leo
/
kabano
1
0
Fork 0
Code Issues Pull Requests Releases Activity

First pass to add new user SQL model

This commit is contained in:
Léo Serre 2018-09-03 22:46:26 +02:00
parent 52f82cfe78
commit 228cacb664
6 changed files with 92 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
controllers/d.users.php
View File

@ -12,11 +12,10 @@ if(isset($controller->splitted_url[1])) {
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
// PROCESS DATA FROM FORM // PROCESS DATA FROM FORM
$user = new User(); $user = new User();
$user->login($_POST['login'], $_POST['password']);
if($user->id != 0) { if($user->login($_POST['login'], $_POST['password'])) {
// SUCESSFULL LOGIN // SUCESSFULL LOGIN
$_SESSION['userid'] = $user->id; $_SESSION['userid'] = $user->get_id();
header('Location: '.$_SERVER['HTTP_REFERER']); header('Location: '.$_SERVER['HTTP_REFERER']);
} }
else { else {

14
controllers/d.wiki.php
View File

@ -6,8 +6,8 @@ $head['css'] = "d.index.css;d.wiki.css";
$wikiPage = new WikiPage(); $wikiPage = new WikiPage();
// Page doesn't exists // Page doesn't exists
if(isset($controller->splitted_url[1]) && !$wikiPage->checkUrl($controller->splitted_url[1],$user->role >= 600) && $controller->splitted_url[1]!="") { if(isset($controller->splitted_url[1]) && !$wikiPage->checkUrl($controller->splitted_url[1],$user->rank_is_higher('premium')) && $controller->splitted_url[1]!="") {
if($user->role >= 800) { if($user->rank_is_higher('moderator')) {
// Create new page // Create new page
if(isset($_POST['submit'])) { if(isset($_POST['submit'])) {
$wikiPage->content = $_POST['content']; $wikiPage->content = $_POST['content'];
@ -27,8 +27,8 @@ if(isset($controller->splitted_url[1]) && !$wikiPage->checkUrl($controller->spli
} }
} }
// Page exists // Page exists
else if(isset($controller->splitted_url[1]) && $wikiPage->checkUrl($controller->splitted_url[1],$user->role >= 600)) { else if(isset($controller->splitted_url[1]) && $wikiPage->checkUrl($controller->splitted_url[1],$user->rank_is_higher('premium'))) {
if (isset($controller->splitted_url[2]) && $controller->splitted_url[2]=="edit" && $user->role >= 800) { if (isset($controller->splitted_url[2]) && $controller->splitted_url[2]=="edit" && $user->rank_is_higher('administrator')) {
// Edit page // Edit page
if(isset($_POST['submit'])) { if(isset($_POST['submit'])) {
$wikiPage->content = $_POST['content']; $wikiPage->content = $_POST['content'];
@ -43,13 +43,13 @@ else if(isset($controller->splitted_url[1]) && $wikiPage->checkUrl($controller->
$head['title'] = $wikiPage->title; $head['title'] = $wikiPage->title;
include ($config['views_folder']."d.wiki.edit.html"); include ($config['views_folder']."d.wiki.edit.html");
} }
} else if (isset($controller->splitted_url[2]) && $controller->splitted_url[2]=="delete" && $user->role >= 800) { } else if (isset($controller->splitted_url[2]) && $controller->splitted_url[2]=="delete" && $user->rank_is_higher('moderator')) {
// Delete page // Delete page
$wikiPage->delete(); $wikiPage->delete();
header('Location: '.$config['rel_root_folder']."wiki/".$wikiPage->url); header('Location: '.$config['rel_root_folder']."wiki/".$wikiPage->url);
} else { } else {
// Display page // Display page
if($user->role >= 600) { if($user->rank_is_higher('premium')) {
$wikiHistory = new WikiPages(); $wikiHistory = new WikiPages();
$wikiHistory->getHistory($controller->splitted_url[1]); $wikiHistory->getHistory($controller->splitted_url[1]);
@ -62,7 +62,7 @@ else if(isset($controller->splitted_url[1]) && $wikiPage->checkUrl($controller->
} }
} }
if (isset($controller->splitted_url[2]) && is_numeric($controller->splitted_url[2])) if (isset($controller->splitted_url[2]) && is_numeric($controller->splitted_url[2]))
$wikiPage->checkUrl($controller->splitted_url[1],$user->role>=600, $controller->splitted_url[2]); $wikiPage->checkUrl($controller->splitted_url[1], $user->rank_is_higher('premium'), $controller->splitted_url[2]);
$wikiPage->md2html(); $wikiPage->md2html();
$head['title'] = $wikiPage->title; $head['title'] = $wikiPage->title;

4
includes/session.php
View File

@ -6,11 +6,11 @@ ini_set("session.cookie_lifetime",60*60*24*30);
session_start(); session_start();
$user = new User(); $user = new User();
$user->role == 0; // All users are visitors $user->rank == 'visitor'; // All users are visitors
if(isset($_SESSION['userid'])) { if(isset($_SESSION['userid'])) {
$user->checkID($_SESSION['userid']); $user->checkID($_SESSION['userid']);
if ($user->id != 0) { if ($user->get_id() != 0) {
$user->updateLoginDate(); $user->updateLoginDate();
$user->populate(); $user->populate();
setlocale(LC_ALL, $config['locales'][$user->locale][4]); setlocale(LC_ALL, $config['locales'][$user->locale][4]);

116
models/d.users.php
View File

@ -10,16 +10,19 @@
class User class User
{ {
public $id = 0; private $id = 0;
public $name = NULL; public $name = NULL;
public $avatar = NULL; private $version = NULL;
public $locale = NULL; public $email = NULL;
public $role = NULL; private $password = NULL;
public $lastlogin = NULL; public $website = NULL;
public $mail = NULL; private $is_avatar_present = NULL;
public $website = NULL; private $is_archive = NULL;
public $password = NULL; public $rank = NULL;
public $registered = NULL; private $locale = NULL;
private $timezone = NULL;
private $visit_date = NULL;
private $register_date = NULL;
/***** /*****
** Connect to correct account using ID and stores its ID ** Connect to correct account using ID and stores its ID
@ -30,7 +33,7 @@ class User
$con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass']) $con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass'])
or die ("Could not connect to server\n"); or die ("Could not connect to server\n");
$query = "SELECT id FROM users WHERE id=$1"; $query = "SELECT * FROM users WHERE id=$1";
pg_prepare($con, "prepare1", $query) pg_prepare($con, "prepare1", $query)
or die ("Cannot prepare statement\n"); or die ("Cannot prepare statement\n");
@ -40,13 +43,15 @@ class User
pg_close($con); pg_close($con);
if(pg_num_rows($result) == 1) { if(pg_num_rows($result) == 1) {
$this->id = $id; $row = pg_fetch_assoc($result);
$this->populate($row);
return 1; return 1;
} }
else { else {
return 0; return 0;
} }
} }
/***** /*****
** Connect to correct account using user/pass and stores its ID ** Connect to correct account using user/pass and stores its ID
*****/ *****/
@ -56,7 +61,7 @@ class User
$con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass']) $con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass'])
or die ("Could not connect to server\n"); or die ("Could not connect to server\n");
$query = "SELECT id FROM users WHERE name=$1 AND password=$2"; $query = "SELECT * FROM users WHERE name=$1 AND password=$2";
pg_prepare($con, "prepare1", $query) pg_prepare($con, "prepare1", $query)
or die ("Cannot prepare statement\n"); or die ("Cannot prepare statement\n");
@ -66,44 +71,73 @@ class User
pg_close($con); pg_close($con);
if(pg_num_rows($result) == 1) { if(pg_num_rows($result) == 1) {
$user = pg_fetch_assoc($result); $row = pg_fetch_assoc($result);
$this->id = $user['id']; $this->populate($row);
return 1;
} }
} }
/***** /*****
** Populate the object using its ID ** Populate the object using raw data from SQL
*****/ *****/
public function populate() { private function populate($row) {
global $config; $this->name = $row['name'];
$this->version = $row['version'];
if($this->id != 0) { $this->email = $row['email'];
$con = pg_connect("host=".$config['SQL_host']." dbname=".$config['SQL_db']." user=".$config['SQL_user']." password=".$config['SQL_pass']) $this->password = $row['password'];
or die ("Could not connect to server\n"); $this->website = $row['website'];
$this->is_avatar_present = $row['is_avatar_present'];
$this->is_archive = $row['is_archive'];
$this->rank = $row['rank'];
$this->locale = $row['locale'];
$this->timezone = $row['timezone'];
$this->visit_date = $row['visit_date'];
$this->register_date = $row['register_date'];
}
$query = "SELECT * FROM users WHERE id=$1"; /*****
** Populate the object using raw data from SQL
*****/
public function get_id() {
return $this->id;
}
pg_prepare($con, "prepare1", $query) public function rank_is_higher($rank) {
or die ("Cannot prepare statement\n"); if( $rank == 'blocked' ) {
$result = pg_execute($con, "prepare1", array($this->id)) return true;
or die ("Cannot execute statement\n"); }
else if( $rank == 'visitor' ) {
pg_close($con); if( $this->rank == 'blocked' )
return false;
$user = pg_fetch_assoc($result); else
return true;
$this->name = $user['name']; }
$this->avatar = $user['avatar']; else if( $rank == 'registered' ) {
$this->locale = $user['locale']; if( $this->rank == 'blocked' || $this->rank == 'visitor' )
$this->role = $user['role']; return false;
$this->lastlogin = $user['lastlogin']; else
$this->mail = $user['mail']; return true;
$this->website = $user['website']; }
$this->registered = $user['registered']; else if( $rank == 'premium' ) {
if( $this->rank == 'premium' || $this->rank == 'moderator' || $this->rank == 'administrator' )
return true;
else
return false;
}
else if( $rank == 'moderator' ) {
if( $this->rank == 'moderator' || $this->rank == 'administrator' )
return true;
else
return false;
} }
else { else {
die("Cannot populate an User without ID"); if( $this->rank == 'administrator' )
return true;
else
return false;
} }
} }
/***** /*****
** Checks if the user's name is available or not ** Checks if the user's name is available or not
*****/ *****/

4
views/blocks/d.nav.html
View File

@ -18,7 +18,7 @@
<a class="on-bar" href="#"><i class="icon fa fa-user"></i></a> <a class="on-bar" href="#"><i class="icon fa fa-user"></i></a>
<? } ?> <? } ?>
<ul> <ul>
<? if($user->role == 0) { ?> <? if($user->rank == 'visitor') { ?>
<li id="connectform"> <li id="connectform">
<form action="<?=$config['rel_root_folder']?>user/login" method="post"> <form action="<?=$config['rel_root_folder']?>user/login" method="post">
<input type="text" name="login" placeholder="Nom d'utilisateur"> <input type="text" name="login" placeholder="Nom d'utilisateur">
@ -30,7 +30,7 @@
<? } else { ?> <? } else { ?>
<li><a href="<?=$config['rel_root_folder']?>user/p">Mon profil</a></li> <li><a href="<?=$config['rel_root_folder']?>user/p">Mon profil</a></li>
<li><a href="<?=$config['rel_root_folder']?>user/member_list">Liste des membres</a></li> <li><a href="<?=$config['rel_root_folder']?>user/member_list">Liste des membres</a></li>
<? if($user->role >= 800) { ?> <? if($user->rank_is_higher('moderator')) { ?>
<li><a href="<?=$config['rel_root_folder']?>admin">Administration</a></li> <li><a href="<?=$config['rel_root_folder']?>admin">Administration</a></li>
<? } ?> <? } ?>
<li><a href="<?=$config['rel_root_folder']?>user/logout">Se déconnecter</a></li> <li><a href="<?=$config['rel_root_folder']?>user/logout">Se déconnecter</a></li>

8
views/d.wiki.view.html
View File

@ -9,7 +9,7 @@
<section id="wiki_page" <?=!$wikiPage->is_archive()?'class="archive"':''?>> <section id="wiki_page" <?=!$wikiPage->is_archive()?'class="archive"':''?>>
<h1><?=$wikiPage->name?>.</h1> <h1><?=$wikiPage->name?>.</h1>
<? if($user->role >= 600) { ?> <? if($user->rank_is_higher('premium')) { ?>
<span class="subtitle"> <span class="subtitle">
<? if(isset($wikiHistory_list)) { ?> <? if(isset($wikiHistory_list)) { ?>
<select id="wikihistory"> <select id="wikihistory">
@ -20,10 +20,10 @@
} ?> } ?>
</select> </select>
<? } <? }
if ($user->role >= 800 && isset($wikiHistory_list)) { ?> if ($user->rank_is_higher('moderator') && isset($wikiHistory_list)) { ?>
&mdash; &mdash;
<? } <? }
if ($user->role >= 800) { ?> if ($user->rank_is_higher('moderator')) { ?>
<a href="<?=$config['rel_root_folder']?>wiki/<?=$wikiPage->url?>/edit"><i class="fa fa-pencil"></i> Éditer la page</a> <a href="<?=$config['rel_root_folder']?>wiki/<?=$wikiPage->url?>/edit"><i class="fa fa-pencil"></i> Éditer la page</a>
<? if (!$wikiPage->is_archive()) { ?> <? if (!$wikiPage->is_archive()) { ?>
&mdash; &mdash;
@ -42,7 +42,7 @@
<div style="clear: both;"> </div> <div style="clear: both;"> </div>
</section> </section>
<? if($user->role >= 600) { ?> <? if($user->rank_is_higher('premium')) { ?>
<script type="text/javascript"> <script type="text/javascript">
$( "#wikihistory" ).change(function() { $( "#wikihistory" ).change(function() {
window.location.href = "<?=$config['rel_root_folder']?>wiki/<?=$wikiPage->url?>/"+$( this ).val(); window.location.href = "<?=$config['rel_root_folder']?>wiki/<?=$wikiPage->url?>/"+$( this ).val();