protected function deleteaccount()
{
//do something
global $rep, $view;
$data = array();
if (isset($_POST['confirmdelete'])) {
//we edit
$pwd1 = $_POST['pwd1'];
$pwd2 = $_POST['pwd2'];
if (checkData::checkBothPassword($pwd1, $pwd2)) {
$usr = $_SESSION['username'];
if (userModel::getUser($usr, $pwd1) != NULL) {
session_unset();
session_destroy();
userModel::deleteUser($usr);
$_REQUEST['action'] = NULL;
header('Location: index.php');
} else {
$data['error'] = 'You typed the wrong password';
}
} else {
$data['error'] = 'The password don\'t match!';
}
}
require_once $view['deleteaccount'];
}
protected function login()
{
global $rep, $view;
$login = isset($_POST['username']) ? $_POST['username'] : '';
$pwd = isset($_POST['password']) ? $_POST['password'] : '';
//récupération des variables
$user = userModel::getUser($login, $pwd);
if (isset($user)) {
$_SESSION['username'] = $user->getUsername();
$_SESSION['displayname'] = $user->getDisplayname();
$_SESSION['role'] = $user->getRole();
$_SESSION['profilepic'] = $user->getProfile_pic();
$_SESSION['logged'] = true;
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$extra = 'index.php';
header("Location: http://{$host}{$uri}/{$extra}");
} else {
$data = array();
$data[0] = "We're sorry, something somewhere went wrong...";
$data[1] = "Username or password wrong";
require_once $view['error'];
}
}
function showUserById($idUser)
{
$userModel = new userModel();
$user = $userModel->getUser($idUser);
include 'view/viewProfile.php';
}
$diary = $t->getDiary($diary_id);
$id_notify = $_GET['id_nf'];
$m->notifyReed($id_notify);
include 'header.php';
$i = 0;
?>
</div>
</div>
<div class="container">
<?php
if ($diary == NULL) {
echo '<div class="well">';
echo 'bai dang khong hop le </div>';
} else {
//dem so comment
$user = $u->getUser($_SESSION['id']);
$submit = 'submit' . $i;
if (isset($_POST[$submit])) {
if (isset($_POST['comment'])) {
$comment['user_id'] = $_SESSION['id'];
$comment['diary_id'] = $diary['id'];
$comment['content'] = nl2br($_POST['comment']);
$c->create($comment);
//header('Location: baidang.php');
}
}
$dem = $c->countComment($diary['id']);
echo '
<div class="well">';
$anh = '../images/' . $user['img'];
echo "<img src={$anh} width=\"40px\" height=\"40\" />";
require_once "../config/constants.php";
/* TODO
* If user log out fucntionality added, we can check for user session to redirect to home page
*/
$error_message = '';
//Check for form post
if (isset($_POST) && count($_POST)) {
//fetch username and password
$username = isset($_POST['username']) && trim($_POST['username']) != '' ? trim($_POST['username']) : false;
$password = isset($_POST['password']) && trim($_POST['password']) != '' ? trim($_POST['password']) : false;
if ($username !== false && $password !== false) {
require_once "../model/user.php";
$userObj = new userModel();
//validate user with provided credentials
$user = $userObj->getUser($username, $password);
if (is_array($user) && count($user)) {
//Authenticated: Set Session and redirect to home page
session_start();
$_SESSION['USER_ID'] = $user[0]['id'];
$_SESSION['USER_EMAIL_ID'] = $user[0]['email_id'];
$_SESSION['USER_FNAME'] = $user[0]['first_name'];
$url = PN_BASE_URL . 'controller/home.php';
header('Location: ' . $url);
exit;
} else {
//Not Authenticated: return with invalid credentials
$error_message = 'Invalid credentials, please try again!';
}
} else {
//Missing required fields
