Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- namespace Controller;
- if( !isset($_SESSION) )
- session_start();
- use Model\User;
- use Storage\StorageFactory;
- class AuthController extends Controller
- {
- public $storage;
- public function __construct( StorageFactory $storageFactory )
- {
- parent::__construct( $storageFactory );
- $this->storage = $this->storage( "mysql" );
- }
- public function register()
- {
- if( isset($_POST["createbutton"]))
- {
- $count = 7;
- $id_r = $_POST['id'] ?? '';
- if( $id_r == '' )
- {
- $count--;
- $id_r = 0;
- echo '<li class="error">The id filed cannot be empty</li>';
- }
- $user = new User( $id_r );
- $user->name = $_POST['name'] ?? '';
- $user->surname = $_POST['surname'] ?? '';
- $user->email = $_POST['email'] ?? '';
- $pass = $_POST['password'] ?? '';
- $user->confirmed = false;
- $pass_c = $_POST['password_confirmation'] ?? '';
- $user->token = $this->stringToHex();
- if( $user->name == '' )
- {
- $count--;
- echo '<li class="error">The name filed cannot be empty</li>';
- }
- if( $user->surname == '' )
- {
- $count--;
- echo '<li class="error">The surname filed cannot be empty</li>';
- }
- if( $user->email == '' )
- {
- $count--;
- echo '<li class="error">The email filed cannot be empty</li>';
- }
- if( $pass == '' )
- {
- $count--;
- echo '<li class="error">The password filed cannot be empty</li>';
- }
- else
- $user->password = password_hash( $_POST['password'], PASSWORD_DEFAULT );
- if( $pass_c == '' )
- {
- $count--;
- echo '<li class="error">The password confirmation filed cannot be empty</li>';
- }
- if( $pass != $pass_c )
- {
- $count--;
- echo '<li class="error">The password confirmation filed does not match the password field</li>';
- }
- if( $count == 7 )
- {
- $this->storage->store( $user );
- header( "Location: /auth/confirmation_notice" );
- }
- }
- return "auth.register.index";
- }
- public function login()
- {
- if( isset($_POST['enterbutton']) )
- {
- $email = $_POST['email'];
- $user = $this->storage->loadAll();
- $flag = 1;
- foreach( $user as $u )
- {
- if( $u->email == $email )
- {
- $flag = 0;
- if( password_verify( $_POST['password'], $u->password ) )
- {
- if( !$u->confirmed )
- header( "Location: /auth/confirmation_notice" );
- else
- {
- $_SESSION['passwordvalid'] = $u->name;
- $_SESSION['passwordsurname'] = $u->surname;
- header( "Location: /" );
- }
- }
- echo '<li class="error">Password is invalid!</li>';
- }
- }
- if( $flag == 1 )
- {
- $_SESSION['logininvalid'] = $_POST['email'];
- header( "Location: /" );
- }
- }
- return "auth.login.index";
- }
- public function confirmation_notice()
- {
- return "auth.confirmation_notice.index";
- }
- public function confirm()
- {
- if( $_SERVER['REQUEST_URI'] == '/auth/confirm/ThisIsAnInvalidEmailConfirmationToken' )
- $_SESSION['errorinvalid'] = 0;
- else
- {
- $user = $this->storage->loadAll();
- $token = str_replace('/auth/confirm/', '', $_SERVER['REQUEST_URI']);
- foreach( $user as $u )
- {
- if( $u->token == $token )
- {
- $u->confirmed = true;
- $u->token = null;
- $this->storage->store( $u );
- }
- }
- $_SESSION['errorinvalid'] = 1;
- }
- header( "Location: / " );
- }
- public function logout()
- {
- $_SESSION['logout'] = 1;
- header( "Location: /" );
- }
- private function stringToHex()
- {
- $retval = '';
- $text = str_pad(dechex( mt_rand()), 16 );
- for( $i = 0; $i < strlen($text); $i++ )
- {
- $retval .= dechex( ord($text[$i]) );
- }
- return $retval;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement