$newAdmin = ["username" => $username, "email" => $email, "password" => $hashedPassword, "role" => "admin", "dateCreated" => date("Y-m-d H:i:s"), "dateModified" => date("Y-m-d H:i:s")];
//inserer en base
$userManager->insert($newAdmin);
}
}
$dataToPassToTheView = ["error" => $error, "username" => $username, "email" => $email];
$this->show('users/register_administrator', $dataToPassToTheView);
}
public function returnOrder()
{
$cartManager = new CartManager();
$bookManager = new BookManager();
$userManager = new UserManager();
$cartId = "";
$books = "";
if (!empty($_POST)) {
$cartId = trim(strip_tags($_POST['cartId']));
// Retrouver la commande correspondante
$booksIds = $cartManager->findAllBooksIdsInCart($cartId);
$books = $bookManager->showBooks($booksIds);
// Récupérer l'id de l'utilisateur
$userId = $cartManager->getUserIdByCart($cartId);
$user = $userManager->find($userId);
$data = ['books' => $books, 'user' => $user];
$this->show('admin/confirm_order_return', $data);
} else {
$this->show('admin/confirm_order_return');
}
}
public function changePassword()
{
$token = $_GET['token'];
$username = $_GET['username'];
$userManager = new UserManager();
$user = $userManager->getUsername($username);
if (!password_verify($token, $user['token'])) {
echo 'die mutherfucker';
}
$confirm_password = "";
$errorConfirm_password = "";
if (!empty($_POST)) {
$password = trim(strip_tags($_POST['password']));
$confirm_password = trim(strip_tags($_POST['confirm_password']));
if ($password != $confirm_password) {
$errorConfirm_password = "******";
} else {
if (strlen($password) < 6) {
$errorConfirm_password = "******";
} else {
$containsLetter = preg_match('/[a-zA-Z]/', $password);
$containsDigit = preg_match('/\\d/', $password);
$containsSpecial = preg_match('/[^a-zA-Z\\d]/', $password);
if (!$containsLetter || !$containsDigit || !$containsSpecial) {
$errorConfirm_password = "******";
}
}
}
if (empty($errorConfirm_password)) {
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$id = $user['id'];
$newPassword = ["password" => $hashedPassword];
$userManager->update($newPassword, $id);
}
}
$data['errorConfirm_password'] = $errorConfirm_password;
$this->show('user/change_password', $data);
}
public function register()
{
$this->allowTo('admin');
$userManager = new UserManager();
$usernameError = "";
$emailError = "";
$passwordError = "";
if (!empty($_POST)) {
foreach ($_POST as $k => $v) {
${$k} = trim(strip_tags($v));
}
// validation
// username assez long
if (empty($username)) {
$usernameError = "Veuillez indiquer un pseudo !";
} else {
if (strlen($username) < 4) {
$usernameError = "Nom d'utilisateur trop court !";
} else {
if ($userManager->usernameExists($username)) {
$usernameError = "Ce pseudo est déjà utilisé !";
}
}
}
// email valide
if (empty($email)) {
$emailError = "Veuillez entrer une adresse email !";
} else {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailError = "L'adresse email n'est pas valide";
} else {
if ($userManager->emailExists($email)) {
$emailError = "Cet adresse email est déjà utilisée !";
}
}
}
// mot de passe valide
if (empty($password)) {
$passwordError = "Veuillez entrer un mot de passe !";
} else {
if (strlen($password) <= 6) {
$passwordError = "Veuillez entrer un mot de passe d'au moins 7 caractères !";
}
}
// mots de passe correspondent ?
if ($password != $password_again) {
$passwordError = "Les mots de passe que vous avez indiqué ne correspondent pas !";
}
// si valide ...
if ($usernameError == "" && $emailError == "" && $passwordError == "") {
// hacher le mot de passe
$password_hashed = password_hash($password, PASSWORD_DEFAULT);
$newAdmin = ['username' => $username, 'email' => $email, 'password' => $password_hashed, 'role' => 'admin', 'date_created' => date('Y-m-d H:i:s'), 'date_modified' => date('Y-m-d H:i:s')];
// insérer en bdd
$insertSuccess = $userManager->insert($newAdmin);
// afficher bravo ou rediriger
if ($insertSuccess) {
$this->redirectToRoute('show_all_terms');
}
} else {
// envoyer les erreurs et les données soumises à la vue
$dataToPassToTheView = ['username' => $username, 'email' => $email, 'usernameError' => $usernameError, 'emailError' => $emailError, 'passwordError' => $passwordError];
$this->show('user/register_administrator', $dataToPassToTheView);
}
}
$this->show('user/register_administrator');
}
public function register()
{
// $this->allowTo('admin');
$user = $this->getUser();
$UserManager = new UserManager();
$error = [];
$username = "";
$email = "";
$password = "";
$password_confirm = "";
$hashedPassword = "";
$nom = "";
$prenom = "";
$code_postal = "";
$adress = "";
$tel = "";
$code_postalRegexp = "/^[0-9]{5}\$/";
$telRegexp = "/^[0-9]{10}\$/";
// formulaire d'inscription -------------------------------------
// if(!empty($_POST)){
// foreach ($$_POST as $k => $v) {
// // crée une variable $username, $email, $password, etc...
// $$k = trim(strip_tags($v));
// } ------------------------------------------------------------
if (!empty($_POST)) {
$username = trim(strip_tags($_POST['username']));
$email = trim(strip_tags($_POST['email']));
$password = trim(strip_tags($_POST['password']));
$password_confirm = trim(strip_tags($_POST['password_confirm']));
$nom = trim(strip_tags($_POST['nom']));
$prenom = trim(strip_tags($_POST['prenom']));
$adress = trim(strip_tags($_POST['adress']));
$code_postal = trim(strip_tags($_POST['code_postal']));
$tel = trim(strip_tags($_POST['tel']));
/* validation */
if (empty($username)) {
$error['username'] = "******";
}
// username assez long
if (strlen($username) < 4) {
$error['username'] = "******";
}
/*else{
$sql = "SELECT username FROM users WHERE username = :username";
$sth = $dbh->prepare($sql);
$sth -> execute(array(":username"=> $username));
$foundUsername = $sth->fetchColumn();
if ($foundUsername){
$error= "ce username existe déjà";
}
}*/
// email
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error['email'] = "email non valide !";
} elseif (strlen($email) > 250) {
$error['email'] = "email trop long non valide !";
}
// mot de passe correspondent
if ($password != $password_confirm) {
$error['password'] = "******";
} elseif (strlen($password) < 6) {
$error['password'] = "******";
}
if (empty($nom)) {
$error['nom'] = "Veuillez saisir votre nom !";
}
if (empty($prenom)) {
$error['prenom'] = "Veuillez saisir votre prenom !";
}
if (empty($adress)) {
$error['adress'] = "Veuillez saisir votre adress !";
}
if (empty($code_postal)) {
$error['code_postal'] = "Veuillez saisir votre code postal!";
} elseif (!preg_match($code_postalRegexp, $code_postal)) {
$error['code_postal'] = "votre code postal doit correspondre à 5 chiffres";
}
if (empty($tel)) {
$error['tel'] = "Veuillez saisir votre tel!";
} elseif (!preg_match($telRegexp, $tel)) {
$error['tel'] = "votre numero de tel doit correspondre à 10 chiffres";
}
/* fin de la validation */
// si valide...
if (empty($error)) {
//}
// hacher le mot de passe
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$newUser = ["username" => $username, "email" => $email, "password" => $hashedPassword, "nom" => $nom, "prenom" => $prenom, "code_postal" => $code_postal, "adress" => $adress, "tel" => $tel, "date_created" => date("Y-m-d H:i:s"), "date_modified" => date("Y-m-d H:i:s")];
// debug($_POST);
// die();
//inseérrer en base
$UserManager->insert($newUser);
}
//afficher bravo ou rediriger ou faire quelque
//si invalide..
//envoyer les erreurs et les données soumises à la vue
}
$dataToPassToTheView = ["username" => $username, "email" => $email, "password" => $password, "nom" => $nom, "prenom" => $prenom, "code_postal" => $code_postal, "adress" => $adress, "tel" => $tel, "errors" => $error];
$this->show('temps/abonnement', $dataToPassToTheView);
// $this->RedirectToRoute('abonnement');
}
public function editProfile()
{
//page modification profil
// modif du profil
if (isset($_POST)) {
if (!empty($_POST["editPseudo"]) || !empty($_POST["editLastname"]) || !empty($_POST["editFirstname"]) || !empty($_POST["datenaissance"]) || !empty($_POST["gender"]) || !empty($_POST["ville"]) || !empty($_POST["loisirs"])) {
/*
-trouver l'identifiant du pseudo
-récuperer son id
-insérer les données dans la BDD
*/
$userManager = new UserManager();
$user = $this->getUser();
$userManager->update(["user_pseudo" => $_POST["editPseudo"], "user_lastname" => $_POST["editLastname"], "user_firstname" => $_POST["editFirstname"], "user_age" => $_POST["datenaissance"], "user_gender" => $_POST["gender"], "user_location" => $_POST["ville"]], $user["id"]);
}
}
$this->show('user/editProfile', ['title' => "toetter | modifie ton profil"]);
}
public function editPassword()
{
$authentificationManager = new AuthentificationManager();
$userManager = new UserManager();
$old_passwordError = "";
$passwordError = "";
if (!empty($_POST)) {
foreach ($_POST as $k => $v) {
${$k} = trim(strip_tags($v));
}
// On s'assure que l'ancien mot de passe est valide
$result = $authentificationManager->isValidLoginInfo($_SESSION['user']['username'], $old_password);
// Si c'est valide,
if ($result > 0) {
// On vérifie que les nouveaux mots de passe sont bien identiques
if ($password != $confirmPassword) {
$passwordError = "le mot de passe ne correspond pas !";
}
// On hache le nouveau mot de passe
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
if ($userManager->update(['password' => $hashedPassword], $_SESSION['user']['id'])) {
$refreshUser = $userManager->find($_SESSION['user']['id']);
$_SESSION['user'] = $refreshUser;
}
} else {
$old_passwordError = "Mauvais mot de passe !";
}
}
$data = ['old_passwordError' => $old_passwordError, 'passwordError' => $passwordError];
$this->show('user/edit_password', $data);
}
public function register()
{
$am = new AuthentificationManager();
$userManager = new UserManager();
$error = "";
$username = "";
$email = "";
$firstname = "";
$lastname = "";
$streetname = "";
$phonenumber = "";
$zipcode = "";
$pic_name = "default.png";
$user_name_regex = "/^[\\p{L}0-9._-]{2,100}\$/u";
$adresse_regex = "^([\\d\\/-]*[\\h]?(bis|ter)?)[\\h]*([\\D]{3}.*)\$";
if (!empty($_POST)) {
$email = trim(strip_tags($_POST['email']));
$username = trim(strip_tags($_POST['username']));
$password = trim(strip_tags($_POST['password']));
$confirm = trim(strip_tags($_POST['confirm']));
$firstname = trim(strip_tags($_POST['firstname']));
$lastname = trim(strip_tags($_POST['lastname']));
$streetname = trim(strip_tags($_POST['streetname']));
$zipcode = trim(strip_tags($_POST['zipcode']));
$phonenumber = trim(strip_tags($_POST['phonenumber']));
// username valide ?
if (strlen($username) < 4) {
$error = "Votre Pseudo doit comporter 4 lettres minimum !";
}
if (!preg_match($user_name_regex, $username)) {
$error = "Votre Pseudo ne doit pas contenir de caractère spéciaux !";
}
if ($userManager->usernameExists($username)) {
$error = "Ce Pseudo est deja utillisé !";
}
// Email valide ?
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = "Email non valide";
}
if ($userManager->emailExists($email)) {
$error = "Cet Email est deja utillisé !";
}
// Adresse valide FAIL
//if (!preg_match($adresse_regex, $streetname)) {
// $error = "Votre adresse n'es pas valide !";
//}
// ZIPCODE valide
if ($zipcode <= "75000" || $zipcode >= "75021") {
$error = "Vous devez habiter Paris pour vous inscrire à notre service !";
}
// Téléphone valide
if (preg_match("/^[0-9]{2}-[0-9]{2}-[0-9]{2}-[0-9]{2}\$/", $phonenumber)) {
// $phonenumber is valid
$error = "Votre numéro de téléphone n'est pas valide !";
}
// 2er cihffre du Telephone coresponde a 01,02,03,04,05,06,07,08 ou 09
if (substr($phonenumber, 0, 2) < "01" || substr($phonenumber, 0, 2) > "09") {
$error = "Votre numéro de téléphone n'est pas valide !";
} else {
$containsLetter = preg_match('/[a-zA-Z]/', $password);
$containsDigit = preg_match('/\\d/', $password);
if (!$containsLetter || !$containsDigit) {
$error = "Merci de choisir un mot de passe comportant au moins une lettre et un chiffre !";
}
}
// Password identiques ?
if ($password != $confirm) {
$error = "Vos mots de passe doivent être identiques !";
}
//si valide...
if (empty($error)) {
//hasher le mot de passe
$hash = password_hash($password, PASSWORD_DEFAULT);
//insérer en base
$newSubscriber = ["username" => $username, "email" => $email, "password" => $hash, "firstname" => $firstname, "lastname" => $lastname, "zip_code" => $zipcode, "street_name" => $streetname, "phone_number" => $phonenumber, "date_modified" => date("Y-m-d H:i:s"), "date_created" => date("Y-m-d H:i:s"), "pic_name" => $pic_name];
$userManager = new \Manager\UserManager();
$userManager->insert($newSubscriber);
$am->LogUserIn($newSubscriber);
$user = $this->getUser();
$this->redirectToRoute('catalogue');
}
}
/* Afficher la page */
$data = [];
$data['error'] = $error;
$data['username'] = $username;
$data['email'] = $email;
$data['firstname'] = $firstname;
$data['lastname'] = $lastname;
$data['zipcode'] = $zipcode;
$data['streetname'] = $streetname;
$data['phonenumber'] = $phonenumber;
$data['pic_name'] = $pic_name;
$this->show('user/register', $data);
}
