fermdez/SW
fermdez
/
SW
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add files via upload

This commit is contained in:
Fernando Méndez 2021-04-13 17:20:46 +02:00 committed by GitHub
parent 081e7ed85e
commit 76627d27de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 481 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

103
login/includes/formLogin.php Normal file
View File

@ -0,0 +1,103 @@
<?php
include_once('user_dao.php');
include_once($prefix.'assets/php/form.php');
class FormLogin extends Form {
//Constants:
const HTML5_EMAIL_REGEXP = '^[a-zA-Z0-9.!#$%&\'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$';
//Atributes:
private $user; // User who is going to log-in.
private $reply; // Validation response
//Constructor:
public function __construct() {
parent::__construct('formLogin');
$this->reply = array();
}
//Methods:
//Returns validation response:
public function getReply() {
if(isset($_SESSION["login"])){
$name = strtoupper($_SESSION['nombre']);
$this->reply = "<h1>Bienvenido {$_SESSION['nombre']}</h1><hr />
<p>{$name}, has iniciado sesión correctamente.</p>
<p>Usa los botones para navegar</p>
<a href='../'><button>Inicio</button></a>
<a href='../../panel_{$_SESSION["rol"]}'><button>Mi Panel</button></a>\n";
}
else if(!isset($_SESSION["login"])){
$this->reply = "<h1>ERROR</h1><hr />".
"<p>El usuario o contraseña no son válidos.</p>
<p>Vuelve a intetarlo o regístrate si no lo habías hecho previamente.</p>
<a href='./'><button>Iniciar Sesión</button></a>
<form method='post' action='./'><button name='register' id='register'>Registro</button></form>\n";
}
return $this->reply;
}
//Process form:
public function processesForm($name, $pass) {
$login = true;
$name = $this->test_input($name);
$pass = $this->test_input($pass);
$username = isset($name) ? $name : null ;
if (!$username) {
$login = false;
}
/*
$email = isset($mail) ? $mail : null ;
if (!$email || !mb_ereg_match(self::HTML5_EMAIL_REGEXP, $email)) {
$login = false;
}
*/
$password = isset($pass) ? $pass : null ;
if (!$password || mb_strlen($password) < 4) {
$login = false;
}
if ($login) {
$bd = new UserDAO('complucine');
if($bd){
$selectUser = $bd->selectUser($username);
$selectUser->data_seek(0);
while ($fila = $selectUser->fetch_assoc()) {
if($username === $fila['username'] && $bd->verifyPass($password, $fila['passwd'])){
$this->user = $bd->loadUser($fila['id'], $fila['username'], $fila['email'], $fila['passwd'], $fila['rol']);
}
}
try{
if ($this->user) {
$_SESSION['user'] = $this->user;
$_SESSION["nombre"] = $this->user->getName();
$_SESSION["login"] = $login;
$_SESSION["rol"] = $this->user->getRol();
}
}
catch (Exception $e){
$_SESSION["login"] = $login;
}
mysqli_free_result($selectUser);
//$selectUser->free();
}
}
}
protected function test_input($input){
return htmlspecialchars(trim(strip_tags($input)));
}
}
?>

85
login/includes/user_dao.php Normal file
View File

@ -0,0 +1,85 @@
<?php
require_once('../assets/php/dao.php');
include_once('user_dto.php');
class UserDAO extends DAO {
//Constants:
private const _USER = "user";
private const _MANAGER = "manager";
private const _ADMIN = "admin";
//Attributes:
//Constructor:
function __construct($bd_name){
parent::__construct($bd_name);
}
//Methods:
//Encrypt password with SHA254.
private function encryptPass($password){
//$password = hash('sha256', $password);
$password = password_hash($password, PASSWORD_DEFAULT);
return $password;
}
//Returns true if the password and hash match, or false otherwise.
public function verifyPass($password, $passwd){
return password_verify($password, $passwd);
}
//Create a new User.
public function createUser($id, $username, $email, $password, $rol){
$password = $this->encryptPass($password);
$sql = sprintf( "INSERT INTO users( id, username, email, passwd, rol)
VALUES ( '%s', '%s', '%s', '%s', '%s')",
$id, $username, $email, $password, $rol );
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
return $resul;
}
//Returns a query to check if the user name exists.
public function selectUser($username){
$username = $this->mysqli->real_escape_string($username);
$sql = sprintf( "SELECT * FROM users WHERE username = '%s'", $username );
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
return $resul;
}
//Returns a query to check if the user pass matches.
public function selectPass($username, $password){
$username = $this->mysqli->real_escape_string($username);
$password = $this->mysqli->real_escape_string($password);
$password = $this->encryptPass($password);
$sql = sprintf( "SELECT * FROM users WHERE username = '%s' AND passwd = '%s'", $username, $password);
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
//return $this->mysqli->query($sql);
return $resul;
}
//Returns a query to get the user's data.
public function userData($id){
$sql = sprintf( "SELECT * FROM users WHERE id = '%d'", $id );
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
return $resul;
}
//Create a new User Data Transfer Object.
public function loadUser($id, $username, $email, $password, $rol){
return new UserDTO($id, $username, $email, $password, $rol);
}
}
?>

37
login/includes/user_dto.php Normal file
View File

@ -0,0 +1,37 @@
<?php
include_once('users_dto_interface.php');
class UserDTO implements UsersInterface {
//Attributes:
private $_id; //User Id.
private $_username; //User name.
private $_email; //User email.
private $_password; //User password.
private $_rol; //Type of user: user | manager | admin. --> Será eliminado en la siguiente práctica para usar el modelo relacional de nuestra BD.
//Constructor:
function __construct($id, $username, $email, $password, $rol){
$this->_id = $id;
$this->_username = $username;
$this->_email = $email;
$this->_password = $password;
$this->_rol = $rol;
}
//Methods:
//Getters && Setters:
public function setId($id){ $this->_id = $id; }
public function getId(){ return $this->_id; }
public function setName($username){ $this->_username = $username; }
public function getName(){ return $this->_username; }
public function setEmail($email){ $this->_email = $email; }
public function getEmail(){ return $this->_email; }
public function setPass($passwd){ $this->_password = $passwd; }
public function getPass(){ return $this->_password; }
public function setRol($rol){ $this->_rol = $rol; }
public function getRol(){ return $this->_rol; }
}
?>

14
login/includes/users_dto_interface.php Normal file
View File

@ -0,0 +1,14 @@
<?php
interface UsersInterface {
public function setId($id);
public function getId();
public function setName($username);
public function getName();
public function setEmail($email);
public function getEmail();
public function setPass($passwd);
public function getPass();
public function setRol($rol);
public function getRol();
}
?>

58
login/index.php Normal file
View File

@ -0,0 +1,58 @@
<!DOCTYPE HTML>
<?php
session_start();
//HTML template:
require_once('../assets/php/template.php');
$template = new Template();
//Change the view of the "Login page" to "Registration page":
require('login_register_view.php');
$view = new LoginRegisterView();
$isLogin = $view->getIsLogin();
$login = $view->getLogin();
$register = $view->getRegister();
?>
<!--
Práctica 2 - Sistemas Web | Grupo D
CompluCine - FDI-cines
-->
<html lang="es">
<!-- Head -->
<?php
$template->print_head();
?>
<body>
<!-- Header -->
<?php
$template->print_header();
?>
<!-- Main -->
<div class="main">
<div class="image"><img src="../img/logo_trasparente.png" /></div>
<h1>Acceso</h1>
<hr />
</div>
<!-- Login / Register -->
<section id="login_register">
<div class ="row">
<?php
if($isLogin){
echo $login;
} else {
echo $register;
}
?>
</div>
</section>
<!-- Footer -->
<?php
$template->print_footer();
?>
</body>
</html>

125
login/login_register_view.php Normal file
View File

@ -0,0 +1,125 @@
<?php
class LoginRegisterView {
//Atributes:
private $isLogin;
private $login;
private $register;
//Constructor:
public function __construct() {
$this->setIsLogin(true);
if(array_key_exists('register', $_POST)){
$this->setIsLogin(false);
}
else if(array_key_exists('login', $_POST)){
$this->setIsLogin(true);
}
$this->initLoginRegister();
}
//Methods:
private function setIsLogin($set){
return $this->isLogin = $set;
}
public function getIsLogin(){
return $this->isLogin;
}
public function getLogin(){
return $this->login;
}
public function getRegister(){
return $this->register;
}
private function initLoginRegister(){
$this->register = '<!-- Register -->
<div class="column left">
<h2>Registro</h2>
<form method="post" action="">
<div class="row">
<fieldset id="datos_personales">
<legend>Datos personales</legend>
<div class="_name">
<input type="text" name="name" id="name" value="" placeholder="Nombre" required/>
</div>
<div class="_email">
<input type="email" name="email" id="email" value="" placeholder="Email" required/>
</div>
<div class="_passwd">
<input type="password" name="pass" id="pass" value="" placeholder="Contraseña" required/>
</div>
<div class="_passwd">
<input type="password" name="repass" id="repass" value="" placeholder="Repita la contraseña" required/>
</div>
</fieldset>
<div class="verify">
<input type="checkbox" id="checkbox" name="terms" required>
<label for="terms">Marque esta casilla para verificar que ha leído nuestros términos y condiciones del servicio.</label>
</div>
<div class="actions">
<input type="submit" id="submit" value="Registrarse" class="primary" />
<input type="reset" id="reset" value="Borrar" />
</div>
</div>
</form>
</div>
<div class="column right">
<div class="code info">
<h2>¿Ya estás registrado?</h2>
<hr />
<p>Si dispones de una cuenta de usuario, no es necesario que rellenes este formulario nuevamente</p>
<p>Haz click en el botón para iniciar sesión.</p>
<form method="post">
<button type="submit" name="login" id="login">Inicia Sesión</button>
</form>
</div>
</div>'."\n";
$this->login = '<!-- Login -->
<div class="column left">
<div class="code info">
<h2>¿No tienes una cuenta?</h2>
<hr />
<p>Para crear una cuenta de usuario es necesario haber rellenado el formulario de registro previamente</p>
<p>Haz click en el botón para registrate.</p>
<form method="post">
<button type="submit" name="register" id="register">Registrate</button>
</form>
</div>
</div>
<div class="column right">
<h2>Iniciar Sesión</h2>
<form method="post" action="validate.php">
<div class="row">
<fieldset id="datos_personales">
<legend>Datos personales</legend>
<div class="_name">
<input type="text" name="name" id="name" value="" placeholder="Nombre" required/>
</div>
<!--
<div class="_email">
<input type="email" name="email" id="email" value="" placeholder="Email" required/>
</div>
-->
<div class="_passwd">
<input type="password" name="pass" id="pass" value="" placeholder="Contraseña" required/>
</div>
</fieldset>
<div class="actions">
<input type="submit" id="submit" value="Iniciar Sesión" class="primary" />
<input type="reset" id="reset" value="Borrar" />
</div>
</div>
</form>
</div>'."\n";
}
}
?>

59
login/validate.php Normal file
View File

@ -0,0 +1,59 @@
<?php
session_start();
//HTML template:
require_once('../assets/php/template.php');
$template = new Template();
$prefix = $template->get_prefix();
//Login form validate:
require_once('./includes/formLogin.php');
$login = new FormLogin();
$login->processesForm($_POST["name"], $_POST["pass"]);
$reply = $login->getReply();
?>
<!DOCTYPE HTML>
<!--
Práctica 2 - Sistemas Web | Grupo D
CompluCine - FDI-cines
-->
<html lang="es">
<!-- Head -->
<?php
$template->print_head();
?>
<body>
<!-- Header -->
<?php
$template->print_header();
?>
<!-- Main -->
<div class="main">
<div class="image"><img src="../img/logo_trasparente.png" /></div>
</div>
<!-- Reply -->
<section class="reply">
<div class ="row">
<div class="column side"></div>
<div class="column middle">
<div class="code info">
<?php
echo $reply;
?>
</div>
</div>
<div class="column side"></div>
</div>
</section>
<!-- Footer -->
<?php
$template->print_footer();
?>
</body>
</html>