public static function login_required($role = null) { if (!Request::is_authenticated()) { Response::redirect(''); } $type = strtolower(Request::get_user('type-display')); if ($role and !($role === $type)) { Response::redirect(''); } return new static(); }
/** * @param $id */ public static function delete($id) { $comment = Comments::findByPK($id); if (!Request::is_authenticated()) { Response::redirect(''); } else { if (Request::user()->id !== $comment['id_account'] and !Request::is_admin()) { Session::push('flash-message', 'You does not have permission to delete the other Member\'s post!'); Response::redirect(''); } } # perform the post deletion Comments::delete($id); # redirect to main page Response::redirect(''); }
/** * Action Login * */ public static function login() { # if user was login before if (Request::is_authenticated()) { # redirect to main page Response::redirect(''); } # if request path contain ?next=page if (Request::GET()->next) { if (Session::flash()->has('next')) { Session::pop('next'); } # push next request page in the session Session::push('next', Request::GET()->next); } if ("POST" == Request::method()) { $username = Request::POST()->username; # $_POST['username'] $password = Request::POST()->password; # auth by base controller $auth = self::auth($username, $password); if ($auth) { # if session path contain next request page if (Session::flash()->has('next')) { # redirect to that request page Response::redirect(Session::pop('next')); } else { # Response::redirect(''); } } else { # if authenticated failure # pust a flash message Session::push('flash-message', 'Authenticated failure!'); View::render('login'); } } else { View::render('login'); } }
public static function register() { # if user was login before if (Request::is_authenticated()) { # redirect to main page Response::redirect(''); } if ("POST" == Request::method()) { $username = Request::POST()->username; $email = Request::POST()->email; $pass = Request::POST()->password; $name = Request::POST()->name; $photo = File::upload('img', 'photo'); # if username has used by another member if (Accounts::find(['username' => $username])) { Session::push('flash-message', 'That username has used by other member, please use another!'); Response::redirect('register'); } Accounts::create($username, $pass, $name, $email, $photo); # set a session self::auth($username, $pass); Session::push('flash-message-info', "Welcome to iniForum, <strong>{$name}</strong>!"); Response::redirect(''); } else { View::render('member/register'); } }
<li><a href="#">One more separated link</a></li> </ul> </li> </ul> <form class="navbar-form navbar-left" role="search"> <div class="form-group"> <input type="text" class="form-control" id="navbar-search-input" placeholder="Search"> </div> </form> <ul class="nav navbar-nav navbar-right"> <li class="dropdown"> <?php echo Html::anchor('post/add', Html::italic('', ['class' => 'glyphicon glyphicon-edit']) . ' Add Post', ['class' => 'btn bg-olive btn-flat']); ?> </li> <? if (Request::is_authenticated()): ?> <li> <?php echo Html::anchor('mail', Html::italic('', ['class' => 'fa fa-envelope']) . ' Mail', ['class' => 'btn bg-purple btn-flat']); ?> </li> <li class="dropdown user user-menu"> <a href="#" class="dropdown-toggle bg-navy" data-toggle="dropdown"> <?php echo Html::load('img', $account['photo'], ['class' => 'user-image', 'alt' => 'User Image']); ?> <span class=""><?php echo Request::get_user('name'); ?> </span> </a>
<small class="text-muted pull-right"> <i class="fa fa-clock-o"></i> <?php echo date_format_en($post['created_at']) . " "; ?> </small> <?php echo $post['name']; ?> </a> <?php echo Html::anchor('post/read/' . $post['id'], $post['title']); ?> <? # menampilkan aksi edit dan hapus untuk artikel milik member login if (\Ngaji\Http\Request::is_authenticated() and $post['account_id'] == \Ngaji\Http\Request::user()->id ): ?> <?php echo Html::anchor("post/edit/" . $post['id'], '<i class="fa fa-edit"></i> Edit', ['class' => 'btn btn-sm btn-flat']); ?> <?php echo Html::anchor("#", '<i class="fa fa-trash-o"></i> Delete', ['class' => 'btn btn-sm btn-flat', 'data-post-id' => $post['id'], 'data-post-title' => $post['title'], 'data-href' => sprintf("%s/post/delete/%d", HOSTNAME, $post['id']), 'data-toggle' => "modal", 'data-target' => "#confirm-delete"]); ?> <? endif; ?> </p> <div class="attachment"> <article> <?php echo Post::limit($post['post']); ?>
public static function user() { if (!Request::is_authenticated()) { die("There are no auth account!"); } $session = new Session(); $data = explode('|', $session->get('id_account')); $request = new Request(); $request->data['id'] = $data[0]; $request->data['username'] = $data[1]; $request->data['name'] = $data[2]; $request->data['type'] = $data[3]; return $request; }