gregorio/lepisi-pengumuman
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Changed login/logout process

Browse Source
This commit is contained in:
Gregorio Chiko Putra 2017-09-08 10:05:42 +07:00
parent 8eb9005642
commit 8956b17434
6 changed files with 148 additions and 212 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
App/Controllers/Home.php
View File

@ -10,11 +10,16 @@ use Core\Hash;
class Home
{
private $access;
public $access,
$table;
public function __construct()
{
$this->access = new Access();
$this->table = 'user';
}
/* Routes */
public function index()
{
$posts = new Posts();
@ -33,6 +38,21 @@ class Home
}
}
public function logout() {
if ($this->delete() != true) {
$info = "There's an error. Please try again.";
} else {
Session::delete('userid');
Session::delete('username');
Session::delete('full_name');
Session::delete('privilage');
$info = "Logged out success";
}
Session::flash('info', $info);
Redirect::to('/');
}
public function register()
{
if (Session::exists('userid') && Session::get('privilage') == 1) {
@ -44,7 +64,7 @@ class Home
}
}
// Methods
/* Methods */
public function post($args = [])
{
foreach ($args as $value) {
@ -69,7 +89,7 @@ class Home
$args['full_name'] = htmlspecialchars($args['full_name']);
$args['username'] = htmlspecialchars($args['username']);
$data = $this->access->showAll();
$data = $this->access->showAll($table);
foreach ($data as $users) {
if ($args['username'] == $users['username']) {
Session::flash('info', 'Username already exists');
@ -85,38 +105,43 @@ class Home
public function put($args = [])
{
if ($user = $this->access->login($args)) {
$table = 'user';
$username = $args['username'];
$password = $args['password'];
$user = $this->access->showAll($table, [
['username', '=', $username]
]);
if ($user == false) {
$info = "Invalid username/password";
} else {
$hash = Hash::compare($password, $user['salt'], $user['password']);
if ($hash == true) {
if ($this->access->update($table, ['status' => 1], $user['id']) != true) {
$info = "There's an error. Please try again.";
} else {
Session::put('userid', $user['id']);
Session::put('username', $user['username']);
Session::put('full_name', $user['full_name']);
Session::put('privilage', $user['privilage']);
$table = 'user';
$id = Session::get('userid');
if ($this->access->update($table, ['status' => 1], $id)) {
$username = Session::get('username');
Session::flash('info', "$username logged in");
$info = "Logged in success";
}
} else {
Session::flash('info', 'Invalid username/password');
}
}
Session::flash('info', $info);
Redirect::to('/');
}
public function logout()
public function delete()
{
$table = 'user';
$user = Session::get('userid');
$username = Session::get('username');
if ($this->access->logout($user)) {
Session::flash('info', "$username has logged out");
Session::delete('userid');
Session::delete('username');
Session::delete('full_name');
Session::delete('privilage');
Redirect::to('/');
}
if ($this->access->update($table, ['status' => 0], $user) != true) {
throw new \Exception("Bad request", 400);
}
return true;
}
}

69
App/Controllers/Posts.php
View File

@ -11,12 +11,14 @@ use \Core\Redirect;
class Posts
{
private $post,
$access;
$access,
$table;
public function __construct()
{
$this->post = new Post();
$this->access = new Access();
$this->table = 'pengumuman';
}
public function checkValid()
@ -24,9 +26,7 @@ class Posts
$date = new \DateTime();
$now = $date->format("Y-m-d");
$table = 'pengumuman';
$valid = $this->post->showAll([
$valid = $this->post->showAll($this->table, [
['valid_at', '<=', $now],
['status', '!=', 3]
]);
@ -34,11 +34,11 @@ class Posts
foreach ($valid as $fields) {
$id = $fields['id'];
$this->post->update($table, ['status' => 1], $id);
$this->post->update($this->table, ['status' => 1], $id);
}
}
$not_valid = $this->post->showAll([
$not_valid = $this->post->showAll($this->table, [
['valid_at', '>', $now],
['status', '!=', 3]
]);
@ -46,11 +46,11 @@ class Posts
foreach ($not_valid as $fields) {
$id = $fields['id'];
$this->post->update($table, ['status' => 2], $id);
$this->post->update($this->table, ['status' => 2], $id);
}
}
$expired = $this->post->showAll([
$expired = $this->post->showAll($this->table, [
['expired_at', '<', $now],
['status', '!=', 3]
]);
@ -58,16 +58,17 @@ class Posts
foreach ($expired as $fields) {
$id = $fields['id'];
$this->post->update($table, ['status' => 0], $id);
$this->post->update($this->table, ['status' => 0], $id);
}
}
}
/* Routes */
public function index()
{
$this->checkValid();
$posts = $this->post->showAll([
$posts = $this->post->showAll($this->table, [
['status', '=', 1]
]);
@ -76,7 +77,7 @@ class Posts
$status = '';
if (Session::exists('userid')) {
$posts = $this->post->showAll();
$posts = $this->post->showAll($this->table);
$status = 'admin';
}
@ -122,12 +123,18 @@ class Posts
$categories = $this->post->showCategories();
$post = $this->post->showSingle($id);
$post = $this->post->showAll($this->table, [
['id', '=', $id]
]);
$creator = $post['creator'];
$editor = $post['editor'];
$creator = $this->access->showSingle($creator);
$editor = $this->access->showSingle($editor);
$creator = $this->access->showAll($this->table, [
['id', '=', $creator]
]);
$editor = $this->access->showAll($this->table, [
['id', '=', $editor]
]);
$editor_now = Session::get('userid');
@ -166,42 +173,42 @@ class Posts
}
}
// Methods
/* Methods */
public function post($args = [])
{
$table = 'pengumuman';
if (isset($args['_addon'])) {
$table = $args['_addon'];
$this->table = $args['_addon'];
unset($args['_addon']);
}
foreach ($args as $value) {
if ($value == '') {
Session::flash('info', 'All data must not be empty');
if ($table == 'pengumuman') {
if ($this->table == 'pengumuman') {
Redirect::to('/posts/entry');
} elseif ($table == 'kategori') {
} elseif ($this->table == 'kategori') {
Redirect::to('/posts/category');
}
die();
}
}
if ($this->post->entry($table, $args)) {
if ($this->post->entry($this->table, $args)) {
Session::flash('info', 'Data successfuly uploaded');
if ($table == 'kategori') {
if ($this->table == 'kategori') {
Redirect::to('/posts/category');
} elseif ($table == 'pengumuman') {
} elseif ($this->table == 'pengumuman') {
Redirect::to('/');
}
}
// Return the $table back to default
$this->table = 'pengumuman';
}
public function put($args = [])
{
$table = 'pengumuman';
$args['content'] = htmlspecialchars($args['content']);
$id = $args['id'];
@ -234,7 +241,7 @@ class Posts
}
}
if ($this->post->update($table, $args, $id)) {
if ($this->post->update($this->table, $args, $id)) {
Session::flash('info', 'Data successfuly updated');
Redirect::to('/');
} else {
@ -245,22 +252,24 @@ class Posts
public function delete($args = [])
{
$table = 'pengumuman';
if (isset($args['_addon'])) {
$table = $args['_addon'];
$this->table = $args['_addon'];
unset($args['_addon']);
}
$id = $args['id'];
if ($this->post->delete($table, $id)) {
if ($this->post->delete($this->table, $id)) {
Session::flash('info', 'Data successfuly removed');
if ($table = 'kategori') {
if ($this->table = 'kategori') {
Redirect::to('/posts/category');
} elseif ($table = 'pengumuman') {
} elseif ($this->table = 'pengumuman') {
Redirect::to('/');
}
}
// Return the $table back to default
$this->table = 'pengumuman';
}
}

80
App/Models/Access.php
View File

@ -20,84 +20,4 @@ class Access extends \Core\Model
]
);
}
public function showAll()
{
try {
$db = static::connectDB();
$sql = "SELECT id, username, full_name, registered_at FROM user";
if ($stmt = $db->query($sql)) {
$result = $stmt->fetchAll(\PDO::FETCH_ASSOC);
return $result;
}
return false;
} catch (PDOException $e) {
echo $e->getMessage();
}
}
public function showSingle($id)
{
try {
$db = static::connectDB();
$sql = "SELECT id, username, full_name, registered_at, privilage FROM user WHERE id = ?";
$query = $db->prepare($sql);
if ($query->execute([$id])) {
if ($query->rowCount() === 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
return $result;
}
}
return false;
} catch (PDOException $e) {
throw new \Exception($e->getMessage(), 444);
}
}
public function login($args = [])
{
try {
$username = htmlspecialchars($args['username']);
$password = $args['password'];
$db = static::connectDB();
$sql = "SELECT id, password, salt FROM user WHERE username = ?";
$query = $db->prepare($sql);
$query->bindValue(1, $username);
if ($query->execute()) {
if ($query->rowCount() === 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
$id = $result['id'];
$salt = $result['salt'];
$hash = $result['password'];
if (\Core\Hash::compare($password, $salt, $hash)) {
$user = $this->showSingle($id);
return $user;
}
return false;
}
}
} catch (PDOException $e) {
throw new \Exception($e->getMessage(), 444);
}
}
public function logout($id)
{
if ($this->update('user', ['status' => 0], $id)) {
return true;
}
return false;
}
}

70
App/Models/Post.php
View File

@ -35,76 +35,6 @@ class Post extends \Core\Model
);
}
public function showAll($conditions = [])
{
try {
$db = static::connectDB();
$sql = "SELECT * FROM pengumuman";
if ($conditions) {
$sql .= " WHERE";
foreach ($conditions as $condition) {
$keys[] = $condition[0];
$operators[] = $condition[1];
$values[] = $condition[2];
}
$x = 1;
$i = 0;
foreach ($keys as $key) {
$sql .= " $key $operators[$i] ?";
$i++;
$x++;
if ($x <= count($keys)) {
$sql .= " AND";
}
}
}
$query = $db->prepare($sql);
if ($conditions) {
$x = 1;
foreach ($values as $value) {
$query->bindValue($x, $value);
$x++;
}
}
if ($query->execute()) {
if ($query->rowCount() != 0) {
$result = $query->fetchAll(\PDO::FETCH_ASSOC);
return $result;
}
}
} catch (PDOException $e) {
throw new \Exception($e->getMessage, 444);
}
}
public function showSingle($id)
{
try {
$db = static::connectDB();
$sql = "SELECT * FROM pengumuman WHERE id = ?";
$query = $db->prepare($sql);
if ($query->execute([$id])) {
if ($query->rowCount() === 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
return $result;
}
}
} catch (PDOException $e) {
throw new \Exception($e->getMessage(), 444);
}
}
public function showCategories()
{
try {

2
App/Views/Access/login.html
View File

@ -20,6 +20,6 @@
<br>
<button type="submit" name="login">Login</button>
<button type="submit">Login</button>
</form>
{% endblock %}

62
Core/Model.php
View File

@ -7,10 +7,6 @@ abstract class Model
{
protected static $conn = null;
abstract public function showAll();
abstract public function showSingle($id);
protected static function connectDB()
{
try {
@ -60,6 +56,62 @@ abstract class Model
}
}
public function showAll($table, $conditions = [])
{
try {
if ($table) {
$db = static::connectDB();
$sql = "SELECT * FROM $table";
if ($conditions) {
$sql .= " WHERE";
foreach ($conditions as $condition) {
$keys[] = $condition[0];
$operators[] = $condition[1];
$values[] = $condition[2];
}
$x = 1;
$i = 0;
foreach ($keys as $key) {
$sql .= " $key $operators[$i] ?";
$i++;
$x++;
if ($x <= count($keys)) {
$sql .= " AND";
}
}
}
$query = $db->prepare($sql);
if ($conditions) {
$x = 1;
foreach ($values as $value) {
$query->bindValue($x, $value);
$x++;
}
}
$query->execute();
if ($query->rowCount() == 1) {
$result = $query->fetch(\PDO::FETCH_ASSOC);
} elseif ($query->rowCount() > 1) {
$result = $query->fetchAll(\PDO::FETCH_ASSOC);
} else {
return false;
}
return $result;
}
return false;
} catch (PDOException $e) {
throw new \Exception($e->getMessage, 444);
}
}
public function entry($table, $args, $values = '')
{
if (count($args)) {
@ -146,7 +198,7 @@ abstract class Model
try {
$db = static::connectDB();
$result = $this->showAll([
$result = $this->showAll($table, [
['id', '=', $id]
]);