/**
* Try to login admin user.
*/
public function login()
{
$dbLayer = DBLayer::getInstance();
// Get the form values
$params = array(':username' => Utils::getParam('username'), ':password' => sha1(Utils::getParam('password')));
// Get the user details from DB
$userDetails = $dbLayer->executeQuery('backoffice.login', $params);
// Verify that we found user
if ($userDetails) {
$userDetails = $userDetails[0];
// Get the userId
$userId = $userDetails['id'];
$_SESSION['userId'] = $userId;
// Set the user details
$_SESSION['user'] = new User($userId);
// We found the user login valid - redirect to the application page.
header("Location: /views/backoffice/table_template.php?table_name=Users&queryId=backoffice.users");
}
}
use Moood\helpers\Utils;
?>
<div class="spacer"></div>
<table>
<tbody>
<?php
$i = 0;
$records = $_SESSION['records'];
if (isset($records)) {
$keys = array_keys($records[0]);
// Print the headers
echo '<thead>';
foreach ($keys as $key) {
echo '<th>' . Utils::getTableHeader($key) . '</th>';
}
echo '</thead>';
foreach ($records as $records) {
echo '<tr>';
foreach ($keys as $key) {
// Special case for isAdmin - we display image
switch ($key) {
case 'is_admin':
echo '<td class="center"><img src="/images/' . ($records[$key] != 1 ? 'not_' : '') . 'ok.png" class="adminImg"></td>';
break;
case 'image':
echo '<td class="center"><img src="' . $records[$key] . '"></td>';
break;
default:
echo '<td>' . $records[$key] . '</td>';
} else {
// Get the values if the form was already submitted
$id = -1;
$username = Utils::getParam('username', '');
$password = Utils::getParam('password', '');
$nick_name = Utils::getParam('nick_name', '');
$last_name = Utils::getParam('last_name', '');
$first_name = Utils::getParam('first_name', '');
$email = Utils::getParam('email', '');
$img = Utils::getParam('img', '/images/pixel.gif');
}
// Check if we have errors or not
$error = Utils::getParam('error', null);
$errorClass = isset($error) ? '' : 'hidden';
?>
<!DOCTYPE html >
<html>
<head>
<meta charset='UTF-8'>
<title>Music for your mood</title>
<link href="/style/style.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<div class="pageContent users">
/**
* Load songs of the given playlist.
* The playlist id is extracted from the request and the data is store as REQUEST['songs']
*/
public function loadSongs()
{
$dbLayer = DBLayer::getInstance();
$data = $dbLayer->executeQuery('playlist.songs', array(':pId' => Utils::getParam("pId")));
if ($data) {
$_REQUEST['songs'] = $data;
}
}
$ROOT_PATH = $_SERVER['DOCUMENT_ROOT'];
include_once $ROOT_PATH . '/src/bootstrap.php';
// Execute action if any
$actions = new Playlist();
$actions->processRequest();
/**
* This file will print out the playlist songs so user can choose from the list
*/
if (!isset($_REQUEST['songs'])) {
return;
}
echo '<h1><span class="skew">' . Utils::getParam('name') . '</span></h1>';
// Get the playlist content
$songs = $_REQUEST['songs'];
// Get the playlist HTML code
// Print out the playlist
foreach ($songs as $song) {
?>
<div class="spacer"></div>
<section class="dialog playlistSongs">
<details>
<summary><?= $song['title']?></summary>
<iframe id="ytplayer" type="text/html" width="920" height="560"
src="http://www.youtube.com/embed/<?= $song['video_id'] ?>?autoplay=0&origin=<?= $_SERVER['SERVER_NAME'] ?>"
/**
* This method will execute sql query.
*
* @param queryId - The query id to execute. if no value is given the method will seach for it as request param.
* @param params - List of parameters to bind to teh stored procedure.
* If no parameters are passed all the request params will be used as bind parameters.
*
* @return - Returns an array containing all of the result set rows
*/
public function executeQuery($queryId = null, $params = null)
{
if (!isset($queryId)) {
$queryId = Utils::getParam('queryId', null);
if (!isset($queryId)) {
throw new Exception('Missing queryId');
}
}
// -----------------------------------------------------------------------------------
// -- If no parameters are passed auto build the params from all the GET/POST pairs --
// -----------------------------------------------------------------------------------
if (!isset($params)) {
$params = array();
// We read the parameters form the request since it contains both get and post params
foreach ($_REQUEST as $key => $value) {
$params[':' . $key] = $value;
}
}
// Get the query we wish to execute
$query = $this->sql_queries[$queryId];
$statment = $this->pdo->prepare($query);
$statment->setFetchMode(PDO::FETCH_ASSOC);
$statment->execute($params);
// Check to see if we have error or not
$error = $statment->errorInfo();
// Set the error message
if ($error[0] > 0) {
$_REQUEST['DBLayer.executeQuery.error'] = $statment->errorInfo();
}
// return all the rows
return $statment->fetchAll();
}
<form method="POST">
<input type="hidden" name="action" id="action">
<label class="label" for="username">User Name</label>
<input id="username" name="username" type="text"
value="<?php
echo Utils::getParam('username', '');
?>
"/>
<br/>
<label class="label" for="password">Password</label>
<input id="password" name="password" type="password"
value="<?php
echo Utils::getParam('password', '');
?>
"/>
<br/>
<div class="buttons">
<span class="button orange disabled" data-action="login" id="loginButton">Login
<span class="tooltip hidden">
<span></span>
Please fill in the required fields, before you can login
</span>
</span>
</div>
<div class="spacer"></div>
<?php
use Moood\DBLayer;
use Moood\helpers\Utils;
$ROOT_PATH = $_SERVER['DOCUMENT_ROOT'];
include_once $ROOT_PATH . '/src/bootstrap.php';
// Load the table data that we need
$dbLayer = DBLayer::getInstance();
$_REQUEST['records'] = $dbLayer->executeQuery(Utils::getParam('queryId'));
?>
<!DOCTYPE html >
<html>
<head>
<meta charset='UTF-8'>
<title>Music for your mood</title>
<link href="/style/style.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<div class="pageContent backoffice records">
<?php
include '../header.php';
?>
<div class="main">
<?php
include '../utils/generate_table.php';
?>
</div>
</div>
/**
* This method check to see that the given credentials are valid.
* Once user is logged in we will load his data
*/
public function login()
{
// Get the form values
// The password is encrypted using sha1.
// We could have used some stronger method like adding a prefix and then encode it and verify it
// but since this a demo project this is not a issue here in my opnion
$params = array(':username' => Utils::getParam('username'), ':password' => sha1(Utils::getParam('password')));
// Load the user details
$data = DBLayer::getInstance()->executeQuery('users.select_user', $params);
// Check to see if we have a valid user or not
if ($data) {
$userData = $data[0];
// Get the userId
$_SESSION['userId'] = $userData['id'];
// Set the user details
$_SESSION['user'] = new User($userData['id']);
// Make sure all session content is flushed before redirected
session_write_close();
// We found the user login valid - redirect to the application page.
header("Location: /views/playlist/playlist.php");
exit;
} else {
$_REQUEST['error'] = 'Wrong user name/password. Please try again';
}
}
<?php
use Moood\helpers\Utils;
/**
* This file will print out the playlist songs so user can choose from the list
*/
if (!isset($_REQUEST['songs'])) {
return;
}
echo '<h1>Search results for: <span class="skew">' . Utils::getParam('query', '') . '</span></h1>';
// Get the playlist content
$songs = $_REQUEST['songs'];
// Get the playlist HTML code
// Print out the playlist
foreach ($songs as $song) {
// In real life i would have used templates here to generate the content.
// I have digged into this list: http://www.webresourcesdepot.com/19-promising-php-template-engines/
// But did not had enough time to play with it and test them out.
?>
<div class="spacer"></div>
<section class="dialog playlistEntry">
<details open>
<summary><?= $song['title']?></summary>
<? include '../playlist/playlist_dropdown.php'; ?>
<p><?= $song['content'] ?></p>
<input id="query" name="query" type="text" value="<?php
echo Utils::getParam('query', '');
?>
" placeholder="Type here search phrase"/>
<br/>
<label class="label" for="numberOfSongs">Number of songs</label>
<div class="slider">
<input class="bar" name="numberOfSongs" type="range" id="numberOfSongs"
value="<?php
echo Utils::getParam('numberOfSongs', '10');
?>
" min="1" max="25"/>
<span class="rangeValue" id="rangeValue"><?php
echo Utils::getParam('numberOfSongs', '10');
?>
</span>
</div>
<br/>
<div class="buttons">
<span class="button orange" data-action="search" id="searchButton">Search</span>
</div>
</form>
</div>
<br/>
</div>
