model = new AuthModel(); $this->view = $view; } public function showAuthForm() { $this->view->setVars([ 'labels' => [ "email" => "E-Mail-Adresse", "password" => "Passwort", "password_repeat" => "Passwort wiederholen", "old_password" => "Altes Passwort" ], 'errors' => $_SESSION['auth_errors'] ?? [], 'validData' => $_SESSION['auth_validData'] ?? [] ]); unset($_SESSION['auth_errors'], $_SESSION['auth_validData']); $this->view->render('auth/form'); } public function login() { $email = $_POST['email']; $password = $_POST['password']; $result = $this->model->login($email, $password); if ($result === true) { $_SESSION['user'] = $email; $this->view->setVars([ 'loginSuccess' => true, 'email' => $email ]); } else { $this->view->setVars([ 'errors' => ['login' => is_string($result) ? $result : "Login fehlgeschlagen."], 'validData' => ['email' => $email], 'loginSuccess' => false ]); } } public function register() { $data = [ 'vorname' => $_POST['vorname'] ?? '', 'nachname' => $_POST['nachname'] ?? '', 'straße' => $_POST['straße'] ?? '', 'hausnr' => $_POST['hausnr'] ?? '', 'postleitzahl' => $_POST['postleitzahl'] ?? '', 'ort' => $_POST['ort'] ?? '', 'land' => $_POST['land'] ?? '', 'tel' => $_POST['tel'] ?? '', 'email' => $_POST['email'] ?? '', 'password' => $_POST['password'] ?? '', 'password_repeat' => $_POST['password_repeat'] ?? '', 'isAdmin' => $_POST['isAdmin'] ?? false, ]; $errors = []; if (!$this->model->checkDoublePw($data['password'], $data['password_repeat'])) { $errors['password'] = "Passwörter stimmen nicht überein."; } if ($this->pwRequirementCheck($data['password'])) { $errors } if (empty($errors)) { $result = $this->model->register($data); if ($result === true) { $this->view->setVars([ 'success' => "Registrierung war erfolgreich." ]); } else { $errors['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen."; } } $this->view->setVars([ 'errors' => $errors, 'validData' => $data ]); } private function pwRequirementCheck($password){ $error = []; if(strlen($password) <= 8) $error[] = "min 8 Charackter"; if(!preg_match("/[A-Z]/", $password)) $error[] = "min one large Character"; if(!preg_match("/[a-z]/", $password)) $error[] = "min one small charakter"; if(!preg_match("/[0-9]/", $password)) $error[] = "min one number"; if(!preg_match("[^a-zA-Z0-9\s]", $password)); $error[] = "min one special character"; if(empty($error)) return true; else return $error; } public function forgotPassword() { $email = $_POST['email'] ?? ''; if (empty($email)) { $_SESSION['auth_errors']['email'] = "Bitte E-Mail-Adresse angeben."; header("Location: /?controller=Auth&do=showAuthForm"); exit; } $this->model->pwForgot($email); header("Location: /?controller=Auth&do=showConfirmation&msg=pwforgot"); exit; } public function changePassword() { $email = $_POST['email'] ?? ''; $oldpw = $_POST['old_password'] ?? ''; $newpw = $_POST['password'] ?? ''; $repeat = $_POST['password_repeat'] ?? ''; if (!$this->model->checkDoublePw($newpw, $repeat)) { $_SESSION['auth_errors']['password'] = "Neue Passwörter stimmen nicht überein."; header("Location: /?controller=Auth&do=showAuthForm"); exit; } $result = $this->model->updatePassword($email, $oldpw, $newpw); if ($result === true) { header("Location: /?controller=Auth&do=showConfirmation&msg=pwchange"); exit; } else { $_SESSION['auth_errors']['password'] = is_string($result) ? $result : "Fehler beim Aktualisieren des Passworts."; header("Location: /?controller=Auth&do=showAuthForm"); exit; } } public function showConfirmation() { $messages = [ 'login' => "Login erfolgreich.", 'register' => "Registrierung erfolgreich.", 'pwforgot' => "Ein temporäres Passwort wurde an Ihre E-Mail gesendet.", 'pwchange' => "Passwort erfolgreich geändert." ]; $msgKey = $_GET['msg'] ?? ''; $message = $messages[$msgKey] ?? "Aktion erfolgreich."; $this->view->setVars(['message' => $message]); $this->view->render('auth/confirmation'); } }