hanze/iwa-panda2

Controller/login/login_post.php in datatowebsite
Repositories | Summary | Log | Files | README.md

login_post.php (2386B) download

 1<?php
 2const login = "email";
 3const pwd = "password";
 4class Login_handler
 5{
 6    function login():bool{
 7        $post_arr = Utils::post_to_array();
 8        $missing_fields = Utils::missing_fields($post_arr , [login, pwd]);
 9  
10        if(sizeof($missing_fields) == 0){
11            return ($this->authenticate($post_arr));
12        }else{
13            return false;
14        }
15        
16    }  
17    function authenticate(array $post) : bool
18    //this function return true when user is autheticated uses set_globals to set $_SESSION variables
19    {
20        //create a SQLDatabase class
21        $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
22        //create a Database object class, with the table User
23        $u = $db->get(Model\User::class);
24        
25        //check if the email exists in db
26        if(!$u->load($post[login])){
27            //email does not exist
28            return false;
29        }else{
30            if(password_verify($post[pwd], $u->{pwd})){
31                //authenticated -> set $_SESSION variables
32                $this->set_globals($u, $db);             
33                return true;
34            } else {
35                //password did not match
36                return false;
37            }
38        }
39    }
40     
41    private function set_globals(Lollipop\DatabaseObject $u, Lollipop\SQLDatabase $db)
42    //this function sets Session variables which incluse
43    //email, first_name, last_name and array user_permissions
44    {
45        //start session and set
46        session_start();
47        $u->load($u->get_primary());
48
49        foreach($u->getData() as $key => $data){
50            if($key != pwd){
51                $_SESSION[$key] = $data;
52            }
53        }
54        //get permissions form db and set sessions_permissions
55        $p = $db->all_where(Model\Permission_user::class, [login => $u->{login}]);
56        $user_permissions = [];
57        foreach($p as $permission){
58            $user_permissions[] = $permission->id_permission;
59        }
60        $_SESSION['user_permissions'] = $user_permissions;
61        
62    }
63}
64function login_handler(){
65  $templater = new Lollipop\Template();
66  $login = new Login_handler();
67
68  if( $login->login()){
69    header("Location: dashboard");
70    exit();
71  }else{
72    echo $templater->template("views/login.html", ["msg" => "<p style=\"color:red;\">Incorrect username or password.</p>"]);
73  }
74}
75?>