Commit c543737d authored by Denis S. Valdenaire's avatar Denis S. Valdenaire

quelques vues, modif du controller app

parent 6904caef
......@@ -3,7 +3,7 @@
// You will need this if you have more than one webserver
// to enable the persistence of sessions accross different front servers.
class session_saas extends data {
class session_saas {
private $life_time = 0;
......
......@@ -3,23 +3,58 @@ class AppController {
public $context;
public $format;
public $format = "html";
function AppController() {
include_once("vendor/autoload.php");
Valitron\Validator::langDir(__DIR__.'/../vendor/vlucas/valitron/lang'); // always set langDir before lang.
Valitron\Validator::lang('fr');
$this->context = array();
if(!array_key_exists("a", $_REQUEST) || $_REQUEST["a"] == "") {
$_REQUEST["a"] = "list";
// as the master controller, called on every page, I decide who can do what
if(!array_key_exists("user", $_SESSION)) {
if(array_key_exists("a", $_REQUEST) && $_REQUEST["a"] == "login") {
// try to authenticate
$user = User::validate($GLOBALS["data"]->db_escape_string($_REQUEST["name"]),
$GLOBALS["data"]->db_escape_string($_REQUEST["password"]));
if($user->id != 0) {
$_SESSION["user"] = $user;
header("Location: index.php?o=home&a=index", true, 302);
exit();
} else {
// redirect to login page
header("Location: index.php?o=users&fail_login=1", true, 302);
exit();
}
} else {
// users is the only controller that has unauth pages
if($_REQUEST["o"] != "users") {
header("Location: index.php?o=users", true, 302);
exit();
}
}
} else {
if(array_key_exists("a", $_REQUEST) && $_REQUEST["a"] == "logout") {
// logout
// unset($_SESSION["user"]);
session_destroy();
header("Location: index.php?o=users", true, 302);
} else {
// stay authenticated - do what your roles decides
// give me a break - user is in the session after all
// $logged_user = User::fetch($_SESSION["user_id"]);
}
}
$this->format = (preg_match("/api.php/", $_SERVER["REQUEST_URI"])) ? "json" : "html";
$_REQUEST["a"] = (array_key_exists("a", $_REQUEST))
? (!method_exists($this, "_".$_REQUEST["a"]) ? "index" : $_REQUEST["a"])
: "index";
$_REQUEST["i"] = (array_key_exists("i", $_REQUEST)) ? $_REQUEST["i"] : "";
// Twig init
include_once("vendor/autoload.php");
Valitron\Validator::langDir(__DIR__.'/../vendor/vlucas/valitron/lang'); // always set langDir before lang.
Valitron\Validator::lang('fr');
Twig_Autoloader::register();
$loader = new Twig_Loader_Filesystem('views'); // Dossier contenant les templates
......@@ -30,13 +65,32 @@ class AppController {
// DEBUG $this->twig->addExtension(new Twig_Extension_Debug());
$this->context["global"] = $GLOBALS;
$this->context["request"] = $_REQUEST;
$this->format = (preg_match("/api.php/", $_SERVER["REQUEST_URI"])) ? "json" : "html";
if(!array_key_exists("user", $_SESSION)) {
return;
}
// extract the local roles from the session
// application_instance id and key should be in the config file
$this->set("session", $_SESSION);
if(!array_key_exists($GLOBALS["application_instance_id"],
$_SESSION["user"]->roles)) {
//$this->render("no_access"); // TODO
echo "<pre>";
echo "Sorry but is seems that you got no roles for this application instance";
print_r($_SESSION["user"]->roles);
echo "</pre>";
exit();
}
$this->set("roles", $_SESSION["user"]->roles[$GLOBALS["application_instance_id"]]);
$this->set("current_user", $_SESSION["user"]);
if(!method_exists($this, "_".$_REQUEST["a"])) {
$this->render("bad_method");
if($this->format == "html") {
$this->render("bad_method");
} else {
header($_SERVER['SERVER_PROTOCOL'] . ' 400 Bad Request', true, 400);
}
exit();
}
}
......@@ -62,7 +116,6 @@ class AppController {
function render($view) {
try {
$template = $this->twig->loadTemplate($view.".html");
// DEBUG echo "<pre>"; print_r($this->context); echo "</pre>";
echo $template->render($this->context);
} catch (Twig_Error $e) {
// echo "<pre>"; print_r($e); echo "</pre>";
......@@ -202,6 +255,7 @@ class AppController {
function _list($method = "fetch_all") {
$format = (preg_match("/api.php/", $_SERVER["REQUEST_URI"])) ? "json" : "html";
try {
$objects = array();
$classname = $this->model;
$classname::$method($objects);
if($format == "json") {
......
......@@ -10,52 +10,19 @@ function myautoload($class_name) {
}
}
spl_autoload_register("myautoload");
include("config/config.php");
new session_saas();
global $data;
$data = new data();
new session_saas();
if(!array_key_exists("logged_user", $_SESSION)) {
if(array_key_exists("a", $_REQUEST) && $_REQUEST["a"] == "submit_login") {
// try to authenticate
$_SESSION["logged_user"] = User::validate($GLOBALS["data"]->db_escape_string($_REQUEST["name"]),
$GLOBALS["data"]->db_escape_string($_REQUEST["passwd"]));
if($_SESSION["logged_user"]->id != 0) {
$_REQUEST["o"] = "home";
$_REQUEST["a"] = "index";
} else {
$_REQUEST["o"] = "users";
$_REQUEST["a"] = "login";
}
} // stay not authenticated
} else {
if(array_key_exists("a", $_REQUEST) && $_REQUEST["a"] == "logout") {
// logout
unset($_SESSION["logged_user"]);
$_REQUEST["a"] = "login";
} else {
// stay authenticated
// the user is in the session - you should not ask the saas for every page
// $logged_user = User::fetch($_SESSION["user_id"]);
}
}
if($_SESSION["logged_user"]->id == 0) {
// not authenticated
$_REQUEST["o"] = "users";
} else {
if(!array_key_exists("o", $_REQUEST) || $_REQUEST["o"] == ""
|| !file_exists("controllers/".$_REQUEST["o"].".php")) {
$_REQUEST["o"] = "home";
$_REQUEST["a"] = "index";
}
}
$_REQUEST["a"] = (array_key_exists("a", $_REQUEST)) ? $_REQUEST["a"] : "";
$_REQUEST["i"] = (array_key_exists("i", $_REQUEST)) ? $_REQUEST["i"] : "";
$_REQUEST["o"] = (array_key_exists("o", $_REQUEST)) ? $_REQUEST["o"] : "home";
// call of the controller
$controller = str_replace(' ','',ucwords(str_replace('_',' ',$_REQUEST["o"])))."Controller";
$ctrl = new $controller();
?>
<pre>
<?php
var_dump($_SESSION);
echo "<pre>";
print_r($_SESSION);
echo "</pre>";
......@@ -30,10 +30,9 @@
<a class="navbar-brand" href="index.php">
<img id="logo" src="images/ludo-associative.jpg" alt="associative - ludotheque"></a>
</div>
{% if session['logged_user'].id %}
<div id="navbar" class="collapse navbar-collapse navbar-right">
<ul class="nav navbar-nav">
{% if session['logged_user'].roles['games'] %}
{% if roles['games'] %}
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
aria-expanded="false">Jeux...<span class="caret"></span></a>
......@@ -44,21 +43,21 @@
</ul>
</li>
{% endif %}
{% if session['logged_user'].roles['members'] %}
{% if roles.members %}
<li><a href="index.php?o=members">Adhérents</a></li>
{% endif %}
{% if session['logged_user'].roles['admin'] %}
{% if roles.admin %}
<li><a href="index.php?o=users&a=list">Comptes</a></li>
{% endif %}
{% if session['logged_user'].roles['games'] or user.roles['members'] %}
{% if roles.games or roles.members %}
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true"
aria-expanded="false">Options <span class="caret"></span></a>
<ul class="dropdown-menu">
{% if session['logged_user'].roles['games'] %}
{% if roles.games %}
<li><a href="index.php?o=esar_categories&a=list">Catégories Esar</a></li>
{% endif %}
{% if session['logged_user'].roles['members'] %}
{% if roles.members %}
<li><a href="index.php?o=membership_types&a=list">Types d'adhésion</a></li>
<li><a href="index.php?o=payment_methods&a=list">Méthodes de paiement</a></li>
{% endif %}
......@@ -76,7 +75,6 @@
</div>
</form>
</div>
{% endif %}
</div>
</nav>
<form action="index.php" method="POST" id="defaultform" name="defaultform"
......
{% extends "base.html" %}
{% block title %}Accès non autorisé{% endblock %}
{% block content %}
<div class="panel panel-danger">
<div class="panel-heading">
<span class="glyphicon glyphicon-remove-sign" style="font-size:150%" ></span>
<span style="font-size: 150%; font-weight: bold">
Accès non autorisé
</span>
</div>
<div class="panel-body">
Désolé, mais vous ne semblez pas avoir l'accès à cette application.
</div>
<div class="panel-footer text-right">
<a class="btn btn-default" href="{{ global['saas_url'] }}" role="button">
<span class="glyphicon glyphicon-home"></span> &nbsp; Retour à la page principale du SAAS
</a>
</div>
</div>
{% endblock %}
{% extends "base.html" %}
{% block title %}Erreur de template{% endblock %}
{% block content %}
<div class="panel panel-danger">
<div class="panel-heading">Erreur dans un template</div>
<div class="panel-heading">
<span class="glyphicon glyphicon-remove-sign" style="font-size:150%" ></span>
<span style="font-size: 150%; font-weight: bold">
Erreur dans un template
</span>
</div>
<div class="panel-body">
{{ error.message }}
</div>
<div class="panel-footer text-right">
<a class="btn btn-default" href="{{ global['saas_url'] }}" role="button">
<span class="glyphicon glyphicon-home"></span> &nbsp; Retour à la page principale du SAAS
</a>
</div>
</div>
{% endblock %}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment