phangoapp/simplephango
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity

Added admin module

Browse source
This commit is contained in:
absurdo 2023-07-03 01:11:10 +02:00
parent 22b90ea1f6
commit fd88fff9d2
90 changed files with 13954 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

177
modules/admin/controllers/app.php Normal file
View file

@ -0,0 +1,177 @@
<?php
use PhangoApp\PhaView\View;
use PhangoApp\PDO\MySQL;
//use PhangoApp\PhaModels\Webmodel;
include('./modules/admin/libraries/login.php');
function controller($switch='') {
session_start();
switch($switch) {
default:
if(PhangoModule\Admin\login()) {
}
else {
header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin', 'app', 'login'));
}
break;
case 'login':
$conn=MySQL::get_pdo_connection();
$sth=$conn->query('SELECT count(*) as num_items from useradmin');
$count=$sth->fetch()[0];
if($count==0) {
header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin', 'app', 'register'));
}
echo View::load_view(['login' => 1], 'login');
break;
case 'login_check':
$conn=MySQL::get_pdo_connection();
$data=['error' => 1];
$username=$_POST['username'];
$password=$_POST['password'];
$sth=$conn->prepare('SELECT id, password from useradmin where username=?');
$sth->execute([$username]);
$rows=$sth->fetchAll();
if(count($rows)>0) {
$password_hash=$rows[0]['password'];
if(password_verify($password, $password_hash)) {
$data['error']=0;
$_SESSION['phango_login']=1;
}
}
header('Content-Type: application/json; charset=utf-8');
return json_encode($data);
break;
case 'register':
$conn=MySQL::get_pdo_connection();
$sth=$conn->query('SELECT count(*) as num_items from useradmin');
$count=$sth->fetch()[0];
if($count==0) {
echo View::load_view(['login' => 0], 'login');
}
break;
case 'signup_check':
$data=['error' => 0];
$arr_data=['username', 'email', 'password', 'repeat_password'];
foreach($arr_data as $v) {
settype($_POST[$v], 'string');
}
//$username=$_POST['username'];
//^[A-Za-z0-9_-]+$
$username=trim($_POST['username']);
if(!preg_match('/^[A-Za-z0-9_-]+$/', $username)) {
$data['error']=1;
$data['username']=_("Error: empty value");
}
$email=filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
if(!$email) {
$data['error']=1;
$data['email']=_("Error: email is not valid");
}
$password=trim($_POST['password']);
$repeat_password=trim($_POST['repeat_password']);
if($password=='') {
$data['error']=1;
$data['password']=_("Error: password empty");
}
else {
if($password!=$repeat_password) {
$data['error']=1;
$data['password']=_("Error: password not equal");
}
}
if($data['error']==0) {
$password=password_hash($password, PASSWORD_DEFAULT);
$conn=MySQL::get_pdo_connection();
if(!$conn->prepare('INSERT into useradmin (`username`, `password`, `email`) VALUES (?, ?, ?)')->execute([$username, $password, $email])) {
$data['error']=1;
$data['username']=_("Error: cannot insert the new user in database, check your database connection");
}
//$sth->execute([$username, $password, $email]);
}
header('Content-Type: application/json; charset=utf-8');
return json_encode($data);
break;
}
}