Acceso
++
+
{$name}, has iniciado sesión correctamente.
+Usa los botones para navegar
+ + \n"; + } + else if(!isset($_SESSION["login"])){ + $this->reply = "El usuario o contraseña no son válidos.
+Vuelve a intetarlo o regístrate si no lo habías hecho previamente.
+ + \n"; + } + + return $this->reply; + } + + //Process form: + public function processesForm($name, $pass) { + $login = true; + $name = $this->test_input($name); + $pass = $this->test_input($pass); + + $username = isset($name) ? $name : null ; + if (!$username) { + $login = false; + } + + /* + $email = isset($mail) ? $mail : null ; + if (!$email || !mb_ereg_match(self::HTML5_EMAIL_REGEXP, $email)) { + $login = false; + } + */ + + $password = isset($pass) ? $pass : null ; + if (!$password || mb_strlen($password) < 4) { + $login = false; + } + + if ($login) { + $bd = new UserDAO('complucine'); + if($bd){ + $selectUser = $bd->selectUser($username); + $selectUser->data_seek(0); + while ($fila = $selectUser->fetch_assoc()) { + if($username === $fila['username'] && $bd->verifyPass($password, $fila['passwd'])){ + $this->user = $bd->loadUser($fila['id'], $fila['username'], $fila['email'], $fila['passwd'], $fila['rol']); + } + } + + try{ + if ($this->user) { + $_SESSION['user'] = $this->user; + $_SESSION["nombre"] = $this->user->getName(); + $_SESSION["login"] = $login; + $_SESSION["rol"] = $this->user->getRol(); + } + } + catch (Exception $e){ + $_SESSION["login"] = $login; + } + + mysqli_free_result($selectUser); + //$selectUser->free(); + } + + } + + } + + protected function test_input($input){ + return htmlspecialchars(trim(strip_tags($input))); + } + +} +?> \ No newline at end of file diff --git a/login/includes/user_dao.php b/login/includes/user_dao.php new file mode 100644 index 0000000..62ddc36 --- /dev/null +++ b/login/includes/user_dao.php @@ -0,0 +1,85 @@ +encryptPass($password); + + $sql = sprintf( "INSERT INTO users( id, username, email, passwd, rol) + VALUES ( '%s', '%s', '%s', '%s', '%s')", + $id, $username, $email, $password, $rol ); + + $resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database'); + + return $resul; + } + + //Returns a query to check if the user name exists. + public function selectUser($username){ + $username = $this->mysqli->real_escape_string($username); + + $sql = sprintf( "SELECT * FROM users WHERE username = '%s'", $username ); + $resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database'); + + return $resul; + } + + //Returns a query to check if the user pass matches. + public function selectPass($username, $password){ + $username = $this->mysqli->real_escape_string($username); + $password = $this->mysqli->real_escape_string($password); + $password = $this->encryptPass($password); + + $sql = sprintf( "SELECT * FROM users WHERE username = '%s' AND passwd = '%s'", $username, $password); + $resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database'); + + //return $this->mysqli->query($sql); + return $resul; + } + + //Returns a query to get the user's data. + public function userData($id){ + $sql = sprintf( "SELECT * FROM users WHERE id = '%d'", $id ); + $resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database'); + + return $resul; + } + + //Create a new User Data Transfer Object. + public function loadUser($id, $username, $email, $password, $rol){ + return new UserDTO($id, $username, $email, $password, $rol); + } + + } + +?> \ No newline at end of file diff --git a/login/includes/user_dto.php b/login/includes/user_dto.php new file mode 100644 index 0000000..18e7a4e --- /dev/null +++ b/login/includes/user_dto.php @@ -0,0 +1,37 @@ + Será eliminado en la siguiente práctica para usar el modelo relacional de nuestra BD. + + //Constructor: + function __construct($id, $username, $email, $password, $rol){ + $this->_id = $id; + $this->_username = $username; + $this->_email = $email; + $this->_password = $password; + $this->_rol = $rol; + } + + //Methods: + + //Getters && Setters: + public function setId($id){ $this->_id = $id; } + public function getId(){ return $this->_id; } + public function setName($username){ $this->_username = $username; } + public function getName(){ return $this->_username; } + public function setEmail($email){ $this->_email = $email; } + public function getEmail(){ return $this->_email; } + public function setPass($passwd){ $this->_password = $passwd; } + public function getPass(){ return $this->_password; } + public function setRol($rol){ $this->_rol = $rol; } + public function getRol(){ return $this->_rol; } + + } +?> \ No newline at end of file diff --git a/login/includes/users_dto_interface.php b/login/includes/users_dto_interface.php new file mode 100644 index 0000000..4705352 --- /dev/null +++ b/login/includes/users_dto_interface.php @@ -0,0 +1,14 @@ + \ No newline at end of file diff --git a/login/index.php b/login/index.php new file mode 100644 index 0000000..eb1c5ee --- /dev/null +++ b/login/index.php @@ -0,0 +1,58 @@ + +getIsLogin(); + $login = $view->getLogin(); + $register = $view->getRegister(); +?> + + + + print_head(); + ?> + + + print_header(); + ?> + + +Si dispones de una cuenta de usuario, no es necesario que rellenes este formulario nuevamente
+Haz click en el botón para iniciar sesión.
+ +Para crear una cuenta de usuario es necesario haber rellenado el formulario de registro previamente
+Haz click en el botón para registrate.
+ +