kurs-app/Controller/UserController.php

165 lines
4.5 KiB
PHP

<?php
namespace Blog\Controller;
use Blog\Model\UserModel;
class UserController{
private $view;
private $db;
private $validData = array();
private $errors = array();
private $labels = [
"name" => "Vorname*",
"lastname" => "Nachname*",
"email" => "E-Mail*",
"password" => "Passwort*",
"role" => "Rolle*"
];
private $validLoginData = array();
private $loginErrors = array();
private $loginLabels = [
"email" => "E-Mail*",
"password" => "Passwort*",
];
public function __construct($view){
$this->db = new UserModel();
$this->view = $view;
}
public function showUserRegisterForm(){
if (!isset($this->errors)) {
$this->errors = [];
}
if (!isset($this->validData)) {
$this->validData = [];
}
$this->view->setVars([
'labels' => $this->labels,
'errors' => $this->errors,
'validData' => $this->validData
]);
}
public function showUserRegisterConfirmation(){
}
public function showUserLoginForm(){
$this->view->setVars([
'labels' => $this->loginLabels,
'errors' => $this->loginErrors,
'validData' => $this->validLoginData
]);
}
private function validateForm() {
foreach ($this->labels as $key => $label) {
if (!isset($_POST[$key]) || trim($_POST[$key]) === '') {
$this->errors[$key] = "Bitte $label angeben";
} else {
$this->validData[$key] = trim($_POST[$key]);
}
}
if (isset($this->validData['password'])) {
if (strlen($this->validData['password']) < 6) {
$this->errors['password'] = "Das Passwort muss mindestens 6 Zeichen lang sein.";
}
}
if (isset($this->validData['email']) && !filter_var($this->validData['email'], FILTER_VALIDATE_EMAIL)) {
$this->errors['email'] = "Bitte eine gültige E-Mail-Adresse eingeben.";
}
}
public function validateLoginForm(){
foreach ($this->loginLabels as $key => $label) {
if (isset($this->validData['password'])) {
if (strlen($this->validData['password']) < 6) {
$this->errors['password'] = "Das Passwort muss mindestens 6 Zeichen lang sein.";
}
}
if (isset($this->validData['email']) && !filter_var($this->validData['email'], FILTER_VALIDATE_EMAIL)) {
$this->errors['email'] = "Bitte eine gültige E-Mail-Adresse eingeben.";
}
}
}
public function showUserLoginConfirmation(){
$userId = $this->getCurrentUserId();
$user = null;
if($userId){
$user = $this->db->getUserById($userId);
}
$path = "Views/User/showUserLoginConfirmation.phtml";
if(file_exists($path)){
include $path;
}
}
public function register(){
$this->validateForm();
if(count($this->errors) > 0){
$this->view->setDoMethodName("showUserRegisterForm");
$this->showUserRegisterForm();
} else{
$this->db->createUser($_POST);
$this->login();
}
}
public function login(){
$user = $this->db->getUserByEmail($_POST["email"]);
if(!$user){
echo "Benutzer nicht gefunden";
}
$hash = hash('sha256', $_POST["password"] . $user["salt"]);
if($hash == $user["passwort"]){
$this->setUserSession($user);
$this->showUserLoginConfirmation();
}else{
echo "Falsches Passwort";
}
}
public function setUserSession(array $user){
$_SESSION["user_id"] = $user["id"];
$_SESSION["user_role"] = $user["role"];
$_SESSION["vorname"] = $user["vorname"];
$_SESSION["name"] = $user["name"];
}
public function clearUserSession(){
unset($_SESSION["user_id"], $_SESSION["user_role"]);
}
public function logout(){
$this->clearUserSession();
header("Location: index.php?controller=user&do=showUserLoginForm");
exit();
}
public function isUserLoggenIn(){
return isset($_SESSION["user_id"]) && $_SESSION["user_id"] != null;
}
public function getCurrentUserId(){
return $_SESSION["user_id"] ?? null;
}
public function showUserAccountPage (){
}
}