185 lines
6.5 KiB
PHP
185 lines
6.5 KiB
PHP
<?php
|
|
|
|
//use PhangoApp\PhaView\View;
|
|
use PhangoApp\WPDO\WPDO;
|
|
use PhangoApp\PhaRouter\Url;
|
|
//use PhangoApp\PhaModels\Webmodel;
|
|
|
|
//include('./modules/admin/libraries/login.php');
|
|
|
|
include('modules/admin/libraries/tplcontroller.php');
|
|
|
|
class AppController extends TplController{
|
|
|
|
public function app($op='') {
|
|
|
|
switch($op) {
|
|
|
|
default:
|
|
|
|
if($this->check_login()) {
|
|
|
|
//Default admin page.
|
|
|
|
}
|
|
else {
|
|
|
|
header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin', 'app', ['login']));
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case 'login':
|
|
|
|
$this->db->connect();
|
|
|
|
$c_user=$this->db->select_count('useradmin', '', []);
|
|
|
|
if(!$c_user) {
|
|
|
|
header('Location: '.Url::make_url('admin', 'app', ['signup']));
|
|
|
|
}
|
|
else {
|
|
|
|
if($_SERVER['REQUEST_METHOD']=='POST') {
|
|
|
|
$username=trim($_POST['username']);
|
|
$password=trim($_POST['password']);
|
|
|
|
$error=1;
|
|
|
|
$error_form=['username_error' => ''];
|
|
|
|
if($username=='') {
|
|
|
|
$error_form['username_error']=_('Username empty');
|
|
|
|
}
|
|
|
|
$arr_user=$this->db->select_a_row('useradmin', [], 'WHERE username=?', [$username]);
|
|
|
|
if($arr_user) {
|
|
|
|
if(password_verify($password, $arr_user['password'])) {
|
|
|
|
$error=0;
|
|
|
|
$_SESSION['admin_login']=1;
|
|
|
|
}
|
|
else {
|
|
|
|
$error_form['username_error']=_('Wrong user or password');
|
|
|
|
}
|
|
|
|
}
|
|
else {
|
|
|
|
$error_form['username_error']=_('Wrong user or password');
|
|
|
|
}
|
|
|
|
echo $this->json(['error' => $error, 'error_form' => $error_form, 'message' => '']);
|
|
|
|
}
|
|
else {
|
|
|
|
echo $this->tpl->load_template('login', ['title' => 'Login']);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case 'signup':
|
|
|
|
$this->db->connect();
|
|
|
|
$c_user=$this->db->select_count('useradmin', '', []);
|
|
|
|
if(!$c_user) {
|
|
|
|
if($_SERVER['REQUEST_METHOD']=='POST') {
|
|
|
|
$error=0;
|
|
|
|
$error_form=[];
|
|
|
|
$arr_data=['username', 'email', 'password', 'repeat_password'];
|
|
|
|
foreach($arr_data as $v) {
|
|
|
|
settype($_POST[$v], 'string');
|
|
|
|
}
|
|
|
|
$username=trim($_POST['username']);
|
|
|
|
if(!preg_match('/^[A-Za-z0-9_-]+$/', $username) || $username=='') {
|
|
|
|
$error=1;
|
|
$error_form['username_error']=_("Error: empty value");
|
|
|
|
}
|
|
|
|
$email=filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
|
|
|
|
if(!$email) {
|
|
|
|
$error=1;
|
|
$error_form['email_error']=_("Error: email is not valid");
|
|
|
|
|
|
}
|
|
|
|
$password=trim($_POST['password']);
|
|
$repeat_password=trim($_POST['repeat_password']);
|
|
|
|
if($password=='') {
|
|
|
|
$error=1;
|
|
$error_form['password_error']=_("Error: password empty");
|
|
|
|
}
|
|
else {
|
|
|
|
if($password!=$repeat_password) {
|
|
|
|
$error=1;
|
|
$error_form['password_error']=_("Error: password not equal");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if(!$error) {
|
|
|
|
if(!$this->db->insert('useradmin', ['username' => $username, 'password' => password_hash($password, PASSWORD_DEFAULT), 'email' => $email])) {
|
|
|
|
$error=1;
|
|
|
|
$error_form['username_error']=_("Error: cannot create the user, please contact with the administrator");
|
|
}
|
|
|
|
}
|
|
|
|
echo $this->json(['error' => $error, 'error_form' => $error_form, 'message' => '']);
|
|
|
|
}
|
|
else {
|
|
|
|
echo $this->tpl->load_template('signup', ['title' => 'Signup']);
|
|
|
|
}
|
|
}
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
}
|