model = new AuthModel(); $this->view = $view; } public function showAuthForm() { $this->view->setVars([ 'labels' => [ "email" => "E-Mail-Adresse", "password" => "Passwort", "password_repeat" => "Passwort wiederholen", "old_password" => "Altes Passwort" ], 'errors' => $_SESSION['auth_errors'] ?? [], 'validData' => $_SESSION['auth_validData'] ?? [] ]); unset($_SESSION['auth_errors'], $_SESSION['auth_validData']); $this->view->render('auth/form'); } public function login() { $email = $_POST['email'] ?? ''; $password = $_POST['password'] ?? ''; $result = $this->model->login($email, $password); if ($result === true) { $_SESSION['user'] = $email; } else { $this->view->setVars([ 'errors' => ['login' => is_string($result) ? $result : "Login fehlgeschlagen."], 'validData' => ['email' => $email] ]); } } public function register() { $data = [ 'vorname' => $_POST['vorname'] ?? '', 'nachname' => $_POST['nachname'] ?? '', 'straße' => $_POST['straße'] ?? '', 'hausnr' => $_POST['hausnr'] ?? '', 'postleitzahl' => $_POST['postleitzahl'] ?? '', 'ort' => $_POST['ort'] ?? '', 'land' => $_POST['land'] ?? '', 'tel' => $_POST['tel'] ?? '', 'email' => $_POST['email'] ?? '', 'password' => $_POST['password'] ?? '', 'password_repeat' => $_POST['password_repeat'] ?? '', 'isAdmin' => $_POST['isAdmin'] ?? false, ]; // Passwortabgleich prüfen if (!$this->model->checkDoublePw($data['password'], $data['password_repeat'])) { $_SESSION['auth_errors']['password'] = "Passwörter stimmen nicht überein."; $_SESSION['auth_validData'] = $data; } $result = $this->model->register( $data['email'], $data['password'], $data['straße'], $data['hausnr'], $data['ort'], $data['postleitzahl'], $data['land'], $data['vorname'], $data['nachname'], $data['tel'], $data['isAdmin'] ); if ($result === true) { //header("Location: /?controller=Auth&do=showConfirmation&msg=register"); exit; } else { $_SESSION['auth_errors']['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen."; $_SESSION['auth_validData'] = $data; //header("Location: /?controller=Auth&do=showAuthForm"); //exit; } } public function forgotPassword() { $email = $_POST['email'] ?? ''; if (empty($email)) { $_SESSION['auth_errors']['email'] = "Bitte E-Mail-Adresse angeben."; header("Location: /?controller=Auth&do=showAuthForm"); exit; } $this->model->pwForgot($email); header("Location: /?controller=Auth&do=showConfirmation&msg=pwforgot"); exit; } public function changePassword() { $email = $_POST['email'] ?? ''; $oldpw = $_POST['old_password'] ?? ''; $newpw = $_POST['password'] ?? ''; $repeat = $_POST['password_repeat'] ?? ''; if (!$this->model->checkDoublePw($newpw, $repeat)) { $_SESSION['auth_errors']['password'] = "Neue Passwörter stimmen nicht überein."; header("Location: /?controller=Auth&do=showAuthForm"); exit; } $result = $this->model->updatePassword($email, $oldpw, $newpw); if ($result === true) { header("Location: /?controller=Auth&do=showConfirmation&msg=pwchange"); exit; } else { $_SESSION['auth_errors']['password'] = is_string($result) ? $result : "Fehler beim Aktualisieren des Passworts."; header("Location: /?controller=Auth&do=showAuthForm"); exit; } } public function showConfirmation() { $messages = [ 'login' => "Login erfolgreich.", 'register' => "Registrierung erfolgreich.", 'pwforgot' => "Ein temporäres Passwort wurde an Ihre E-Mail gesendet.", 'pwchange' => "Passwort erfolgreich geändert." ]; $msgKey = $_GET['msg'] ?? ''; $message = $messages[$msgKey] ?? "Aktion erfolgreich."; $this->view->setVars(['message' => $message]); $this->view->render('auth/confirmation'); } }