<?php/** * Created by PhpStorm. * User: antony * Date: 7/7/16 * Time: 1:17

1. <?php
2. /**
3. * Created by PhpStorm.
4. * User: antony
5. * Date: 7/7/16
6. * Time: 1:17 PM
7. */
8. namespace FabModels;
9.  
10. use FabDatabaseDB;
11.  
12. class User
13. {
14. protected $myDB;
15.  
16. protected $username;
17. protected $password;
18. protected $isAdmin;
19.  
20. public function __construct($username, $password)
21. {
22. $this->myDB = new DB();
23.  
24. $this->setClassVariables($username, $password);
25. }
26.  
27. /**
28. * @return mixed
29. */
30. public function getUsername()
31. {
32. return $this->username;
33. }
34.  
35. /**
36. * @return mixed
37. */
38. public function getPassword()
39. {
40. return $this->password;
41. }
42.  
43. /**
44. * @return mixed
45. */
46. public function getIsAdmin()
47. {
48. return $this->isAdmin;
49. }
50.  
51. public function setClassVariables($username, $password)
52. {
53. $user = $this->myDB->getUser($username, $password);
54.  
55. $user = $user[0];
56.  
57. $this->username = $user['username'];
58. $this->password = $user['password'];
59. $this->isAdmin = $user['isAdmin'];
60. }
61.  
62. public function isAdmin()
63. {
64. if ($this->getIsAdmin() === '1') {
65. return "";
66. } elseif (is_null($this->isAdmin)) {
67. return "The credentials you entered are wrong";
68. } elseif ($this->isAdmin === '0') {
69. return "You are a user but not an admin..";
70. } else {
71. return "If you forgot your credentials contact support";
72. }
73. }
74.  
75. public function isLoggedIn()
76. {
77. if (isset($_COOKIE['active'])) {
78. return true;
79. }
80.  
81. if (isset($_SESSION['user']) && $_SESSION['user'] == $this->getUsername()) {
82. return true;
83. } else {
84. return false;
85. }
86. }
87.  
88. public function login()
89. {
90. //Start $_SESSION
91. $status = session_status();
92. if ($status == PHP_SESSION_NONE) {
93. //There is no active session
94. session_start();
95. } elseif ($status == PHP_SESSION_DISABLED) {
96. //Sessions are not available
97. } elseif ($status == PHP_SESSION_ACTIVE) {
98. //Destroy current and start new one
99. session_destroy();
100. session_start();
101. }
102.  
103. //Set $_SESSION variables
104. $_SESSION['user'] = $this->getUsername();
105. $_SESSION['password'] = $this->getPassword();
106. $_SESSION['isAdmin'] = $this->getIsAdmin();
107.  
108. //Set $_COOKIE
109. if (isset($_POST['remember'])) {
110. setcookie("active", $_SESSION['user'], time() + (3600 * 24 * 365));
111. }
112. }
113.  
114. public function logout()
115. {
116. $status = session_status();
117. if ($status == PHP_SESSION_NONE) {
118. //There is no active session
119. session_start();
120. } elseif ($status == PHP_SESSION_DISABLED) {
121. //Sessions are not available
122. } elseif ($status == PHP_SESSION_ACTIVE) {
123. //Destroy current and start new one
124. session_destroy();
125. session_start();
126. }
127.  
128. //Unset $_SESSION variables
129. unset($_SESSION["user"]);
130. unset($_SESSION["password"]);
131. unset($_SESSION["isAdmin"]);
132.  
133. //Unset $_COOKIE variables
134. unset($_COOKIE['active']);
135. setcookie('active', '', time() - 3600);
136. }
137.  
138. }
139.  
140. <?php
141. /**
142. * Created by PhpStorm.
143. * User: antony
144. * Date: 7/1/16
145. * Time: 9:24 PM
146. */
147. namespace FabControllers;
148.  
149. use FabDatabaseDB;
150. use FabModelsUser;
151. use Twig_Environment;
152. use Twig_Extension_Debug;
153. use Twig_Loader_Filesystem;
154. use FabServicesUploadImage;
155.  
156. class AdminController extends Controller
157. {
158. protected $user;
159.  
160. public function __construct($item = null)
161. {
162. parent::__construct($item = null);
163.  
164. $loader = new Twig_Loader_Filesystem(__DIR__ . '/../Views/admin');
165. $this->twig = new Twig_Environment($loader, array(
166. 'debug' => true
167. ));
168. $this->twig->addExtension(new Twig_Extension_Debug());
169.  
170. if (isset($_SESSION['user']) && isset($_SESSION['password'])) {
171. $this->user = new User($_SESSION['user'], $_SESSION['password']);
172. }
173. }
174.  
175. public function index()
176. {
177. if ($this->adminIsLoggedIn())
178. echo $this->twig->render('dashboard.twig');
179. else
180. $this->login();
181. }
182.  
183. public function addItem()
184. {
185. if ($this->adminIsLoggedIn())
186. echo $this->twig->render('addItem.twig');
187. else
188. echo $this->twig->render('login.twig');
189. }
190.  
191. public function postAddItem()
192. {
193. $DB = new DB();
194. $uploadImageService = new UploadImage();
195. $success = false;
196.  
197. //Try to upload image
198. $uploadError = $uploadImageService->uploadImage();
199. if (empty($uploadError)) {
200.  
201. //Add row to db
202. $nameOfImage = $_FILES['image']['name'];
203. $result = $DB->addItem($_POST, $nameOfImage);
204.  
205. if (empty($result)) { //successfully added row
206. $flashMessage = "Item Succesfully Added";
207. $success = true;
208. } else { //failed to add row
209. $flashMessage = "Error: Could not add item. Please check the values you have given.";
210. //Delete uploaded image from server
211. unlink("images/$nameOfImage");
212. }
213.  
214. } else { //image failed to upload
215. $flashMessage = $uploadError . "nError: Could not upload image.";
216. }
217.  
218. echo $this->twig->render('addItem.twig', array('flashMessage' => $flashMessage, 'success' => $success));
219. }
220.  
221. public function deleteItem()
222. {
223. if ($this->adminIsLoggedIn()) {
224. $myDB = new DB();
225. $items = $myDB->getAllItems();
226.  
227. echo $this->twig->render('deleteItem.twig', array('items' => $items));
228. } else {
229. echo $this->twig->render('login.twig');
230. }
231.  
232. }
233.  
234. public function postDeleteItem()
235. {
236. $myDB = new DB();
237.  
238. $result = $myDB->deleteItems($_POST);
239.  
240. if ($result == 0) {
241. $message = "Success! Items Deleted.";
242. } elseif ($result == 1) {
243. $message = "Failure. You did not select any items!";
244. } elseif ($result == 2) {
245. $message = "Failure. Something went wrong. Please try again.";
246. } elseif ($result == 3) {
247. $message = "Failure. Could not remove image. Make sure you selected a valid item.";
248. }
249.  
250. $items = $myDB->getAllItems();
251.  
252. echo $this->twig->render('deleteItem.twig', array('items' => $items, 'result' => $result, 'message' => $message));
253. }
254.  
255. public function editItem()
256. {
257. if ($this->adminIsLoggedIn()) {
258. $myDB = new DB();
259. $items = $myDB->getAllItems();
260.  
261. echo $this->twig->render('editItem.twig', array('items' => $items));
262. } else {
263. echo $this->twig->render('login.twig');
264. }
265. }
266.  
267. public function postEditItem()
268. {
269. $myDB = new DB();
270. $result = $myDB->editItems($_POST);
271.  
272. $items = $myDB->getAllItems();
273.  
274. echo $this->twig->render('editItem.twig', array('items' => $items, 'result' => $result));
275. }
276.  
277. public function contactSupport()
278. {
279. if ($this->adminIsLoggedIn())
280. echo $this->twig->render('contactSupport.twig');
281. else
282. echo $this->twig->render('login.twig');
283. }
284.  
285. public function login($errorMessage = null)
286. {
287. if (isset($errorMessage))
288. echo $this->twig->render('login.twig');
289. else
290. echo $this->twig->render('login.twig', array('errorMessage' => $errorMessage));
291. }
292.  
293. public function postLogin()
294. {
295. $myDB = new DB();
296.  
297. $user = $myDB->getUser($_POST['username'], $_POST['password']);
298.  
299. if (empty($user)) {
300. $errorMessage = "Wrong Credentials.";
301. $this->login($errorMessage);
302. } else {
303. $this->user = new User($_POST['username'], $_POST['password']); //find the user from db
304.  
305. $errorMessage = $this->user->isAdmin(); //authenticate user
306.  
307. if (empty($errorMessage)) { //if authentication successful
308.  
309. $this->user->login(); //set Cookies and Session
310.  
311. $this->index(); //show dashboard
312. } else {
313. $this->login($errorMessage); //redirect to login page
314. }
315. }
316. }
317.  
318. public function logout()
319. {
320. if ($this->adminIsLoggedIn()) {
321. $this->user->logout();
322. $this->login();
323. }
324. }
325.  
326. public function adminIsLoggedIn()
327. {
328. if (isset($this->user) && $this->user->isLoggedIn() && empty($this->user->isAdmin()))
329. return true;
330. else
331. return false;
332. }
333.  
334. }
335.  
336. <?php
337. require_once __DIR__ . '/../vendor/autoload.php';
338. require_once __DIR__ . '/../app/setup.php';
339.  
340. use FabControllers;
341. use FabRouter;
342.  
343. $router = new RouterRouter();
344.  
345. $router->get('/', 'MainController', 'index');
346. $router->get('/portfolio', 'ItemsController', 'showAllItems');
347. $router->get('/portfolio/[wd]+', 'ItemsController', 'single_item');
348. $router->get('/about', 'MainController', 'about');
349. $router->get('/contact', 'MainController', 'contact');
350. $router->get('/admin/dashboard', 'AdminController', 'index');
351. $router->get('/admin/dashboard/addItem', 'AdminController', 'addItem');
352. $router->get('/admin/dashboard/deleteItem', 'AdminController', 'deleteItem');
353. $router->get('/admin/dashboard/editItem', 'AdminController', 'editItem');
354. $router->get('/admin/dashboard/contactSupport', 'AdminController', 'contactSupport');
355. $router->get('/admin/login', 'AdminController', 'login');
356. $router->get('/admin/logout', 'AdminController', 'logout');
357.  
358. $router->post('/admin/addItem', 'AdminController', 'postAddItem');
359. $router->post('/admin/deleteItem', 'AdminController', 'postDeleteItem');
360. $router->post('/admin/editItem', 'AdminController', 'postEditItem');
361. $router->post('/admin/login', 'AdminController', 'postLogin');
362.  
363.  
364. ////See inside $router
365. //echo "<pre>";
366. //print_r($router);
367.  
368. $router->submit();