lepisi-pengumuman/App/Controllers/Home.php

<?php
namespace App\Controllers;

use Core\View;
use App\Models\Access;
use Core\Token;
use Core\Session;
use Core\Redirect;
use Core\Hash;

class Home
{
    public $access,
            $table;

    public function __construct()
    {
        $this->access = new Access();
        $this->table = 'user';
    }

    /* Routes */
    public function index()
    {
        $posts = new Posts();
        $posts->index();
    }

    public function login()
    {
        if (Session::exists('userid')) {
            Session::flash('info', 'You already logged in');
            Redirect::to('/');
        } else {
            View::render('Access/login.html', [
                'token' => Token::generate()
            ]);
        }
    }

    public function logout() {
        if ($this->delete() != true) {
            $info = "There's an error. Please try again.";
        } else {
            Session::delete('userid');
            Session::delete('username');
            Session::delete('full_name');
            Session::delete('privilage');

            $info = "Logged out success";
        }
        Session::flash('info', $info);
        Redirect::to('/');
    }

    public function register()
    {
        if (Session::exists('userid') && Session::get('privilage') == 1) {
            View::render('Access/registrasi.html', [
                'token' => Token::generate()
            ]);
        } else {
            throw new \Exception("Bad Request", 400);
        }
    }

    /* Methods */
    public function post($args = [])
    {
        foreach ($args as $value) {
            if ($value == '') {
                Session::flash('info', 'All data must not be empty');
                Redirect::to('/');
                die();
            }
        }

        $table = 'user';

        $date = new \DateTime();
        $now = $date->format('Y-m-d');
        $args['registered_at'] = $now;

        $salt = Hash::salt();
        $password = Hash::make($args['password'], $salt);
        $args['salt'] = $salt;
        $args['password'] = $password;

        $args['full_name'] = htmlspecialchars($args['full_name']);
        $args['username'] = htmlspecialchars($args['username']);

        $data = $this->access->showAll($table);
        foreach ($data as $users) {
            if ($args['username'] == $users['username']) {
                Session::flash('info', 'Username already exists');
                Redirect::to('./register');
                die();
            }
        }

        $this->access->entry($table, $args);

        Redirect::to('/');
    }

    public function put($args = [])
    {
        $table = 'user';
        $username = $args['username'];
        $password = $args['password'];

        $user = $this->access->showAll($table, [
            ['username', '=', $username]
        ]);
        if ($user == false) {
            $info = "Invalid username/password";
        } else {
            $hash = Hash::compare($password, $user['salt'], $user['password']);

            if ($hash == true) {
                if ($this->access->update($table, ['status' => 1], $user['id']) != true) {
                    $info = "There's an error. Please try again.";
                } else {
                    Session::put('userid', $user['id']);
                    Session::put('username', $user['username']);
                    Session::put('full_name', $user['full_name']);
                    Session::put('privilage', $user['privilage']);

                    $info = "Logged in success";
                }
            }
        }
        Session::flash('info', $info);
        Redirect::to('/');
    }

    public function delete()
    {
        $table = 'user';
        $user = Session::get('userid');

        if ($this->access->update($table, ['status' => 0], $user) != true) {
            throw new \Exception("Bad request", 400);
        }
        return true;
    }
}