/controller/user.php
PHP | 192 lines | 154 code | 34 blank | 4 comment | 29 complexity | 3a062d40c83075afbf8877df9d847b10 MD5 | raw file
Possible License(s): GPL-3.0
- <?php
- class user{
-
- function beforeRoute(){
- //Check Authentication
- if (!F3::get('SESSION.user') && F3::get('PARAMS[0]')!='/user/login' && F3::get('PARAMS[0]')!='/user/forgot'){
- F3::reroute('/user/login');
- }
-
- if(F3::get('SESSION.user') && F3::get('PARAMS[0]')!='/user/login' && F3::get('PARAMS[0]')!='/user/forgot'){
- $user = new Axon('user');
- $user->load('id="'.F3::get('SESSION.user').'"');
-
- if($user->active != 1){
- $this->logout();
- }
- }
- }
-
- public function home(){
- F3::set('menu','home');
- F3::set('header','html/user/header.html');
- F3::set('content','html/user/home.html');
- F3::set('footer','html/user/footer.html');
- F3::set('js','js/user/home.js');
- F3::set('html_title','User Home Page');
-
- $stores = new Axon('store');
- $astores = $stores->afind('active=1 AND site_id="'.F3::get('SESSION.site').'"');
- F3::set('stores', $astores);
-
- if(F3::get('PARAMS["store_id"]')){
- $my_store = new Axon('store');
- $my_store->load('id="'.F3::get('PARAMS["store_id"]').'" AND site_id="'.F3::get('SESSION.site').'"');
- if($my_store->dry() || $my_store->active!=1){
- F3::reroute('/user');
- }else{
- F3::set('store', $my_store);
-
- $window = new Axon('window');
- F3::set('windows', $window->afind('store_id="'.F3::get('PARAMS["store_id"]').'" AND type="window" AND active="1"'));
-
- $view = new Axon('window');
- F3::set('views', $view->afind('store_id="'.F3::get('PARAMS["store_id"]').'" AND type="view" AND active="1"'));
-
- $door = new Axon('door');
- $door->afind('store_id="'.F3::get('PARAMS["store_id"]').'"');
- F3::set('doors', $door->afind('store_id="'.F3::get('PARAMS["store_id"]').'" AND active="1"'));
- }
- }
-
- //Get Thumbnail Function
- F3::set('img_thumb', function($key){
- $path_parts = pathinfo($key);
- return $path_parts['dirname'].'/'.$path_parts['filename'].'_thumb.'.$path_parts['extension'];
- });
-
- echo Template::serve('html/user/layout.html');
- }
-
- public function account(){
- if($_POST){
- $user = new Axon('user');
- $user->load('id="'.F3::get('SESSION.user').'"');
-
- $user->email = $_POST['email'];
- $user->firstname = $_POST['firstname'];
- $user->lastname = $_POST['lastname'];
-
- if($_POST['password']!=''){
- $user->password = sha1($_POST['password']);
- }
-
- $user->save();
- }else{
- $user = new Axon('user');
- $user->load('id="'.F3::get('SESSION.user').'"');
-
- F3::set('user', $user);
-
- F3::set('menu','account');
- F3::set('header','html/user/header.html');
- F3::set('content','html/user/account.html');
- F3::set('footer','html/user/footer.html');
- F3::set('js','js/user/account.js');
- F3::set('html_title','User Account Page');
- echo Template::serve('html/user/layout.html');
- }
- }
-
- public function checkUserEmail(){
- $user = new Axon('user');
- $user->load('email="'.$_POST['email'].'"');
- if($user->dry()){
- echo "true";
- }else{
- if($user->id==$_POST['user_id']){
- echo "true";
- }else{
- echo "false";
- }
- }
- }
-
- public function login(){
- if($_POST){
- $email = $_POST['email'];
- $password = $_POST['password'];
-
- F3::set('AUTH', array('table'=>'user','id'=>'email','pw'=>'password'));
- $auth = Auth::sql($email, sha1($password));
-
- $sites = new Axon('site');
- $sites->load('active="1" AND subdomain="'.F3::get('subdomain').'"');
-
- if ($auth && $auth->active == 1 && ($auth->site_id == $sites->id || $auth->site_id == 0)) {
- F3::set('SESSION.token', $auth->user_token);
- F3::set('SESSION.user', $auth->id);
- F3::set('SESSION.site', $sites->id);
- return;
- } else {
- //User is not authenticated - send error
- header('HTTP/1.1 420 Invalid Login Credentials');
- return;
- }
- }else{
- F3::set('header','html/public/header.html');
- F3::set('content','html/user/login.html');
- F3::set('footer','html/public/footer.html');
- F3::set('js','js/user/login.js');
- F3::set('html_title','User Sign In');
- echo Template::serve('html/layout.html');
- }
- }
-
- public function logout(){
- if (F3::get('SESSION.user')){
- F3::set('SESSION.user', null);
- }
- if (F3::get('SESSION.token')){
- F3::set('SESSION.token', null);
- }
- F3::reroute('/');
- }
-
- public function forgot(){
- if($_POST){
- $email = $_POST['email'];
- $user = new Axon('user');
- $user->load('email="'.$email.'"');
-
- if ($user->email) {
-
- $arr = str_split('abcdefghkABCDEFGHK23456789'); // get all the characters into an array
- shuffle($arr); // randomize the array
- $arr = array_slice($arr, 0, 6); // get the first six (random) characters out
- $tempPw = implode('', $arr); // smush them back into a string
-
- $user->password = sha1($tempPw);
-
- $mail=new SMTP('mail.directedgemedia.com',465,'SSL','jake@directedgemedia.com','myers478');
- $mail->set('from','<support@qcrt.com>');
- $mail->set('reply-to', 'support@qcrt.com');
- $mail->set('x-mailer', 'PHP/' . phpversion());
- $mail->set('to', $admin->email);
- $mail->set('subject','Your Temporary Password');
- $mail->send("Here is your temporary password: ".$tempPw."\n\nPlease log in and update your password.");
-
- $user->save();
- return;
-
- } else {
- //User is not authenticated - send error
- header('HTTP/1.1 420 Email Not Found');
- return;
- }
-
- }else{
- F3::set('header','html/public/header.html');
- F3::set('content','html/user/forgot.html');
- F3::set('footer','html/public/footer.html');
- F3::set('js','js/user/forgot.js');
- F3::set('html_title','Forgot your password?');
- echo Template::serve('html/layout.html');
- }
- }
-
- function afterRoute(){}
- }
- ?>