public function forgotPassword()
{
$userManager = new UserManager();
$succes = "";
$error = "";
if (!empty($_POST)) {
$factory = new \RandomLib\Factory();
$generator = $factory->getGenerator(new \SecurityLib\Strength(\SecurityLib\Strength::MEDIUM));
$token = $generator->generateString(32, '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
$email = $_POST['email'];
// Verif si email existe dans la BDD
if ($userManager->emailExists($email)) {
$user = $userManager->getUserByUsernameOrEmail($email);
$userManager->update(array("token" => $token), $user['id']);
// Envois du mail
$mail = new \PHPMailer();
$mail->isSMTP();
$mail->setLanguage('fr');
$mail->CharSet = 'UTF-8';
$mail->SMTPDebug = 2;
//0 pour désactiver les infos de débug
$mail->Debugoutput = 'html';
$mail->Host = 'smtp.gmail.com';
$mail->Port = 587;
$mail->SMTPSecure = 'tls';
$mail->SMTPAuth = true;
$mail->Username = "******";
$mail->Password = "******";
$mail->setFrom('ServiceMessagerie@BDloc', 'Service de Messagerie BDloc');
$mail->addAddress($email, $user['username']);
$mail->isHTML(true);
$mail->Subject = 'Envoyé par PHP !';
$app = getApp();
$router = $app->getRouter();
$url = $router->generate("resetMotdepasse", array("token" => $token));
$mail->Body = 'Nous avons bien reçu votre demande de renouvellement de mot de passe <br>
pour changer votre mot de passe <a href="http://www.bdloc.dev' . $url . '">Cliquer ici</a>';
// SI email est bien envoyer
if (!$mail->send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message envoyé";
}
$_SESSION['mail_succes'] = "Le mail a bien été envoyé !";
$this->redirectToRoute('oublieMotdepasse');
} else {
$error = "Adresse Email non trouvé !";
}
}
$data = [];
$data['succes'] = $succes;
$data['error'] = $error;
$this->show('user/forgotPassword', $data);
}
public function changePassword()
{
$token = $_GET['token'];
$username = $_GET['username'];
$userManager = new UserManager();
$user = $userManager->getUsername($username);
if (!password_verify($token, $user['token'])) {
echo 'die mutherfucker';
}
$confirm_password = "";
$errorConfirm_password = "";
if (!empty($_POST)) {
$password = trim(strip_tags($_POST['password']));
$confirm_password = trim(strip_tags($_POST['confirm_password']));
if ($password != $confirm_password) {
$errorConfirm_password = "******";
} else {
if (strlen($password) < 6) {
$errorConfirm_password = "******";
} else {
$containsLetter = preg_match('/[a-zA-Z]/', $password);
$containsDigit = preg_match('/\\d/', $password);
$containsSpecial = preg_match('/[^a-zA-Z\\d]/', $password);
if (!$containsLetter || !$containsDigit || !$containsSpecial) {
$errorConfirm_password = "******";
}
}
}
if (empty($errorConfirm_password)) {
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$id = $user['id'];
$newPassword = ["password" => $hashedPassword];
$userManager->update($newPassword, $id);
}
}
$data['errorConfirm_password'] = $errorConfirm_password;
$this->show('user/change_password', $data);
}
public function editProfile()
{
//page modification profil
// modif du profil
if (isset($_POST)) {
if (!empty($_POST["editPseudo"]) || !empty($_POST["editLastname"]) || !empty($_POST["editFirstname"]) || !empty($_POST["datenaissance"]) || !empty($_POST["gender"]) || !empty($_POST["ville"]) || !empty($_POST["loisirs"])) {
/*
-trouver l'identifiant du pseudo
-récuperer son id
-insérer les données dans la BDD
*/
$userManager = new UserManager();
$user = $this->getUser();
$userManager->update(["user_pseudo" => $_POST["editPseudo"], "user_lastname" => $_POST["editLastname"], "user_firstname" => $_POST["editFirstname"], "user_age" => $_POST["datenaissance"], "user_gender" => $_POST["gender"], "user_location" => $_POST["ville"]], $user["id"]);
}
}
$this->show('user/editProfile', ['title' => "toetter | modifie ton profil"]);
}
public function editPassword()
{
$authentificationManager = new AuthentificationManager();
$userManager = new UserManager();
$old_passwordError = "";
$passwordError = "";
if (!empty($_POST)) {
foreach ($_POST as $k => $v) {
${$k} = trim(strip_tags($v));
}
// On s'assure que l'ancien mot de passe est valide
$result = $authentificationManager->isValidLoginInfo($_SESSION['user']['username'], $old_password);
// Si c'est valide,
if ($result > 0) {
// On vérifie que les nouveaux mots de passe sont bien identiques
if ($password != $confirmPassword) {
$passwordError = "le mot de passe ne correspond pas !";
}
// On hache le nouveau mot de passe
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
if ($userManager->update(['password' => $hashedPassword], $_SESSION['user']['id'])) {
$refreshUser = $userManager->find($_SESSION['user']['id']);
$_SESSION['user'] = $refreshUser;
}
} else {
$old_passwordError = "Mauvais mot de passe !";
}
}
$data = ['old_passwordError' => $old_passwordError, 'passwordError' => $passwordError];
$this->show('user/edit_password', $data);
}
