334 lines
10 KiB
PHP
334 lines
10 KiB
PHP
<?php
|
|
|
|
namespace Controllers;
|
|
|
|
use Models\UserModel;
|
|
use Models\ProjectModel;
|
|
|
|
use Entities\User;
|
|
use Entities\Project;
|
|
|
|
/**
|
|
* Le controller de la page d'aide utilisateur
|
|
* @author Guillaume & Besnik & Yasser
|
|
*/
|
|
|
|
class UserCtrl extends MotherCtrl {
|
|
/**
|
|
* Page Login
|
|
*/
|
|
public function login(){
|
|
|
|
$strMail = $_POST['user_mail']??"";
|
|
$strPwd = $_POST['user_password']??"";
|
|
|
|
$arrError = [];
|
|
if (count($_POST) > 0) {
|
|
if ($strMail == ""){
|
|
$arrError['mail'] = "Le mail est obligatoire";
|
|
}
|
|
if ($strPwd == ""){
|
|
$arrError['pwd'] = "Le mot de passe est obligatoire";
|
|
}
|
|
|
|
if (count($arrError) == 0){
|
|
$objUserModel = new UserModel;
|
|
$arrResult = $objUserModel->verifUser($strMail, $strPwd);
|
|
if ($arrResult === false){
|
|
$arrError[] = "Mail ou mot de passe invalide";
|
|
}else{
|
|
$_SESSION['user'] = $arrResult;
|
|
$_SESSION['success'] = "Bienvenue, vous êtes bien connecté";
|
|
if (isset($_POST['remember_me'])) {
|
|
|
|
$token = bin2hex(random_bytes(32));
|
|
$token_hash = hash('sha256', $token);
|
|
$objUserModel->remember($_SESSION['user']['user_id'],$token_hash);
|
|
|
|
setcookie('remember_me', $token, time() + (15*24*60*60), "/", "", true, true);
|
|
|
|
}
|
|
header("Location:".$_ENV['BASE_URL']);
|
|
exit;
|
|
}
|
|
}
|
|
}
|
|
$this->_arrData['arrError'] = $arrError;
|
|
$this->_display("login");
|
|
|
|
}
|
|
|
|
/**
|
|
* Fonction pour ce déconnecter
|
|
*/
|
|
public function logout(){
|
|
|
|
if (isset($_COOKIE['remember_me'])) {
|
|
$hash = hash('sha256', $_COOKIE['remember_me']);
|
|
|
|
$objUserModel = new UserModel;
|
|
$objUserModel->deleteToken($hash);
|
|
|
|
setcookie('remember_me', '', time() - 3600, "/");
|
|
}
|
|
unset($_SESSION['user']);
|
|
|
|
$_SESSION['success'] = "Vous êtes bien déconnecté";
|
|
|
|
header("Location:".$_ENV['BASE_URL']);
|
|
exit;
|
|
|
|
}
|
|
/**
|
|
* Fonction d'inscription d'un utilisateur
|
|
* Effectue les validations du formulaire,
|
|
* vérifie l'unicité du mail et du pseudo, puis insère l'utilisateur en base de données
|
|
* @return void
|
|
*/
|
|
public function signup(){
|
|
|
|
$objUser = new User();
|
|
$strPwdConfirm = $_POST['pwd_confirm'] ?? "";
|
|
|
|
$objUser->hydrate($_POST);
|
|
|
|
$arrError = [];
|
|
|
|
if (!empty($_POST)) {
|
|
|
|
$arrError = array_merge($this->_verifInfos($objUser),
|
|
$this->_verifPwd($objUser, $strPwdConfirm));
|
|
|
|
if (count($arrError) === 0) {
|
|
$objUserModel = new UserModel();
|
|
if ($objUserModel->mailExists($objUser->getMail())) {
|
|
$arrError['user_mail'] = "Impossible de créer le compte avec ces informations";
|
|
}
|
|
if ($objUserModel->pseudoExists($objUser->getPseudo())) {
|
|
$arrError['user_pseudo'] = "Ce pseudo existe déjà";
|
|
}
|
|
if (count($arrError) === 0) {
|
|
$boolInsert = $objUserModel->insert($objUser);
|
|
|
|
if ($boolInsert === true) {
|
|
$_SESSION['success'] = "Compte créé avec succès";
|
|
header("Location:".$_ENV['BASE_URL']."/user/login");
|
|
exit;
|
|
} else {
|
|
$arrError['global'] = "Erreur lors de l'ajout";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$this->_arrData['objUser'] = $objUser;
|
|
$this->_arrData['arrError'] = $arrError;
|
|
$this->_display("signup");
|
|
}
|
|
|
|
|
|
protected function _verifInfos(User $objUser): array {
|
|
|
|
$arrError = [];
|
|
|
|
if (trim($objUser->getName()) === "") {
|
|
$arrError['user_name'] = "Le nom est obligatoire";
|
|
}
|
|
|
|
if (trim($objUser->getFirstname()) === "") {
|
|
$arrError['user_firstname'] = "Le prénom est obligatoire";
|
|
}
|
|
|
|
if (trim($objUser->getMail()) === "") {
|
|
$arrError['user_mail'] = "L'adresse e-mail est obligatoire";
|
|
} elseif (!filter_var($objUser->getMail(), FILTER_VALIDATE_EMAIL)) {
|
|
$arrError['user_mail'] = "Le format de l'adresse e-mail est invalide";
|
|
}
|
|
|
|
if (trim($objUser->getPseudo()) === "") {
|
|
$arrError['user_pseudo'] = "Le pseudo est obligatoire";
|
|
}
|
|
|
|
return $arrError;
|
|
}
|
|
|
|
|
|
/**
|
|
* Vérification du mot de passe
|
|
*/
|
|
protected function _verifPwd(User $objUser, string $strPwdConfirm): array {
|
|
|
|
$arrError = [];
|
|
|
|
$strRegex = "/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{15,}$/";
|
|
|
|
if ($objUser->getPwd() == ""){
|
|
$arrError['user_password'] = "Le mot de passe est obligatoire";
|
|
}
|
|
else if (!preg_match($strRegex, $objUser->getPwd())){
|
|
$arrError['user_password'] = "Le mot de passe ne respecte pas les critères";
|
|
}
|
|
else if ($objUser->getPwd() != $strPwdConfirm){
|
|
$arrError['pwd_confirm'] = "La confirmation du mot de passe ne correspond pas";
|
|
}
|
|
|
|
return $arrError;
|
|
}
|
|
|
|
|
|
/**
|
|
* le controlleur affichage de la page user
|
|
*/
|
|
public function user(){
|
|
|
|
$strPseudo = $_GET['pseudo']??'';
|
|
|
|
$objUserModel = new UserModel;
|
|
$arrUserData = $objUserModel->findUserByPseudo($strPseudo);
|
|
|
|
if ($arrUserData === false) {
|
|
header("Location: ".$_ENV['BASE_URL']);
|
|
exit;
|
|
}
|
|
|
|
$objUser = new User;
|
|
$objUser->hydrate($arrUserData);
|
|
$objProjectModel = new ProjectModel;
|
|
$arrProjects = $objProjectModel->findAll(0,'',$objUser->getId());
|
|
|
|
$arrProjectToDisplay = array();
|
|
foreach($arrProjects as $projectData) {
|
|
$objProject = new Project();
|
|
$objProject->hydrate($projectData);
|
|
$arrProjectToDisplay[] = $objProject;
|
|
}
|
|
|
|
$this->_arrData['user'] = $objUser;
|
|
$this->_arrData['arrProjectToDisplay'] = $arrProjectToDisplay;
|
|
$this->_display("user");
|
|
}
|
|
|
|
/**
|
|
* le controlleur de la modification d'un user
|
|
*/
|
|
public function edit(){
|
|
if(!isset($_SESSION['user'])){
|
|
header("Location: ".$_ENV['BASE_URL']);
|
|
exit;
|
|
}
|
|
$objUserModel = new UserModel;
|
|
$arrError = [];
|
|
$objUser = new User;
|
|
$arrUserData = $objUserModel->findUserById($_SESSION['user']['user_id']);
|
|
$objUser->hydrate($arrUserData);
|
|
if (!empty($_POST)) {
|
|
if ($objUserModel->mailExists($_POST['user_mail']) && ($_POST['user_mail'] != $objUser->getMail())) {
|
|
|
|
$arrError['user_mail'] = "Ce mail est déjà associé";
|
|
} else {
|
|
if ($objUserModel->pseudoExists($_POST['user_pseudo']) && ($_POST['user_pseudo'] != $objUser->getPseudo())){
|
|
$arrError['user_pseudo'] = "Ce pseudo est déjà utiliser";
|
|
}else{
|
|
$objUser->hydrate($_POST);
|
|
$objUser->setId($_SESSION['user']['user_id']);
|
|
|
|
$arrTypeAllowed = array('image/jpeg', 'image/png', 'image/webp');
|
|
$boolImageOk = true;
|
|
|
|
if ($_FILES['image']['error'] != 4) {
|
|
if (!in_array($_FILES['image']['type'], $arrTypeAllowed)) {
|
|
$arrError['image'] = "Le type de fichier n'est pas autorisé";
|
|
} else {
|
|
switch ($_FILES['image']['error']) {
|
|
case 0:
|
|
$strImageName = uniqid() . ".webp";
|
|
$strOldImg = $objUser->getImage();
|
|
$objUser->setImage($strImageName);
|
|
break;
|
|
case 1:
|
|
case 2:
|
|
$arrError['image'] = "Le fichier est trop volumineux";
|
|
break;
|
|
case 3:
|
|
$arrError['image'] = "Le fichier a été partiellement téléchargé";
|
|
break;
|
|
case 6:
|
|
$arrError['image'] = "Le répertoire temporaire est manquant";
|
|
break;
|
|
default:
|
|
$arrError['image'] = "Erreur sur l'image";
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
if (count($arrError) == 0 && isset($strImageName)) {
|
|
$strDest = $_ENV['IMG_USER_PATH'] . $strImageName;
|
|
$strSource = $_FILES['image']['tmp_name'];
|
|
list($intWidth, $intHeight) = getimagesize($strSource);
|
|
|
|
$intDestWidth = 200; $intDestHeight = 200;
|
|
$fltDestRatio = $intDestWidth / $intDestHeight;
|
|
$fltSourceRatio = $intWidth / $intHeight;
|
|
|
|
if ($fltSourceRatio > $fltDestRatio) {
|
|
$intCropHeight = $intHeight;
|
|
$intCropWidth = (int)round($intHeight * $fltDestRatio);
|
|
$intCropX = (int)(($intWidth - $intCropWidth) / 2);
|
|
$intCropY = 0;
|
|
} else {
|
|
$intCropWidth = $intWidth;
|
|
$intCropHeight = (int)round($intWidth / $fltDestRatio);
|
|
$intCropX = 0;
|
|
$intCropY = (int)(($intHeight - $intCropHeight) / 2);
|
|
}
|
|
|
|
$objDest = imagecreatetruecolor($intDestWidth, $intDestHeight);
|
|
switch ($_FILES['image']['type']) {
|
|
case 'image/jpeg': $objSource = imagecreatefromjpeg($strSource); break;
|
|
case 'image/png': $objSource = imagecreatefrompng($strSource); break;
|
|
case 'image/webp': $objSource = imagecreatefromwebp($strSource); break;
|
|
}
|
|
|
|
imagecopyresampled($objDest, $objSource, 0, 0, $intCropX, $intCropY, $intDestWidth, $intDestHeight, $intCropWidth, $intCropHeight);
|
|
$boolImageOk = imagewebp($objDest, $strDest);
|
|
imagedestroy($objDest);
|
|
imagedestroy($objSource);
|
|
}
|
|
|
|
|
|
if ($_POST['delete_image'] === '1') {
|
|
$strOldImg = $objUser->getImage();
|
|
if (!empty($strOldImg) && $strOldImg !== 'images.jpg') {
|
|
$strOldFile = $_ENV['IMG_USER_PATH'] . $strOldImg;
|
|
if (file_exists($strOldFile)) unlink($strOldFile);
|
|
}
|
|
$objUser->setImage('images.jpg');
|
|
}
|
|
$boolInsert = $objUserModel->update($objUser);
|
|
|
|
if ($boolInsert === true) {
|
|
if (isset($strOldImg) && !empty($strOldImg) && $strOldImg !== 'images.jpg' && isset($strImageName)) {
|
|
$strOldFile = $_ENV['IMG_USER_PATH'] . $strOldImg;
|
|
if (file_exists($strOldFile)) unlink($strOldFile);
|
|
}
|
|
$arrNewInfo = $objUserModel->findUserByPseudo($objUser->getPseudo());
|
|
$_SESSION['user'] = $arrNewInfo;
|
|
$_SESSION['success'] = "Compte modifier avec succès";
|
|
header('Location:'.$_ENV['BASE_URL'].'/user/user/'.$objUser->getPseudo());
|
|
exit;
|
|
} else {
|
|
$arrError['global'] = "Erreur lors de l'update";
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$this->_arrData["arrError"] = $arrError;
|
|
$this->_arrData['objUser'] = $objUser;
|
|
$this->_display("useredit");
|
|
|
|
}
|
|
|
|
}
|