141 lines
4.7 KiB
PHP
141 lines
4.7 KiB
PHP
<?php
|
|
|
|
namespace Blog\Controller;
|
|
|
|
use Blog\Model\AuthModel;
|
|
|
|
class AuthController
|
|
{
|
|
private $model;
|
|
private $view;
|
|
|
|
public function __construct($view)
|
|
{
|
|
$this->model = new AuthModel();
|
|
$this->view = $view;
|
|
}
|
|
|
|
public function showAuthForm()
|
|
{
|
|
$this->view->setVars([
|
|
'labels' => [
|
|
"email" => "E-Mail-Adresse",
|
|
"password" => "Passwort",
|
|
"password_repeat" => "Passwort wiederholen",
|
|
"old_password" => "Altes Passwort"
|
|
],
|
|
'errors' => $_SESSION['auth_errors'] ?? [],
|
|
'validData' => $_SESSION['auth_validData'] ?? []
|
|
]);
|
|
unset($_SESSION['auth_errors'], $_SESSION['auth_validData']);
|
|
$this->view->render('auth/form');
|
|
}
|
|
|
|
public function login() {
|
|
$email = $_POST['email'] ?? '';
|
|
$password = $_POST['password'] ?? '';
|
|
|
|
$result = $this->model->login($email, $password);
|
|
|
|
if ($result === true) {
|
|
$_SESSION['user'] = $email;
|
|
} else {
|
|
$this->view->setVars([
|
|
'errors' => ['login' => is_string($result) ? $result : "Login fehlgeschlagen."],
|
|
'validData' => ['email' => $email]
|
|
]);
|
|
}
|
|
}
|
|
|
|
public function register() {
|
|
|
|
$data = [
|
|
'vorname' => $_POST['vorname'] ?? '',
|
|
'nachname' => $_POST['nachname'] ?? '',
|
|
'straße' => $_POST['straße'] ?? '',
|
|
'hausnr' => $_POST['hausnr'] ?? '',
|
|
'postleitzahl' => $_POST['postleitzahl'] ?? '',
|
|
'ort' => $_POST['ort'] ?? '',
|
|
'land' => $_POST['land'] ?? '',
|
|
'tel' => $_POST['tel'] ?? '',
|
|
'email' => $_POST['email'] ?? '',
|
|
'password' => $_POST['password'] ?? '',
|
|
'password_repeat' => $_POST['password_repeat'] ?? '',
|
|
'isAdmin' => $_POST['isAdmin'] ?? false,
|
|
];
|
|
|
|
// Passwortabgleich prüfen
|
|
if (!$this->model->checkDoublePw($data['password'], $data['password_repeat'])) {
|
|
$_SESSION['auth_errors']['password'] = "Passwörter stimmen nicht überein.";
|
|
$_SESSION['auth_validData'] = $data;
|
|
}
|
|
|
|
$result = $this->model->register(
|
|
$data['email'], $data['password'], $data['straße'], $data['hausnr'],
|
|
$data['ort'], $data['postleitzahl'], $data['land'],
|
|
$data['vorname'], $data['nachname'], $data['tel'], $data['isAdmin']
|
|
);
|
|
|
|
if ($result === true) {
|
|
//header("Location: /?controller=Auth&do=showConfirmation&msg=register");
|
|
exit;
|
|
} else {
|
|
$_SESSION['auth_errors']['register'] = is_string($result) ? $result : "Registrierung fehlgeschlagen.";
|
|
$_SESSION['auth_validData'] = $data;
|
|
//header("Location: /?controller=Auth&do=showAuthForm");
|
|
//exit;
|
|
}
|
|
}
|
|
|
|
public function forgotPassword()
|
|
{
|
|
$email = $_POST['email'] ?? '';
|
|
if (empty($email)) {
|
|
$_SESSION['auth_errors']['email'] = "Bitte E-Mail-Adresse angeben.";
|
|
header("Location: /?controller=Auth&do=showAuthForm");
|
|
exit;
|
|
}
|
|
$this->model->pwForgot($email);
|
|
header("Location: /?controller=Auth&do=showConfirmation&msg=pwforgot");
|
|
exit;
|
|
}
|
|
|
|
public function changePassword()
|
|
{
|
|
$email = $_POST['email'] ?? '';
|
|
$oldpw = $_POST['old_password'] ?? '';
|
|
$newpw = $_POST['password'] ?? '';
|
|
$repeat = $_POST['password_repeat'] ?? '';
|
|
|
|
if (!$this->model->checkDoublePw($newpw, $repeat)) {
|
|
$_SESSION['auth_errors']['password'] = "Neue Passwörter stimmen nicht überein.";
|
|
header("Location: /?controller=Auth&do=showAuthForm");
|
|
exit;
|
|
}
|
|
|
|
$result = $this->model->updatePassword($email, $oldpw, $newpw);
|
|
|
|
if ($result === true) {
|
|
header("Location: /?controller=Auth&do=showConfirmation&msg=pwchange");
|
|
exit;
|
|
} else {
|
|
$_SESSION['auth_errors']['password'] = is_string($result) ? $result : "Fehler beim Aktualisieren des Passworts.";
|
|
header("Location: /?controller=Auth&do=showAuthForm");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
public function showConfirmation()
|
|
{
|
|
$messages = [
|
|
'login' => "Login erfolgreich.",
|
|
'register' => "Registrierung erfolgreich.",
|
|
'pwforgot' => "Ein temporäres Passwort wurde an Ihre E-Mail gesendet.",
|
|
'pwchange' => "Passwort erfolgreich geändert."
|
|
];
|
|
$msgKey = $_GET['msg'] ?? '';
|
|
$message = $messages[$msgKey] ?? "Aktion erfolgreich.";
|
|
$this->view->setVars(['message' => $message]);
|
|
$this->view->render('auth/confirmation');
|
|
}
|
|
} |