170 lines
4.7 KiB
PHP
170 lines
4.7 KiB
PHP
<?php
|
|
|
|
namespace Blog\Controller;
|
|
|
|
use Blog\Model\UserModel;
|
|
|
|
class UserController{
|
|
private $view;
|
|
private $db;
|
|
private $validData = array();
|
|
private $errors = array();
|
|
|
|
private $labels = [
|
|
"name" => "Vorname*",
|
|
"lastname" => "Nachname*",
|
|
"email" => "E-Mail*",
|
|
"password" => "Passwort*",
|
|
"role" => "Rolle*"
|
|
];
|
|
|
|
private $validLoginData = array();
|
|
private $loginErrors = array();
|
|
private $loginLabels = [
|
|
"email" => "E-Mail*",
|
|
"password" => "Passwort*",
|
|
];
|
|
|
|
public function __construct($view){
|
|
$this->db = new UserModel();
|
|
$this->view = $view;
|
|
}
|
|
|
|
public function showUserRegisterForm(){
|
|
if (!isset($this->errors)) {
|
|
$this->errors = [];
|
|
}
|
|
if (!isset($this->validData)) {
|
|
$this->validData = [];
|
|
}
|
|
|
|
$this->view->setVars([
|
|
'labels' => $this->labels,
|
|
'errors' => $this->errors,
|
|
'validData' => $this->validData
|
|
]);
|
|
|
|
}
|
|
|
|
public function showUserRegisterConfirmation(){
|
|
|
|
}
|
|
|
|
public function showUserLoginForm(){
|
|
$this->view->setVars([
|
|
'labels' => $this->loginLabels,
|
|
'errors' => $this->loginErrors,
|
|
'validData' => $this->validLoginData
|
|
]);
|
|
}
|
|
|
|
private function validateForm() {
|
|
foreach ($this->labels as $key => $label) {
|
|
if (!isset($_POST[$key]) || trim($_POST[$key]) === '') {
|
|
$this->errors[$key] = "Bitte $label angeben";
|
|
} else {
|
|
$this->validData[$key] = trim($_POST[$key]);
|
|
}
|
|
}
|
|
|
|
if (isset($this->validData['password'])) {
|
|
if (strlen($this->validData['password']) < 6) {
|
|
$this->errors['password'] = "Das Passwort muss mindestens 6 Zeichen lang sein.";
|
|
}
|
|
}
|
|
|
|
if (isset($this->validData['email']) && !filter_var($this->validData['email'], FILTER_VALIDATE_EMAIL)) {
|
|
$this->errors['email'] = "Bitte eine gültige E-Mail-Adresse eingeben.";
|
|
}
|
|
}
|
|
|
|
public function validateLoginForm(){
|
|
foreach ($this->loginLabels as $key => $label) {
|
|
if (isset($this->validData['password'])) {
|
|
if (strlen($this->validData['password']) < 6) {
|
|
$this->errors['password'] = "Das Passwort muss mindestens 6 Zeichen lang sein.";
|
|
}
|
|
}
|
|
|
|
if (isset($this->validData['email']) && !filter_var($this->validData['email'], FILTER_VALIDATE_EMAIL)) {
|
|
$this->errors['email'] = "Bitte eine gültige E-Mail-Adresse eingeben.";
|
|
}
|
|
}
|
|
}
|
|
|
|
public function showUserLoginConfirmation(){
|
|
$userId = $this->getCurrentUserId();
|
|
$user = null;
|
|
if($userId){
|
|
$user = $this->db->getUserById($userId);
|
|
}
|
|
|
|
$path = "Views/User/showUserLoginConfirmation.phtml";
|
|
if(file_exists($path)){
|
|
include $path;
|
|
}
|
|
}
|
|
|
|
public function register(){
|
|
$this->validateForm();
|
|
|
|
if(count($this->errors) > 0){
|
|
$this->view->setDoMethodName("showUserRegisterForm");
|
|
$this->showUserRegisterForm();
|
|
} else{
|
|
$this->db->createUser($_POST);
|
|
$this->login();
|
|
}
|
|
}
|
|
|
|
public function login(){
|
|
$user = $this->db->getUserByEmail($_POST["email"]);
|
|
|
|
$this->validateLoginForm();
|
|
|
|
if(!$user){
|
|
$this->loginErrors['email'] = "Email oder Passwort ist falsch";
|
|
$this->view->setDoMethodName("showUserLoginForm");
|
|
$this->showUserLoginForm();
|
|
return;
|
|
}
|
|
|
|
$hash = hash('sha256', $_POST["password"] . $user["salt"]);
|
|
|
|
if($hash == $user["passwort"]){
|
|
$this->setUserSession($user);
|
|
$this->showUserLoginConfirmation();
|
|
}else{
|
|
echo "Falsches Passwort";
|
|
}
|
|
}
|
|
|
|
public function setUserSession(array $user){
|
|
$_SESSION["user_id"] = $user["id"];
|
|
$_SESSION["user_role"] = $user["role"];
|
|
$_SESSION["vorname"] = $user["vorname"];
|
|
$_SESSION["name"] = $user["name"];
|
|
}
|
|
|
|
public function clearUserSession(){
|
|
unset($_SESSION["user_id"], $_SESSION["user_role"]);
|
|
}
|
|
|
|
public function logout(){
|
|
$this->clearUserSession();
|
|
header("Location: index.php?controller=user&do=showUserLoginForm");
|
|
exit();
|
|
}
|
|
|
|
public function isUserLoggenIn(){
|
|
return isset($_SESSION["user_id"]) && $_SESSION["user_id"] != null;
|
|
}
|
|
|
|
public function getCurrentUserId(){
|
|
return $_SESSION["user_id"] ?? null;
|
|
}
|
|
|
|
public function showUserAccountPage (){
|
|
|
|
}
|
|
} |