public function validateFormulaire() { $username = $this->post['username']; $email = $this->post['email']; $password = $this->post['password']; $passwordConfirm = $this->post['passwordConfirm']; $lastname = $this->post['lastname']; $firstname = $this->post['firstname']; $birthyear = $this->post['birthyear']; $sex = $this->post['sex']; $job = $this->post['job']; $instructorDescription = $this->post['instructorDescription']; $studentDescription = $this->post['studentDescription']; // Contrôle des champs obligatoires sur la formation $validator = new \Utils\FormValidator(); $validator->validateNotEmpty($username, "username", "Le pseudo est obligatoire !"); $validator->validateNotEmpty($email, "email", "L'email est obligatoire !"); $validator->validateNotEmpty($password, "password", "Choisir un mot de passe !"); $validator->validateNotEmpty($passwordConfirm, "passwordConfirm", "Ressaisir le mot de passe !"); $validator->validateNotEmpty($lastname, "lastname", "Saisir votre nom !"); $validator->validateNotEmpty($firstname, "firstname", "Saisir votre prénom !"); $validator->validateNotEmpty($birthyear, "birthyear", "Saisir votre année de naissance !"); $validator->validateNotEmpty($sex, "sex", "Indiquer votre sexe !"); $validator->validateNotEmpty($job, "job", "Saisir votre métier !"); $validator->validateNotEmpty($instructorDescription, "instructorDescription", "Saisir votre description en tant que formateur !"); $validator->validateNotEmpty($studentDescription, "studentDescription", "Saisir votre description en tant qu'étudiant !"); if ($validator->isValid()) { $validator->validateEmail($email, "email", "L'email est incorrect !"); $validator->validateYear($birthyear, "birthyear", "Votre année de naissance doit être comprise entre 1900-2099 !"); $validator->validateCharacter($username, "username", "Le pseudo comporte des caractères interdits !"); } if (!$validator->isValid()) { $this->error = $validator->getErrors(); $this->isValid = false; } if ($this->isValid) { // 1 - on crée l'instance $userManager = new \Manager\UserManager(); // erreur pour le mail (déjà existant) if ($userManager->emailExists($email)) { $this->isValid = false; $this->error['email'] = 'Email déjà utlisé !'; } if ($userManager->usernameExists($username)) { $this->isValid = false; $this->error['username'] = '******'; } // erreur sur le mdp if ($password != $passwordConfirm) { $this->isValid = false; $this->error['passwordConfirm'] = 'Les mots de passe ne correspondent pas !'; } } }
public function log() { $usermanager = new \Manager\UserManager(); $auth = new \W\Security\AuthentificationManager(); $passwordError = ""; if ($_POST) { if ($_POST['logger'] == null || $_POST['password'] == null) { $passwordError = "vide!"; } else { $logger = $_POST['logger']; $password = $_POST['password']; $pos = strpos($logger, '@'); //on test sur le champ username if ($pos === false) { $username = $logger; if ($usermanager->usernameExists($username)) { if ($auth->isValidLoginInfo($username, $password)) { $user = $usermanager->getUserByUsernameOrEmail($username); $auth->logUserIn($user); if ($_POST['remember']) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true); } $this->show('logger/log', ["passwordError" => $passwordError]); } else { $passwordError = "Wrong login/mp couple!"; } } else { $passwordError = "Login not found!"; } } else { //sinon le log contient un @ c'est un email dc verification dans la BDD sur le champ email $email = $logger; if ($usermanager->emailExists($email)) { if ($auth->isValidLoginInfo($email, $password)) { $user = $usermanager->getUserByUsernameOrEmail($email); $auth->logUserIn($user); if ($_POST['remember']) { setcookie("auth", $user['id'] . '-----' . sha1($user['username'] . $user['password'] . $_SERVER['REMOTE_ADDR']), time() + 3600 * 24 * 3, '/', '127.0.0.1', false, true); } $this->show('logger/log', ["passwordError" => $passwordError]); } else { $passwordError = "Wrong email/mp couple!"; } } else { $passwordError = "Email not found"; } } } } $this->show('logger/log', ["passwordError" => $passwordError]); }
public function forgetpassword() { unset($_SESSION['error']); if ($_POST) { if (\isIsset($_POST)) { $emailPasswordRecovery = $_POST['emailPasswordRecovery']; if (filter_var($emailPasswordRecovery, FILTER_VALIDATE_EMAIL)) { $usermanager = new \Manager\UserManager(); if ($usermanager->emailExists($emailPasswordRecovery)) { $user = $usermanager->getUserByUsernameOrEmail($emailPasswordRecovery); if (\isComfirmedAccount($user['id'])) { //On ne peut pas réinitialiser son password si le compte n'est pas confirmé $token = \W\Security\StringUtils::randomString(32); $tokentime = time() + 20 * 60; $usermanager->update(['token' => password_hash($token, PASSWORD_DEFAULT), 'token_timestamp' => $tokentime], $user['id']); $lien = '<a href="' . $this->generateUrl('mailPassword', ['token' => $token, 'id' => $user['id']], true) . '">http://www.mudeo.com/verif/u675CXIV9YOLHbYIjhgc8O7UNM</a>'; $lien_img = "od972.free.fr/logo.png"; $msg = "<img src='" . $lien_img . "' style='width:100px;height:100px'/> <h2>Mudéo </h2>"; $msg .= "<h4>MFF Corp.</h4><br/><br/>"; $msg .= "Pour pouvoir changer votre mot de passe <span style='font-weight:bold;'>" . strtoupper($user['username']) . "</span>. Veuillez cliquer sur le lien suivant qui vous redirigera vers notre site<br/><br/>" . $lien; require_once 'assets/inc/mailer.php'; smtpmailer('*****@*****.**', '*****@*****.**', 'Admin', 'Vérification de la création de compte Mudéo', $msg); if (isset($errorMail)) { $_SESSION['error']['forgetpassword'] = $error; } else { $_SESSION['error']['forgetpassword'] = "******"; } } else { $_SESSION['error']['forgetpassword'] = "******" . $user['email'] . " avant de pouvoir utiliser cette fonctionalité"; } } else { $_SESSION['error']['forgetpassword'] = "******"; } } else { $_SESSION['error']['forgetpassword'] = "******"; } } else { $_SESSION['error']['forgetpassword'] = "******"; } } $this->show('Default/home'); }
/** * Page d'inscription */ public function register() { $error = array(); $isValid = true; // si l'utilisateur est déjà connecté => redirige vers la page "Mon compte" $authentificationManager = new \W\Security\AuthentificationManager(); if ($authentificationManager->getLoggedUser()) { $this->show('user/detail_account', ['user' => $this->getUser()]); } // formulaire soumis ? if ($_POST) { $username = $_POST['username']; $email = $_POST['email']; $password = $_POST['password']; $passwordConfirm = $_POST['passwordConfirm']; $lastname = $_POST['lastname']; $firstname = $_POST['firstname']; $birthyear = $_POST['birthyear']; $sex = $_POST['sex']; $job = $_POST['job']; $instructorDescription = $_POST['instructorDescription']; $studentDescription = $_POST['studentDescription']; // validation des données => à coder $isValid = true; // Contrôle des champs obligatoires sur la formation $validator = new \Utils\FormValidator(); $validator->validateNotEmpty($username, "username", "Le pseudo est obligatoire !"); $validator->validateNotEmpty($email, "email", "L'email est obligatoire !"); $validator->validateNotEmpty($password, "password", "Choisir un mot de passe !"); $validator->validateNotEmpty($passwordConfirm, "passwordConfirm", "Ressaisir le mot de passe !"); $validator->validateNotEmpty($lastname, "lastname", "Saisir votre nom !"); $validator->validateNotEmpty($firstname, "firstname", "Saisir votre prénom !"); $validator->validateNotEmpty($birthyear, "birthyear", "Saisir votre année de naissance !"); $validator->validateNotEmpty($sex, "sex", "Indiquer votre sexe !"); $validator->validateNotEmpty($job, "job", "Saisir votre métier !"); $validator->validateNotEmpty($instructorDescription, "instructorDescription", "Saisir votre description en tant que formateur !"); $validator->validateNotEmpty($studentDescription, "studentDescription", "Saisir votre description en tant qu'étudiant !"); if ($validator->isValid()) { $validator->validateEmail($email, "email", "L'email est incorrect !"); $validator->validateYear($birthyear, "birthyear", "Votre année de naissance doit être comprise entre 1900-2099 !"); $validator->validateCharacter($username, "username", "Le pseudo comporte des caractères interdits !"); } if (!$validator->isValid()) { $error = $validator->getErrors(); $isValid = false; } if ($isValid) { // 1 - on crée l'instance $userManager = new \Manager\UserManager(); // erreur pour le mail (déjà existant) if ($userManager->emailExists($email)) { $isValid = false; $error['email'] = 'Email déjà utlisé !'; } if ($userManager->usernameExists($username)) { $isValid = false; $error['username'] = '******'; } // erreur sur le mdp if ($password != $passwordConfirm) { $isValid = false; $error['passwordConfirm'] = 'Les mots de passe ne correspondent pas !'; } } // upload du fichier if ($_FILES['image']['size'] != 0) { $file = new \Utils\ImageUpload($_FILES['image'], 'assets/img/users/'); $file->uploadFile(); $file->reduceImage(false); if (!$file->isValid()) { $isValid = false; $error['image'] = $file->getErrors(); } else { $error['image'] = 'img/users/' . $file->getFileName(); $_SESSION['image_user'] = $file->getFileName(); } } else { $_SESSION['image_user'] = '******'; } // si c'est valide if ($isValid) { // on insère en base de données // 2 - on appelle la méthode insert $user = $userManager->insert(["username" => $_POST['username'], "email" => $_POST['email'], "password" => password_hash($_POST['password'], PASSWORD_DEFAULT), "lastname" => $_POST['lastname'], "firstname" => $_POST['firstname'], "birthyear" => $_POST['birthyear'], "sex" => $_POST['sex'], "job" => $_POST['job'], "instructorDescription" => $_POST['instructorDescription'], "studentDescription" => $_POST['studentDescription'], "credit" => 2, "image" => $_SESSION['image_user'], "dateCreated" => date("Y-m-d H:i:s")]); // on connecte l'utilisateur if ($user) { $userId = $userManager->lastInsertUser(); $userConnect = $userManager->find($userId['id']); $userSecurity = new \W\Security\AuthentificationManager(); // Connecte l'utiliasteur $userSecurity->logUserIn($userConnect); } // on redirige l'utilisateur vers une page de Bienvenue $this->redirectToRoute("succeedregister"); } } $this->show('user/register', ['error' => $error]); }