Connexion system working
This commit is contained in:
Phyks
parent
c72585c95b
commit
d09760e3da
2
TODO
2
TODO
|
|
@ -1,2 +1,4 @@
|
|||
* i18n
|
||||
* Vérification des variables dans les classes + throw exception
|
||||
* tokens + ban system
|
||||
* TRUNCATE before CREATE TABLE in install.php
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@
|
|||
require_once('config.php');
|
||||
|
||||
class Storage {
|
||||
private $host, $login, $password, $db;
|
||||
private $connection = null;
|
||||
|
||||
public function __construct() {
|
||||
|
|
@ -81,19 +80,50 @@ class Storage {
|
|||
}
|
||||
}
|
||||
|
||||
public function load($fields = NULL) {
|
||||
$query = 'SELECT ';
|
||||
$i = false;
|
||||
foreach($this->fields as $field=>$type) {
|
||||
if($i) { $query .= ','; } else { $i = true; }
|
||||
|
||||
$query .= $field;
|
||||
}
|
||||
$query .= ' FROM '.MYSQL_PREFIX.$this->TABLE_NAME;
|
||||
|
||||
if(!empty($fields) && is_array($fields)) {
|
||||
$i = true;
|
||||
foreach($fields as $field=>$value) {
|
||||
if($i) { $query .= ' WHERE '; $i = false; } else { $query .= ' AND '; }
|
||||
|
||||
$query .= $field.'=:'.$field;
|
||||
}
|
||||
}
|
||||
|
||||
$query = $this->connection->prepare($query);
|
||||
|
||||
if(!empty($fields) && is_array($fields)) {
|
||||
foreach($fields as $field=>$value) {
|
||||
$query->bindParam(':'.$field, $value);
|
||||
}
|
||||
}
|
||||
|
||||
$query->execute();
|
||||
|
||||
return $query->fetchAll();
|
||||
}
|
||||
|
||||
public function save() {
|
||||
if(!empty($this->id)) {
|
||||
$query = 'UPDATE `'.MYSQL_PREFIX.$this->TABLE_NAME.'` SET ';
|
||||
$query = 'UPDATE '.MYSQL_PREFIX.$this->TABLE_NAME.' SET ';
|
||||
|
||||
$i = false;
|
||||
foreach($this->fields as $field=>$type) {
|
||||
if($i) { $query .= ','; } else { $i = true; }
|
||||
|
||||
$id = $this->$field;
|
||||
$query .= '`'.$field.'` = "'.$this($id).'"';
|
||||
$query .= $field.'=:'.$field;
|
||||
}
|
||||
|
||||
$query .= 'WHERE `id`="'.$this->id.'"';
|
||||
$query .= 'WHERE id='.$this->id;
|
||||
}
|
||||
else {
|
||||
$query = 'INSERT INTO '.MYSQL_PREFIX.$this->TABLE_NAME.'(';
|
||||
|
|
@ -116,6 +146,7 @@ class Storage {
|
|||
|
||||
$query .= ')';
|
||||
}
|
||||
|
||||
$query = $this->connection->prepare($query);
|
||||
|
||||
foreach($this->fields as $field=>$type) {
|
||||
|
|
|
|||
|
|
@ -27,13 +27,17 @@ class User extends Storage {
|
|||
public function getAdmin() {
|
||||
return $this->admin;
|
||||
}
|
||||
|
||||
|
||||
public function setId($id) {
|
||||
$this->id = $id;
|
||||
}
|
||||
|
||||
public function setLogin($login) {
|
||||
$this->login = $login;
|
||||
}
|
||||
|
||||
public function setPassword($password) {
|
||||
$this->password = User::encrypt($password);
|
||||
$this->password = $password;
|
||||
}
|
||||
|
||||
public function setAdmin($admin) {
|
||||
|
|
@ -44,7 +48,33 @@ class User extends Storage {
|
|||
return crypt($text, SALT);
|
||||
}
|
||||
|
||||
public function check_password($password) {
|
||||
public function checkPassword($password) {
|
||||
return User::encrypt($password) == $this->password;
|
||||
}
|
||||
|
||||
public function exists() {
|
||||
$user_data = $this->load(array('login'=>$this->login));
|
||||
if(count($user_data) == 1) {
|
||||
$this->setAdmin($user_data[0]['admin']);
|
||||
$this->setPassword($user_data[0]['password']);
|
||||
|
||||
return true;
|
||||
}
|
||||
else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
public function sessionStore() {
|
||||
return serialize(array('id'=>$this->id, 'login'=>$this->login, 'password'=>$this->password, 'admin'=>$this->admin));
|
||||
}
|
||||
|
||||
public function sessionRestore($serialized_data) {
|
||||
$user_data = unserialize($serialized_data);
|
||||
|
||||
$this->setId($user_data['id']);
|
||||
$this->setLogin($user_data['login']);
|
||||
$this->setPassword($user_data['password']);
|
||||
$this->setAdmin($user_data['admin']);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,4 +7,4 @@
|
|||
define('MYSQL_PREFIX', 'bouffeatulm_');
|
||||
define('INSTANCE_TITLE', 'Bouffe@Ulm');
|
||||
define('BASE_URL', 'http://localhost/Bouffe@Ulm/');
|
||||
define('SALT', '$2a$10$AXnaxClN4pYlcXGfafGZCA==');
|
||||
define('SALT', '$2a$10$Cg7T08hTORaxZgfCua1xyQ==');
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
<?php
|
||||
if(!file_exists('inc/config.php')) header('location: install.php');
|
||||
|
||||
session_start();
|
||||
|
||||
require_once('inc/config.php');
|
||||
50
index.php
50
index.php
|
|
@ -1,2 +1,50 @@
|
|||
<?php
|
||||
require_once('inc/header.php');
|
||||
if(!file_exists('inc/config.php')) header('location: install.php');
|
||||
require_once('inc/config.php');
|
||||
require_once('inc/User.class.php');
|
||||
require_once('inc/rain.tpl.class.php');
|
||||
raintpl::$tpl_dir = 'tpl/';
|
||||
raintpl::$cache_dir = 'tmp/';
|
||||
|
||||
$tpl = new raintpl();
|
||||
$tpl->assign('instance_title', INSTANCE_TITLE);
|
||||
|
||||
session_start();
|
||||
$current_user = (isset($_SESSION['current_user']) ? unserialize($_SESSION['current_user']) : false);
|
||||
|
||||
if($current_user === false && (empty($_GET['do']) OR $_GET['do'] != 'connect')) { //If not connected, go to connection page
|
||||
header('location: index.php?do=connect');
|
||||
}
|
||||
|
||||
if(empty($_GET['do'])) {
|
||||
$_GET['do'] = '';
|
||||
}
|
||||
|
||||
switch($_GET['do']) {
|
||||
case 'connect':
|
||||
if($current_user !== false) header('location: index.php');
|
||||
if(!empty($_POST['login']) && !empty($_POST['password'])) {
|
||||
$current_user = new User();
|
||||
$current_user->setLogin($_POST['login']);
|
||||
if($current_user->exists($_POST['login']) && $current_user->checkPassword($_POST['password'])) {
|
||||
$_SESSION['current_user'] = $current_user->sessionStore();
|
||||
header('location: index.php');
|
||||
exit();
|
||||
}
|
||||
else {
|
||||
$error = "Unknown username/password.";
|
||||
}
|
||||
}
|
||||
$tpl->draw('connexion');
|
||||
break;
|
||||
|
||||
case 'disconnect':
|
||||
$current_user = false;
|
||||
session_destroy();
|
||||
header('location: index.php?do=connect');
|
||||
exit();
|
||||
|
||||
default:
|
||||
|
||||
break;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@
|
|||
require_once('inc/User.class.php');
|
||||
$admin = new User();
|
||||
$admin->setLogin($_POST['admin_login']);
|
||||
$admin->setPassword($_POST['admin_password']);
|
||||
$admin->setPassword($admin->encrypt($_POST['admin_password']));
|
||||
$admin->setAdmin(true);
|
||||
$admin->save();
|
||||
header('location: index.php');
|
||||
|
|
|
|||
|
|
@ -0,0 +1,10 @@
|
|||
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
|
||||
|
||||
|
||||
<h1><?php echo $instance_title;?> - Connexion</h1>
|
||||
|
||||
<form method="post" action="index.php?do=connect">
|
||||
<p><label for="login">Username : </label><input type="text" name="login" id="login"/></p>
|
||||
<p><label for="password">Password : </label><input type="password" name="password" id="password"/></p>
|
||||
<p><input type="submit" value="Connect"/></p>
|
||||
</form>
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
<?php if(!class_exists('raintpl')){exit;}?><!DOCTYPE html>
|
||||
<html lang="fr">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title><?php echo $instance_title;?></title>
|
||||
<link rel="stylesheet" media="screen" type="text/css" href="tpl/./misc/style.css" />
|
||||
<link rel="icon" href="tpl/./favicon.ico" />
|
||||
</head>
|
||||
<body>
|
||||
|
|
@ -0,0 +1,49 @@
|
|||
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
|
||||
|
||||
|
||||
<h1><?php echo $title;?></h1>
|
||||
|
||||
<?php echo $notice;?>
|
||||
|
||||
|
||||
<div id="menu">
|
||||
<ul>
|
||||
<li><a href="modif.php">Ajouter une dépense</a></li>
|
||||
<li><a href="modif_password.php">Modifier le mot de passe</a></li>
|
||||
<li><a href="rbmt.php">Consulter les remboursements</a></li>
|
||||
</ul>
|
||||
<?php if( $admin ){ ?>
|
||||
|
||||
<ul>
|
||||
<li><a href="rbmt_admin.php">Gérer les rembourements</a></li>
|
||||
<li><a href="copains.php">Modifier les copains</a></li>
|
||||
<li><a href="modif_annonce.php">Modifier l'annonce d'accueil</a></li>
|
||||
<li><a href="connexion.php?deco=1">Déconnexion</a></li>
|
||||
</ul>
|
||||
<?php } ?>
|
||||
|
||||
</div>
|
||||
<div id="quick_summary">
|
||||
<h2>Qui doit quoi ?</h2>
|
||||
<p>Lire <em>ligne</em> doit <em>case</em>€ à <em>colonne</em>. Les liens permettent de confirmer le paiement des dettes.</p>
|
||||
<table>
|
||||
<tr>
|
||||
<th>Doit\À</th>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
<div id="detailed_summary">
|
||||
<h2>Dépenses détaillées du mois actuel</h2>
|
||||
|
||||
<table>
|
||||
<tr>
|
||||
<th>Date</th>
|
||||
<th>Payé par</th>
|
||||
<th>Participants</th>
|
||||
<th>Montant</th>
|
||||
<th>Menu</th>
|
||||
<th>Modifier</th>
|
||||
<th>Supprimer</th>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
|
|
@ -0,0 +1,9 @@
|
|||
{include="header"}
|
||||
|
||||
<h1>{$instance_title} - Connexion</h1>
|
||||
|
||||
<form method="post" action="index.php?do=connect">
|
||||
<p><label for="login">Username : </label><input type="text" name="login" id="login"/></p>
|
||||
<p><label for="password">Password : </label><input type="password" name="password" id="password"/></p>
|
||||
<p><input type="submit" value="Connect"/></p>
|
||||
</form>
|
||||
|
|
@ -2,7 +2,7 @@
|
|||
<html lang="fr">
|
||||
<head>
|
||||
<meta charset="utf-8">
|
||||
<title>Bouffe@Ulm</title>
|
||||
<title>{$instance_title}</title>
|
||||
<link rel="stylesheet" media="screen" type="text/css" href="misc/style.css" />
|
||||
<link rel="icon" href="favicon.ico" />
|
||||
</head>
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{include="header"}
|
||||
|
||||
<h1>{$title}</h1>
|
||||
<h1>{$instance_title}</h1>
|
||||
|
||||
{$notice}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue