Skip to content
Snippets Groups Projects
Commit 23fcbeaa authored by SARPCAN ERCAN's avatar SARPCAN ERCAN :hourglass_flowing_sand:
Browse files

fin tp8

parent 98baf4db
No related merge requests found
Hide whitespace changes
Inline Side-by-side
public_html/TP8/TP8/app/Http/Controllers/UserController.php
+ 49
83
View file @ 23fcbeaa
<?php
namespace App\Http\Controllers;
use App\Models\UserEloquent;
use Illuminate\Support\Facades\Hash;
use Illuminate\Database\QueryException;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use App\Models\MyUser;
use Illuminate\Http\Request;
......@@ -82,14 +87,14 @@ class UserController extends Controller
}
else
{
$request->session()->put('message',"Impossible de se connecter : mauvais mot de passe");
$request->session()->put('message',"Wrong password.");
return redirect()->route('signin');
}
}
catch(ModelNotFoundException $e)
{
$request->session()->put('message',"Impossible de se connecter : mauvais login");
$request->session()->put('message',"Wrong login.");
return redirect()->route('signin');
}
}
......@@ -103,7 +108,7 @@ class UserController extends Controller
//Si les mots de passe correspondent pas
if($password !== $confirm)
{
$request->session()->put('message',"Le mot de passe et la confirmation de mdp ne sont pas identique");
$request->session()->put('message',"Please enter the same password.");
return redirect()->route('signup');
}
......@@ -113,13 +118,12 @@ class UserController extends Controller
{
//Création d'un nouvelle User
$user = new UserEloquent();
$user->user = $login;
$user->password = $hash;
$user->password = $hash;
$user->save();
$request->session()->put('message',"Utilisateur créé");
$request->session()->put('message',"User created.");
return redirect()->route('account');
}
catch(QueryException $e)
......@@ -134,89 +138,51 @@ class UserController extends Controller
public function changepassword(Request $request)
{
// 2. On récupère le login dans une variable
$login = $request->session()->get("user");
// 2. On vérifie que les données attendues existent
if (empty($request->input('newpassword')) || empty($request->input('confirmpassword'))) {
// $request->session()->put('message', "Some POST data are missing.");
return redirect()->route("formpassword")->with('message', "Some POST data are missing.");
}
// 3. On sécurise les données reçues
$newpassword = htmlspecialchars($request->input('newpassword'));
$confirmpassword = htmlspecialchars($request->input('confirmpassword'));
// 4. On s'assure que les 2 mots de passes sont identiques
if ($newpassword != $confirmpassword) {
//$request->session()->put('message', "Error: passwords are different.");
return redirect()->route("formpassword")->with('message', "Error: passwords are different.");
}
// 1. On crée l'utilisateur avec les identifiants passés en POST
$user = new MyUser($login);
// 2. On change le mot de passe de l'utilisateur
try {
$user->changePassword($newpassword);
} catch (PDOException $e) {
// Si erreur lors de la création de l'objet PDO
// (déclenchée par MyPDO::pdo())
$request->session()->put('message', $e->getMessage());
return redirect()->route("formpassword")->with('message', $e->getMessage());
} catch (Exception $e) {
// Si erreur durant l'exécution de la requête
// (déclenchée par le throw de $user->changePassword())
$request->session()->put('message', $e->getMessage());
return redirect()->route("formpassword")->with('message', $e->getMessage());
}
// 3. On indique que le mot de passe a bien été modifié
//$request->session()->put('message', "Password successfully updated.");
if($newpassword != $confirmpassword)
{
$request->session()->put('message',"Error: passwords are different.");
return redirect()->route('changepassword');
}
else
{
try
{
$request->session()->get('user')->password = Hash::make($newpassword);
$request->session()->get('user')->save();
$request->session()->put('message',"Password changed.");
return redirect()->route('account');
}
catch (QueryException $e)
{
$request->session()->put('message',$e->getMessage());
return redirect()->route('changepassword');
}
}
return redirect()->route("account")->with('message', "Password successfully updated.");
}
public function deleteuser(Request $request)
{
/******************************************************************************
* Vérification de la session
*/
// 2. On récupère le login dans une variable
$login = $request->session()->get("user");
// 1. On crée l'utilisateur avec les identifiants passés en POST
$user = new MyUser($login);
// 2. On détruit l'utilisateur dans la BDD
try {
$user->delete();
} catch (PDOException $e) {
// Si erreur lors de la création de l'objet PDO
// (déclenchée par MyPDO::pdo())
//$request->session()->put('message', $e->getMessage());
return redirect()->route("account")->with('message', $e->getMessage());
} catch (Exception $e) {
// Si erreur durant l'exécution de la requête
// (déclenchée par le throw de $user->create())
//$request->session()->put('message', $e->getMessage());
return redirect()->route("account")->with('message', $e->getMessage());
}
// 3. On détruit la session
$request->session()->flush();
// 4. On crée une nouvelle session
$request->session()->start();
// 5. On indique que le compte a bien été supprimé
// $request->session()->put('message', "Account successfully deleted.");
// 6. On sollicite une redirect()->routeion vers la page d'accueil
return redirect()->route("signin")->with('message', "Account successfully deleted.");
try
{
// On a stoqué user en session
$request->session()->get('user')->delete();
$request->session()->put('user');
$request->session()->put('message',"User deleted");
return redirect()->route('signin');
}
catch(ModelNotFoundException $e)
{
$request->session()->put('message',$e->getMessage());
return redirect()->route('account');
}
}
}
public_html/TP8/TP8/app/Models/UserEloquent.php
+ 15
118
View file @ 23fcbeaa
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class UserEloquent extends Model
{
use HasFactory;
private $_login;
private $_password;
private const USER_TABLE = "UserEloquent";
public function __construct(string $login, string $password = null)
{
$this->setLogin($login);
$this->setPassword($password);
}
public function login(): string
{
return $this->_login;
}
public function setLogin(string $login): void
{
$this->_login = $login;
}
public function password(): string
{
return $this->_password;
}
public function setPassword(?string $password): void
{
$this->_password = $password;
}
public function exists(): bool
{
// 1. On prépare la requête $request
$request = DB::connection()->getPdo()->prepare('SELECT password FROM ' . self::USER_TABLE . ' WHERE login = :login');
// 2. On assigne $login au paramêtre :login
$ok = $request->bindValue(":login", $this->_login, PDO::PARAM_STR);
// 3. On exécute la requête $request
$ok &= $request->execute();
if (!$ok) {
throw new Exception("Error: user access in DB failed.");
}
// 4. On vérifie que l'utilisateur a été trouvé et que son mot de passe
// correspond à celui de l'attribut $this->_password
$user = $request->fetch(PDO::FETCH_ASSOC);
return $user && password_verify($this->_password, $user['password']);
}
public function create(): void
{
$user = new UserEloquent;
$flight->name = $request->name;
$flight->name = $request->name;
$flight->save();
$request = DB::connection()->getPdo()->prepare('INSERT INTO ' . self::USER_TABLE . '(login,password) VALUES (:login,:password)');
$ok = $request->bindValue(":login", $this->_login, PDO::PARAM_STR);
$hashed_pass = Hash::make($this->_password );
$ok &= $request->bindValue(":password",$hashed_pass, PDO::PARAM_STR);
$ok &= $request->execute();
if (!$ok) {
throw new Exception("Error: user creation in DB failed.");
}
}
public function changePassword(string $newpassword): void
{
$request = DB::connection()->getPdo()->prepare('UPDATE ' . self::USER_TABLE . ' SET password = :password WHERE login = :login');
$ok = $request->bindValue(':login', $this->_login, PDO::PARAM_STR);
$hashed_pass = Hash::make($this->$newpassword );
$ok &= $request->bindValue(':password', $hashed_pass, PDO::PARAM_STR);
$ok &= $request->execute();
if (!$ok) {
throw new Exception("Error: password updating failed.");
}
$this->setPassword($newpassword);
}
public function delete(): void
{
$request = DB::connection()->getPdo()->prepare('DELETE FROM ' . self::USER_TABLE . ' WHERE login = :login');
$ok = $request->bindValue(':login', $this->_login, PDO::PARAM_STR);
$ok &= $request->execute();
if (!$ok) {
throw new Exception("Error while deleting your account.");
}
}
}
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
class UserEloquent extends Model
{
use HasFactory;
protected $table = 'UserEloquent';
protected $primaryKey = 'user_id';
public $timestamps = false;
}
\ No newline at end of file
public_html/TP8/TP8/database/tp5.db
+ 0
0
View file @ 23fcbeaa
No preview for this file type
public_html/TP8/TP8/resources/views/account.blade.php
+ 1
1
View file @ 23fcbeaa
......@@ -2,7 +2,7 @@
@section("title", "Account")
@section("content")
<p>
Hello {{$user}} !<br>
Hello {{$user->user}} !<br>
Welcome on your account.
</p>
<ul>
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment