Connexion system working
This commit is contained in:
parent
c72585c95b
commit
d09760e3da
2
TODO
2
TODO
@ -1,2 +1,4 @@
|
|||||||
* i18n
|
* i18n
|
||||||
* Vérification des variables dans les classes + throw exception
|
* Vérification des variables dans les classes + throw exception
|
||||||
|
* tokens + ban system
|
||||||
|
* TRUNCATE before CREATE TABLE in install.php
|
||||||
|
@ -2,7 +2,6 @@
|
|||||||
require_once('config.php');
|
require_once('config.php');
|
||||||
|
|
||||||
class Storage {
|
class Storage {
|
||||||
private $host, $login, $password, $db;
|
|
||||||
private $connection = null;
|
private $connection = null;
|
||||||
|
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
@ -81,19 +80,50 @@ class Storage {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function load($fields = NULL) {
|
||||||
|
$query = 'SELECT ';
|
||||||
|
$i = false;
|
||||||
|
foreach($this->fields as $field=>$type) {
|
||||||
|
if($i) { $query .= ','; } else { $i = true; }
|
||||||
|
|
||||||
|
$query .= $field;
|
||||||
|
}
|
||||||
|
$query .= ' FROM '.MYSQL_PREFIX.$this->TABLE_NAME;
|
||||||
|
|
||||||
|
if(!empty($fields) && is_array($fields)) {
|
||||||
|
$i = true;
|
||||||
|
foreach($fields as $field=>$value) {
|
||||||
|
if($i) { $query .= ' WHERE '; $i = false; } else { $query .= ' AND '; }
|
||||||
|
|
||||||
|
$query .= $field.'=:'.$field;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$query = $this->connection->prepare($query);
|
||||||
|
|
||||||
|
if(!empty($fields) && is_array($fields)) {
|
||||||
|
foreach($fields as $field=>$value) {
|
||||||
|
$query->bindParam(':'.$field, $value);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$query->execute();
|
||||||
|
|
||||||
|
return $query->fetchAll();
|
||||||
|
}
|
||||||
|
|
||||||
public function save() {
|
public function save() {
|
||||||
if(!empty($this->id)) {
|
if(!empty($this->id)) {
|
||||||
$query = 'UPDATE `'.MYSQL_PREFIX.$this->TABLE_NAME.'` SET ';
|
$query = 'UPDATE '.MYSQL_PREFIX.$this->TABLE_NAME.' SET ';
|
||||||
|
|
||||||
$i = false;
|
$i = false;
|
||||||
foreach($this->fields as $field=>$type) {
|
foreach($this->fields as $field=>$type) {
|
||||||
if($i) { $query .= ','; } else { $i = true; }
|
if($i) { $query .= ','; } else { $i = true; }
|
||||||
|
|
||||||
$id = $this->$field;
|
$query .= $field.'=:'.$field;
|
||||||
$query .= '`'.$field.'` = "'.$this($id).'"';
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$query .= 'WHERE `id`="'.$this->id.'"';
|
$query .= 'WHERE id='.$this->id;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$query = 'INSERT INTO '.MYSQL_PREFIX.$this->TABLE_NAME.'(';
|
$query = 'INSERT INTO '.MYSQL_PREFIX.$this->TABLE_NAME.'(';
|
||||||
@ -116,6 +146,7 @@ class Storage {
|
|||||||
|
|
||||||
$query .= ')';
|
$query .= ')';
|
||||||
}
|
}
|
||||||
|
|
||||||
$query = $this->connection->prepare($query);
|
$query = $this->connection->prepare($query);
|
||||||
|
|
||||||
foreach($this->fields as $field=>$type) {
|
foreach($this->fields as $field=>$type) {
|
||||||
|
@ -27,13 +27,17 @@ class User extends Storage {
|
|||||||
public function getAdmin() {
|
public function getAdmin() {
|
||||||
return $this->admin;
|
return $this->admin;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function setId($id) {
|
||||||
|
$this->id = $id;
|
||||||
|
}
|
||||||
|
|
||||||
public function setLogin($login) {
|
public function setLogin($login) {
|
||||||
$this->login = $login;
|
$this->login = $login;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setPassword($password) {
|
public function setPassword($password) {
|
||||||
$this->password = User::encrypt($password);
|
$this->password = $password;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function setAdmin($admin) {
|
public function setAdmin($admin) {
|
||||||
@ -44,7 +48,33 @@ class User extends Storage {
|
|||||||
return crypt($text, SALT);
|
return crypt($text, SALT);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function check_password($password) {
|
public function checkPassword($password) {
|
||||||
return User::encrypt($password) == $this->password;
|
return User::encrypt($password) == $this->password;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function exists() {
|
||||||
|
$user_data = $this->load(array('login'=>$this->login));
|
||||||
|
if(count($user_data) == 1) {
|
||||||
|
$this->setAdmin($user_data[0]['admin']);
|
||||||
|
$this->setPassword($user_data[0]['password']);
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
public function sessionStore() {
|
||||||
|
return serialize(array('id'=>$this->id, 'login'=>$this->login, 'password'=>$this->password, 'admin'=>$this->admin));
|
||||||
|
}
|
||||||
|
|
||||||
|
public function sessionRestore($serialized_data) {
|
||||||
|
$user_data = unserialize($serialized_data);
|
||||||
|
|
||||||
|
$this->setId($user_data['id']);
|
||||||
|
$this->setLogin($user_data['login']);
|
||||||
|
$this->setPassword($user_data['password']);
|
||||||
|
$this->setAdmin($user_data['admin']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -7,4 +7,4 @@
|
|||||||
define('MYSQL_PREFIX', 'bouffeatulm_');
|
define('MYSQL_PREFIX', 'bouffeatulm_');
|
||||||
define('INSTANCE_TITLE', 'Bouffe@Ulm');
|
define('INSTANCE_TITLE', 'Bouffe@Ulm');
|
||||||
define('BASE_URL', 'http://localhost/Bouffe@Ulm/');
|
define('BASE_URL', 'http://localhost/Bouffe@Ulm/');
|
||||||
define('SALT', '$2a$10$AXnaxClN4pYlcXGfafGZCA==');
|
define('SALT', '$2a$10$Cg7T08hTORaxZgfCua1xyQ==');
|
@ -1,6 +0,0 @@
|
|||||||
<?php
|
|
||||||
if(!file_exists('inc/config.php')) header('location: install.php');
|
|
||||||
|
|
||||||
session_start();
|
|
||||||
|
|
||||||
require_once('inc/config.php');
|
|
50
index.php
50
index.php
@ -1,2 +1,50 @@
|
|||||||
<?php
|
<?php
|
||||||
require_once('inc/header.php');
|
if(!file_exists('inc/config.php')) header('location: install.php');
|
||||||
|
require_once('inc/config.php');
|
||||||
|
require_once('inc/User.class.php');
|
||||||
|
require_once('inc/rain.tpl.class.php');
|
||||||
|
raintpl::$tpl_dir = 'tpl/';
|
||||||
|
raintpl::$cache_dir = 'tmp/';
|
||||||
|
|
||||||
|
$tpl = new raintpl();
|
||||||
|
$tpl->assign('instance_title', INSTANCE_TITLE);
|
||||||
|
|
||||||
|
session_start();
|
||||||
|
$current_user = (isset($_SESSION['current_user']) ? unserialize($_SESSION['current_user']) : false);
|
||||||
|
|
||||||
|
if($current_user === false && (empty($_GET['do']) OR $_GET['do'] != 'connect')) { //If not connected, go to connection page
|
||||||
|
header('location: index.php?do=connect');
|
||||||
|
}
|
||||||
|
|
||||||
|
if(empty($_GET['do'])) {
|
||||||
|
$_GET['do'] = '';
|
||||||
|
}
|
||||||
|
|
||||||
|
switch($_GET['do']) {
|
||||||
|
case 'connect':
|
||||||
|
if($current_user !== false) header('location: index.php');
|
||||||
|
if(!empty($_POST['login']) && !empty($_POST['password'])) {
|
||||||
|
$current_user = new User();
|
||||||
|
$current_user->setLogin($_POST['login']);
|
||||||
|
if($current_user->exists($_POST['login']) && $current_user->checkPassword($_POST['password'])) {
|
||||||
|
$_SESSION['current_user'] = $current_user->sessionStore();
|
||||||
|
header('location: index.php');
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$error = "Unknown username/password.";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$tpl->draw('connexion');
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'disconnect':
|
||||||
|
$current_user = false;
|
||||||
|
session_destroy();
|
||||||
|
header('location: index.php?do=connect');
|
||||||
|
exit();
|
||||||
|
|
||||||
|
default:
|
||||||
|
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
@ -57,7 +57,7 @@
|
|||||||
require_once('inc/User.class.php');
|
require_once('inc/User.class.php');
|
||||||
$admin = new User();
|
$admin = new User();
|
||||||
$admin->setLogin($_POST['admin_login']);
|
$admin->setLogin($_POST['admin_login']);
|
||||||
$admin->setPassword($_POST['admin_password']);
|
$admin->setPassword($admin->encrypt($_POST['admin_password']));
|
||||||
$admin->setAdmin(true);
|
$admin->setAdmin(true);
|
||||||
$admin->save();
|
$admin->save();
|
||||||
header('location: index.php');
|
header('location: index.php');
|
||||||
|
10
tmp/connexion.af3906cfde643ae7f290cfdc51cc9342.rtpl.php
Normal file
10
tmp/connexion.af3906cfde643ae7f290cfdc51cc9342.rtpl.php
Normal file
@ -0,0 +1,10 @@
|
|||||||
|
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
|
||||||
|
|
||||||
|
|
||||||
|
<h1><?php echo $instance_title;?> - Connexion</h1>
|
||||||
|
|
||||||
|
<form method="post" action="index.php?do=connect">
|
||||||
|
<p><label for="login">Username : </label><input type="text" name="login" id="login"/></p>
|
||||||
|
<p><label for="password">Password : </label><input type="password" name="password" id="password"/></p>
|
||||||
|
<p><input type="submit" value="Connect"/></p>
|
||||||
|
</form>
|
9
tmp/header.36ba0f7e771a8681573a91518b54b424.rtpl.php
Normal file
9
tmp/header.36ba0f7e771a8681573a91518b54b424.rtpl.php
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
<?php if(!class_exists('raintpl')){exit;}?><!DOCTYPE html>
|
||||||
|
<html lang="fr">
|
||||||
|
<head>
|
||||||
|
<meta charset="utf-8">
|
||||||
|
<title><?php echo $instance_title;?></title>
|
||||||
|
<link rel="stylesheet" media="screen" type="text/css" href="tpl/./misc/style.css" />
|
||||||
|
<link rel="icon" href="tpl/./favicon.ico" />
|
||||||
|
</head>
|
||||||
|
<body>
|
49
tmp/index.af3906cfde643ae7f290cfdc51cc9342.rtpl.php
Normal file
49
tmp/index.af3906cfde643ae7f290cfdc51cc9342.rtpl.php
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
<?php if(!class_exists('raintpl')){exit;}?><?php $tpl = new RainTPL;$tpl_dir_temp = self::$tpl_dir;$tpl->assign( $this->var );$tpl->draw( dirname("header") . ( substr("header",-1,1) != "/" ? "/" : "" ) . basename("header") );?>
|
||||||
|
|
||||||
|
|
||||||
|
<h1><?php echo $title;?></h1>
|
||||||
|
|
||||||
|
<?php echo $notice;?>
|
||||||
|
|
||||||
|
|
||||||
|
<div id="menu">
|
||||||
|
<ul>
|
||||||
|
<li><a href="modif.php">Ajouter une dépense</a></li>
|
||||||
|
<li><a href="modif_password.php">Modifier le mot de passe</a></li>
|
||||||
|
<li><a href="rbmt.php">Consulter les remboursements</a></li>
|
||||||
|
</ul>
|
||||||
|
<?php if( $admin ){ ?>
|
||||||
|
|
||||||
|
<ul>
|
||||||
|
<li><a href="rbmt_admin.php">Gérer les rembourements</a></li>
|
||||||
|
<li><a href="copains.php">Modifier les copains</a></li>
|
||||||
|
<li><a href="modif_annonce.php">Modifier l'annonce d'accueil</a></li>
|
||||||
|
<li><a href="connexion.php?deco=1">Déconnexion</a></li>
|
||||||
|
</ul>
|
||||||
|
<?php } ?>
|
||||||
|
|
||||||
|
</div>
|
||||||
|
<div id="quick_summary">
|
||||||
|
<h2>Qui doit quoi ?</h2>
|
||||||
|
<p>Lire <em>ligne</em> doit <em>case</em>€ à <em>colonne</em>. Les liens permettent de confirmer le paiement des dettes.</p>
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<th>Doit\À</th>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</div>
|
||||||
|
<div id="detailed_summary">
|
||||||
|
<h2>Dépenses détaillées du mois actuel</h2>
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<th>Date</th>
|
||||||
|
<th>Payé par</th>
|
||||||
|
<th>Participants</th>
|
||||||
|
<th>Montant</th>
|
||||||
|
<th>Menu</th>
|
||||||
|
<th>Modifier</th>
|
||||||
|
<th>Supprimer</th>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
</div>
|
9
tpl/connexion.html
Normal file
9
tpl/connexion.html
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
{include="header"}
|
||||||
|
|
||||||
|
<h1>{$instance_title} - Connexion</h1>
|
||||||
|
|
||||||
|
<form method="post" action="index.php?do=connect">
|
||||||
|
<p><label for="login">Username : </label><input type="text" name="login" id="login"/></p>
|
||||||
|
<p><label for="password">Password : </label><input type="password" name="password" id="password"/></p>
|
||||||
|
<p><input type="submit" value="Connect"/></p>
|
||||||
|
</form>
|
@ -2,7 +2,7 @@
|
|||||||
<html lang="fr">
|
<html lang="fr">
|
||||||
<head>
|
<head>
|
||||||
<meta charset="utf-8">
|
<meta charset="utf-8">
|
||||||
<title>Bouffe@Ulm</title>
|
<title>{$instance_title}</title>
|
||||||
<link rel="stylesheet" media="screen" type="text/css" href="misc/style.css" />
|
<link rel="stylesheet" media="screen" type="text/css" href="misc/style.css" />
|
||||||
<link rel="icon" href="favicon.ico" />
|
<link rel="icon" href="favicon.ico" />
|
||||||
</head>
|
</head>
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{include="header"}
|
{include="header"}
|
||||||
|
|
||||||
<h1>{$title}</h1>
|
<h1>{$instance_title}</h1>
|
||||||
|
|
||||||
{$notice}
|
{$notice}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user