Delete login directory
This commit is contained in:
Fernando Méndez
GitHub
@ -1,104 +0,0 @@
|
||||
<?php
|
||||
|
||||
include_once('user_dao.php');
|
||||
include_once('../assets/php/form.php');
|
||||
|
||||
class FormLogin extends Form {
|
||||
//Constants:
|
||||
const HTML5_EMAIL_REGEXP = '^[a-zA-Z0-9.!#$%&\'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$';
|
||||
|
||||
//Atributes:
|
||||
private $user; // User who is going to log-in.
|
||||
private $reply; // Validation response
|
||||
|
||||
//Constructor:
|
||||
public function __construct() {
|
||||
parent::__construct('formLogin');
|
||||
$this->reply = array();
|
||||
}
|
||||
|
||||
//Methods:
|
||||
|
||||
//Returns validation response:
|
||||
public function getReply() {
|
||||
|
||||
if(isset($_SESSION["login"])){
|
||||
$name = strtoupper($_SESSION['nombre']);
|
||||
$this->reply = "<h1>Bienvenido {$_SESSION['nombre']}</h1><hr />
|
||||
<p>{$name}, has iniciado sesión correctamente.</p>
|
||||
<p>Usa los botones para navegar</p>
|
||||
<a href='../'><button>Inicio</button></a>
|
||||
<a href='../../panel_{$_SESSION["rol"]}'><button>Mi Panel</button></a>\n";
|
||||
}
|
||||
else if(!isset($_SESSION["login"])){
|
||||
$this->reply = "<h1>ERROR</h1><hr />".
|
||||
"<p>El usuario o contraseña no son válidos.</p>
|
||||
<p>Vuelve a intetarlo o regístrate si no lo habías hecho previamente.</p>
|
||||
<a href='./'><button>Iniciar Sesión</button></a>
|
||||
<form method='post' action='./'><button name='register' id='register'>Registro</button></form>\n";
|
||||
}
|
||||
|
||||
return $this->reply;
|
||||
}
|
||||
|
||||
//Process form:
|
||||
public function processesForm($name, $pass) {
|
||||
$login = true;
|
||||
$name = $this->test_input($name);
|
||||
$pass = $this->test_input($pass);
|
||||
|
||||
$username = isset($name) ? $name : null ;
|
||||
if (!$username) {
|
||||
$login = false;
|
||||
}
|
||||
|
||||
/*
|
||||
$email = isset($mail) ? $mail : null ;
|
||||
if (!$email || !mb_ereg_match(self::HTML5_EMAIL_REGEXP, $email)) {
|
||||
$login = false;
|
||||
}
|
||||
*/
|
||||
|
||||
$password = isset($pass) ? $pass : null ;
|
||||
if (!$password || mb_strlen($password) < 4) {
|
||||
$login = false;
|
||||
}
|
||||
|
||||
if ($login) {
|
||||
$bd = new UserDAO('complucine');
|
||||
if($bd){
|
||||
$selectUser = $bd->selectUser($username);
|
||||
$selectUser->data_seek(0);
|
||||
while ($fila = $selectUser->fetch_assoc()) {
|
||||
if($username === $fila['username'] && $bd->verifyPass($password, $fila['passwd'])){
|
||||
$this->user = $bd->loadUser($fila['id'], $fila['username'], $fila['email'], $fila['passwd'], $fila['rol']);
|
||||
}
|
||||
}
|
||||
|
||||
try{
|
||||
if ($this->user) {
|
||||
$_SESSION['user'] = $this->user;
|
||||
$_SESSION["nombre"] = $this->user->getName();
|
||||
$_SESSION["login"] = $login;
|
||||
$_SESSION["rol"] = $this->user->getRol();
|
||||
}
|
||||
}
|
||||
catch (Exception $e){
|
||||
$_SESSION["login"] = $login;
|
||||
}
|
||||
|
||||
mysqli_free_result($selectUser);
|
||||
//$selectUser->free();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
protected function test_input($input){
|
||||
return htmlspecialchars(trim(strip_tags($input)));
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
?>
|
||||
@ -1,73 +0,0 @@
|
||||
<?php
|
||||
require_once('user_dao.php');
|
||||
?>
|
||||
|
||||
<?php
|
||||
class Register {
|
||||
// ATRIBUTOS
|
||||
private $name;
|
||||
private $email;
|
||||
private $password;
|
||||
private $repassword;
|
||||
private $rol; // Desde aqui solo se registran usuarios finales, seran rol "user"
|
||||
private $id; // Generado en la BD? Aleatorio?
|
||||
private $reply;
|
||||
|
||||
// CONSTRUCTOR
|
||||
function __construct() {}
|
||||
|
||||
// METODOS
|
||||
public function testReg() {
|
||||
$this->name = $this->test_input($_POST["name"]);
|
||||
$this->email = $this->test_input($_POST["email"]);
|
||||
$this->password = $this->test_input($_POST["pass"]);
|
||||
$this->repassword = $this->test_input($_POST["repass"]);
|
||||
$this->rol = "user";
|
||||
$this->id = "xxxx";
|
||||
|
||||
// Creamos DAO
|
||||
$instanceDAO = new UserDAO('complucine');
|
||||
|
||||
// Creamos DTO
|
||||
$uDTO = $instanceDAO->loadUser($this->id, $this->name, $this->email, $this->password, $this->rol);
|
||||
|
||||
if($this->password == $this->repassword) { // Comprobacion de contrasenyas iguales
|
||||
$resultado = $instanceDAO->selectUser($uDTO->getName());
|
||||
if($resultado->num_rows == 0) { // Comprobacion de que el usuario no existe ya en la BD
|
||||
// Se manda el usuario al DAO, que lo creara en la BD
|
||||
$instanceDAO->createUser($uDTO->getId(), $uDTO->getName(), $uDTO->getEmail(), $uDTO->getPass(), $uDTO->getRol());
|
||||
|
||||
$this->reply = "<h1>¡Éxito en el registro!</h1><hr/>
|
||||
<p>{$_POST['name']}, te has registrado correctamente.</p>
|
||||
<p>Puedes iniciar sesión en el siguiente enlace.</p>
|
||||
<br>
|
||||
<a href='./index.php'><button>Iniciar sesión</button></a>\n";
|
||||
}
|
||||
else {
|
||||
$this->reply = "<h1>¡Ha ocurrido un error!</h1><hr/>".
|
||||
"<p>¡Ya existe un usuario con este nombre!</p>
|
||||
<p>Vuelve a intetarlo o prueba a inicia sesión.</p>
|
||||
<a href='./'><button>Iniciar Sesión</button></a>
|
||||
<form method='post' action='./'><button name='register' id='register'>Registro</button></form>\n";
|
||||
}
|
||||
$resultado->free();
|
||||
}
|
||||
else {
|
||||
$this->reply = "<h1>¡Ha ocurrido un error!</h1><hr/>".
|
||||
"<p>Los datos introducidos no son válidos.</p>
|
||||
<p>Vuelve a intetarlo o prueba a inicia sesión.</p>
|
||||
<a href='./'><button>Iniciar Sesión</button></a>
|
||||
<form method='post' action='./'><button name='register' id='register'>Registro</button></form>\n";
|
||||
}
|
||||
}
|
||||
|
||||
// Metodo auxiliar que comprueba la validez de los parametros
|
||||
private function test_input($input){
|
||||
return htmlspecialchars(trim(strip_tags($input)));
|
||||
}
|
||||
|
||||
public function getReply() {
|
||||
return $this->reply;
|
||||
}
|
||||
}
|
||||
?>
|
||||
@ -1,85 +0,0 @@
|
||||
<?php
|
||||
require_once('../assets/php/dao.php');
|
||||
include_once('user_dto.php');
|
||||
|
||||
class UserDAO extends DAO {
|
||||
|
||||
//Constants:
|
||||
private const _USER = "user";
|
||||
private const _MANAGER = "manager";
|
||||
private const _ADMIN = "admin";
|
||||
|
||||
//Attributes:
|
||||
|
||||
//Constructor:
|
||||
function __construct($bd_name){
|
||||
parent::__construct($bd_name);
|
||||
}
|
||||
|
||||
//Methods:
|
||||
|
||||
//Encrypt password with SHA254.
|
||||
private function encryptPass($password){
|
||||
//$password = hash('sha256', $password);
|
||||
$password = password_hash($password, PASSWORD_DEFAULT);
|
||||
|
||||
return $password;
|
||||
}
|
||||
|
||||
//Returns true if the password and hash match, or false otherwise.
|
||||
public function verifyPass($password, $passwd){
|
||||
return password_verify($password, $passwd);
|
||||
}
|
||||
|
||||
//Create a new User.
|
||||
public function createUser($id, $username, $email, $password, $rol){
|
||||
$password = $this->encryptPass($password);
|
||||
|
||||
$sql = sprintf( "INSERT INTO users( id, username, email, passwd, rol)
|
||||
VALUES ( '%s', '%s', '%s', '%s', '%s')",
|
||||
$id, $username, $email, $password, $rol );
|
||||
|
||||
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
|
||||
|
||||
return $resul;
|
||||
}
|
||||
|
||||
//Returns a query to check if the user name exists.
|
||||
public function selectUser($username){
|
||||
$username = $this->mysqli->real_escape_string($username);
|
||||
|
||||
$sql = sprintf( "SELECT * FROM users WHERE username = '%s'", $username );
|
||||
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
|
||||
|
||||
return $resul;
|
||||
}
|
||||
|
||||
//Returns a query to check if the user pass matches.
|
||||
public function selectPass($username, $password){
|
||||
$username = $this->mysqli->real_escape_string($username);
|
||||
$password = $this->mysqli->real_escape_string($password);
|
||||
$password = $this->encryptPass($password);
|
||||
|
||||
$sql = sprintf( "SELECT * FROM users WHERE username = '%s' AND passwd = '%s'", $username, $password);
|
||||
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
|
||||
|
||||
//return $this->mysqli->query($sql);
|
||||
return $resul;
|
||||
}
|
||||
|
||||
//Returns a query to get the user's data.
|
||||
public function userData($id){
|
||||
$sql = sprintf( "SELECT * FROM users WHERE id = '%d'", $id );
|
||||
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
|
||||
|
||||
return $resul;
|
||||
}
|
||||
|
||||
//Create a new User Data Transfer Object.
|
||||
public function loadUser($id, $username, $email, $password, $rol){
|
||||
return new UserDTO($id, $username, $email, $password, $rol);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
@ -1,37 +0,0 @@
|
||||
<?php
|
||||
include_once('users_dto_interface.php');
|
||||
|
||||
class UserDTO implements UsersInterface {
|
||||
|
||||
//Attributes:
|
||||
private $_id; //User Id.
|
||||
private $_username; //User name.
|
||||
private $_email; //User email.
|
||||
private $_password; //User password.
|
||||
private $_rol; //Type of user: user | manager | admin.
|
||||
|
||||
//Constructor:
|
||||
function __construct($id, $username, $email, $password, $rol){
|
||||
$this->_id = $id;
|
||||
$this->_username = $username;
|
||||
$this->_email = $email;
|
||||
$this->_password = $password;
|
||||
$this->_rol = $rol;
|
||||
}
|
||||
|
||||
//Methods:
|
||||
|
||||
//Getters && Setters:
|
||||
public function setId($id){ $this->_id = $id; }
|
||||
public function getId(){ return $this->_id; }
|
||||
public function setName($username){ $this->_username = $username; }
|
||||
public function getName(){ return $this->_username; }
|
||||
public function setEmail($email){ $this->_email = $email; }
|
||||
public function getEmail(){ return $this->_email; }
|
||||
public function setPass($passwd){ $this->_password = $passwd; }
|
||||
public function getPass(){ return $this->_password; }
|
||||
public function setRol($rol){ $this->_rol = $rol; }
|
||||
public function getRol(){ return $this->_rol; }
|
||||
|
||||
}
|
||||
?>
|
||||
@ -1,14 +0,0 @@
|
||||
<?php
|
||||
interface UsersInterface {
|
||||
public function setId($id);
|
||||
public function getId();
|
||||
public function setName($username);
|
||||
public function getName();
|
||||
public function setEmail($email);
|
||||
public function getEmail();
|
||||
public function setPass($passwd);
|
||||
public function getPass();
|
||||
public function setRol($rol);
|
||||
public function getRol();
|
||||
}
|
||||
?>
|
||||
Reference in New Issue
Block a user