gregorio/lepisi-pengumuman
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changed login/logout process

Browse Source
This commit is contained in:
Gregorio Chiko Putra 2017-09-08 10:05:42 +07:00
parent 8eb9005642
commit 8956b17434
6 changed files with 148 additions and 212 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
App/Controllers/Home.php
View File

@ -10,11 +10,16 @@ use Core\Hash;
class Home class Home
{ {
private $access; public $access,
$table;
public function __construct() public function __construct()
{ {
$this->access = new Access(); $this->access = new Access();
$this->table = 'user';
} }
/* Routes */
public function index() public function index()
{ {
$posts = new Posts(); $posts = new Posts();
@ -33,6 +38,21 @@ class Home
} }
} }
public function logout() {
if ($this->delete() != true) {
$info = "There's an error. Please try again.";
} else {
Session::delete('userid');
Session::delete('username');
Session::delete('full_name');
Session::delete('privilage');
$info = "Logged out success";
}
Session::flash('info', $info);
Redirect::to('/');
}
public function register() public function register()
{ {
if (Session::exists('userid') && Session::get('privilage') == 1) { if (Session::exists('userid') && Session::get('privilage') == 1) {
@ -44,7 +64,7 @@ class Home
} }
} }
// Methods /* Methods */
public function post($args = []) public function post($args = [])
{ {
foreach ($args as $value) { foreach ($args as $value) {
@ -69,7 +89,7 @@ class Home
$args['full_name'] = htmlspecialchars($args['full_name']); $args['full_name'] = htmlspecialchars($args['full_name']);
$args['username'] = htmlspecialchars($args['username']); $args['username'] = htmlspecialchars($args['username']);
$data = $this->access->showAll(); $data = $this->access->showAll($table);
foreach ($data as $users) { foreach ($data as $users) {
if ($args['username'] == $users['username']) { if ($args['username'] == $users['username']) {
Session::flash('info', 'Username already exists'); Session::flash('info', 'Username already exists');
@ -85,38 +105,43 @@ class Home
public function put($args = []) public function put($args = [])
{ {
if ($user = $this->access->login($args)) { $table = 'user';
$username = $args['username'];
$password = $args['password'];
$user = $this->access->showAll($table, [
['username', '=', $username]
]);
if ($user == false) {
$info = "Invalid username/password";
} else {
$hash = Hash::compare($password, $user['salt'], $user['password']);
if ($hash == true) {
if ($this->access->update($table, ['status' => 1], $user['id']) != true) {
$info = "There's an error. Please try again.";
} else {
Session::put('userid', $user['id']); Session::put('userid', $user['id']);
Session::put('username', $user['username']); Session::put('username', $user['username']);
Session::put('full_name', $user['full_name']); Session::put('full_name', $user['full_name']);
Session::put('privilage', $user['privilage']); Session::put('privilage', $user['privilage']);
$table = 'user'; $info = "Logged in success";
$id = Session::get('userid');
if ($this->access->update($table, ['status' => 1], $id)) {
$username = Session::get('username');
Session::flash('info', "$username logged in");
} }
} else {
Session::flash('info', 'Invalid username/password');
} }
}
Session::flash('info', $info);
Redirect::to('/'); Redirect::to('/');
} }
public function logout() public function delete()
{ {
$table = 'user';
$user = Session::get('userid'); $user = Session::get('userid');
$username = Session::get('username');
if ($this->access->logout($user)) {
Session::flash('info', "$username has logged out");
Session::delete('userid'); if ($this->access->update($table, ['status' => 0], $user) != true) {
Session::delete('username'); throw new \Exception("Bad request", 400);
Session::delete('full_name'); }
Session::delete('privilage'); return true;
Redirect::to('/');
}
} }
} }

69
App/Controllers/Posts.php
View File

@ -11,12 +11,14 @@ use \Core\Redirect;
class Posts class Posts
{ {
private $post, private $post,
$access; $access,
$table;
public function __construct() public function __construct()
{ {
$this->post = new Post(); $this->post = new Post();
$this->access = new Access(); $this->access = new Access();
$this->table = 'pengumuman';
} }
public function checkValid() public function checkValid()
@ -24,9 +26,7 @@ class Posts
$date = new \DateTime(); $date = new \DateTime();
$now = $date->format("Y-m-d"); $now = $date->format("Y-m-d");
$table = 'pengumuman'; $valid = $this->post->showAll($this->table, [
$valid = $this->post->showAll([
['valid_at', '<=', $now], ['valid_at', '<=', $now],
['status', '!=', 3] ['status', '!=', 3]
]); ]);
@ -34,11 +34,11 @@ class Posts
foreach ($valid as $fields) { foreach ($valid as $fields) {
$id = $fields['id']; $id = $fields['id'];
$this->post->update($table, ['status' => 1], $id); $this->post->update($this->table, ['status' => 1], $id);
} }
} }
$not_valid = $this->post->showAll([ $not_valid = $this->post->showAll($this->table, [
['valid_at', '>', $now], ['valid_at', '>', $now],
['status', '!=', 3] ['status', '!=', 3]
]); ]);
@ -46,11 +46,11 @@ class Posts
foreach ($not_valid as $fields) { foreach ($not_valid as $fields) {
$id = $fields['id']; $id = $fields['id'];
$this->post->update($table, ['status' => 2], $id); $this->post->update($this->table, ['status' => 2], $id);
} }
} }
$expired = $this->post->showAll([ $expired = $this->post->showAll($this->table, [
['expired_at', '<', $now], ['expired_at', '<', $now],
['status', '!=', 3] ['status', '!=', 3]
]); ]);
@ -58,16 +58,17 @@ class Posts
foreach ($expired as $fields) { foreach ($expired as $fields) {
$id = $fields['id']; $id = $fields['id'];
$this->post->update($table, ['status' => 0], $id); $this->post->update($this->table, ['status' => 0], $id);
} }
} }
} }
/* Routes */
public function index() public function index()
{ {
$this->checkValid(); $this->checkValid();
$posts = $this->post->showAll([ $posts = $this->post->showAll($this->table, [
['status', '=', 1] ['status', '=', 1]
]); ]);
@ -76,7 +77,7 @@ class Posts
$status = ''; $status = '';
if (Session::exists('userid')) { if (Session::exists('userid')) {
$posts = $this->post->showAll(); $posts = $this->post->showAll($this->table);
$status = 'admin'; $status = 'admin';
} }
@ -122,12 +123,18 @@ class Posts
$categories = $this->post->showCategories(); $categories = $this->post->showCategories();
$post = $this->post->showSingle($id); $post = $this->post->showAll($this->table, [
['id', '=', $id]
]);
$creator = $post['creator']; $creator = $post['creator'];
$editor = $post['editor']; $editor = $post['editor'];
$creator = $this->access->showSingle($creator); $creator = $this->access->showAll($this->table, [
$editor = $this->access->showSingle($editor); ['id', '=', $creator]
]);
$editor = $this->access->showAll($this->table, [
['id', '=', $editor]
]);
$editor_now = Session::get('userid'); $editor_now = Session::get('userid');
@ -166,42 +173,42 @@ class Posts
} }
} }
// Methods /* Methods */
public function post($args = []) public function post($args = [])
{ {
$table = 'pengumuman';
if (isset($args['_addon'])) { if (isset($args['_addon'])) {
$table = $args['_addon']; $this->table = $args['_addon'];
unset($args['_addon']); unset($args['_addon']);
} }
foreach ($args as $value) { foreach ($args as $value) {
if ($value == '') { if ($value == '') {
Session::flash('info', 'All data must not be empty'); Session::flash('info', 'All data must not be empty');
if ($table == 'pengumuman') { if ($this->table == 'pengumuman') {
Redirect::to('/posts/entry'); Redirect::to('/posts/entry');
} elseif ($table == 'kategori') { } elseif ($this->table == 'kategori') {
Redirect::to('/posts/category'); Redirect::to('/posts/category');
} }
die(); die();
} }
} }
if ($this->post->entry($table, $args)) { if ($this->post->entry($this->table, $args)) {
Session::flash('info', 'Data successfuly uploaded'); Session::flash('info', 'Data successfuly uploaded');
if ($table == 'kategori') { if ($this->table == 'kategori') {
Redirect::to('/posts/category'); Redirect::to('/posts/category');
} elseif ($table == 'pengumuman') { } elseif ($this->table == 'pengumuman') {
Redirect::to('/'); Redirect::to('/');
} }
} }
// Return the $table back to default
$this->table = 'pengumuman';
} }
public function put($args = []) public function put($args = [])
{ {
$table = 'pengumuman';
$args['content'] = htmlspecialchars($args['content']); $args['content'] = htmlspecialchars($args['content']);
$id = $args['id']; $id = $args['id'];
@ -234,7 +241,7 @@ class Posts
} }
} }
if ($this->post->update($table, $args, $id)) { if ($this->post->update($this->table, $args, $id)) {
Session::flash('info', 'Data successfuly updated'); Session::flash('info', 'Data successfuly updated');
Redirect::to('/'); Redirect::to('/');
} else { } else {
@ -245,22 +252,24 @@ class Posts
public function delete($args = []) public function delete($args = [])
{ {
$table = 'pengumuman';
if (isset($args['_addon'])) { if (isset($args['_addon'])) {
$table = $args['_addon']; $this->table = $args['_addon'];
unset($args['_addon']); unset($args['_addon']);
} }
$id = $args['id']; $id = $args['id'];
if ($this->post->delete($table, $id)) { if ($this->post->delete($this->table, $id)) {
Session::flash('info', 'Data successfuly removed'); Session::flash('info', 'Data successfuly removed');
if ($table = 'kategori') { if ($this->table = 'kategori') {
Redirect::to('/posts/category'); Redirect::to('/posts/category');
} elseif ($table = 'pengumuman') { } elseif ($this->table = 'pengumuman') {
Redirect::to('/'); Redirect::to('/');
} }
} }
// Return the $table back to default
$this->table = 'pengumuman';
} }
} }

80
App/Models/Access.php
View File

@ -20,84 +20,4 @@ class Access extends \Core\Model
] ]
); );
} }
public function showAll()
{
try {
$db = static::connectDB();
$sql = "SELECT id, username, full_name, registered_at FROM user";
if ($stmt = $db->query($sql)) {
$result = $stmt->fetchAll(\PDO::FETCH_ASSOC);
return $result;
}
return false;
} catch (PDOException $e) {
echo $e->getMessage();
}
}
public function showSingle($id)
{
try {
$db = static::connectDB();
$sql = "SELECT id, username, full_name, registered_at, privilage FROM user WHERE id = ?";
$query = $db->prepare($sql);
if ($query->execute([$id])) {
if ($query->rowCount() === 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
return $result;
}
}
return false;
} catch (PDOException $e) {
throw new \Exception($e->getMessage(), 444);
}
}
public function login($args = [])
{
try {
$username = htmlspecialchars($args['username']);
$password = $args['password'];
$db = static::connectDB();
$sql = "SELECT id, password, salt FROM user WHERE username = ?";
$query = $db->prepare($sql);
$query->bindValue(1, $username);
if ($query->execute()) {
if ($query->rowCount() === 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
$id = $result['id'];
$salt = $result['salt'];
$hash = $result['password'];
if (\Core\Hash::compare($password, $salt, $hash)) {
$user = $this->showSingle($id);
return $user;
}
return false;
}
}
} catch (PDOException $e) {
throw new \Exception($e->getMessage(), 444);
}
}
public function logout($id)
{
if ($this->update('user', ['status' => 0], $id)) {
return true;
}
return false;
}
} }

70
App/Models/Post.php
View File

@ -35,76 +35,6 @@ class Post extends \Core\Model
); );
} }
public function showAll($conditions = [])
{
try {
$db = static::connectDB();
$sql = "SELECT * FROM pengumuman";
if ($conditions) {
$sql .= " WHERE";
foreach ($conditions as $condition) {
$keys[] = $condition[0];
$operators[] = $condition[1];
$values[] = $condition[2];
}
$x = 1;
$i = 0;
foreach ($keys as $key) {
$sql .= " $key $operators[$i] ?";
$i++;
$x++;
if ($x <= count($keys)) {
$sql .= " AND";
}
}
}
$query = $db->prepare($sql);
if ($conditions) {
$x = 1;
foreach ($values as $value) {
$query->bindValue($x, $value);
$x++;
}
}
if ($query->execute()) {
if ($query->rowCount() != 0) {
$result = $query->fetchAll(\PDO::FETCH_ASSOC);
return $result;
}
}
} catch (PDOException $e) {
throw new \Exception($e->getMessage, 444);
}
}
public function showSingle($id)
{
try {
$db = static::connectDB();
$sql = "SELECT * FROM pengumuman WHERE id = ?";
$query = $db->prepare($sql);
if ($query->execute([$id])) {
if ($query->rowCount() === 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
return $result;
}
}
} catch (PDOException $e) {
throw new \Exception($e->getMessage(), 444);
}
}
public function showCategories() public function showCategories()
{ {
try { try {

2
App/Views/Access/login.html
View File

@ -20,6 +20,6 @@
<br> <br>
<button type="submit" name="login">Login</button> <button type="submit">Login</button>
</form> </form>
{% endblock %} {% endblock %}

62
Core/Model.php
View File

@ -7,10 +7,6 @@ abstract class Model
{ {
protected static $conn = null; protected static $conn = null;
abstract public function showAll();
abstract public function showSingle($id);
protected static function connectDB() protected static function connectDB()
{ {
try { try {
@ -60,6 +56,62 @@ abstract class Model
} }
} }
public function showAll($table, $conditions = [])
{
try {
if ($table) {
$db = static::connectDB();
$sql = "SELECT * FROM $table";
if ($conditions) {
$sql .= " WHERE";
foreach ($conditions as $condition) {
$keys[] = $condition[0];
$operators[] = $condition[1];
$values[] = $condition[2];
}
$x = 1;
$i = 0;
foreach ($keys as $key) {
$sql .= " $key $operators[$i] ?";
$i++;
$x++;
if ($x <= count($keys)) {
$sql .= " AND";
}
}
}
$query = $db->prepare($sql);
if ($conditions) {
$x = 1;
foreach ($values as $value) {
$query->bindValue($x, $value);
$x++;
}
}
$query->execute();
if ($query->rowCount() == 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
} elseif ($query->rowCount() > 1) {
$result = $query->fetchAll(\PDO::FETCH_ASSOC);
} else {
return false;
}
return $result;
}
return false;
} catch (PDOException $e) {
throw new \Exception($e->getMessage, 444);
}
}
public function entry($table, $args, $values = '') public function entry($table, $args, $values = '')
{ {
if (count($args)) { if (count($args)) {
@ -146,7 +198,7 @@ abstract class Model
try { try {
$db = static::connectDB(); $db = static::connectDB();
$result = $this->showAll([ $result = $this->showAll($table, [
['id', '=', $id] ['id', '=', $id]
]); ]);