-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauthorization.php
131 lines (105 loc) · 3.64 KB
/
authorization.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
<?php
ob_start();
use src\ProjectWhisky\business\UserBusiness;
use src\ProjectWhisky\business\AuthorizationBusiness;
use src\ProjectWhisky\helpers\ValidationHelpers;
use src\ProjectWhisky\exceptions\WrongDataException;
use src\ProjectWhisky\exceptions\EmptyDataException;
use src\ProjectWhisky\exceptions\UserBlockedException;
use src\ProjectWhisky\exceptions\WrongPasswordPatternException;
use src\ProjectWhisky\exceptions\WrongEmailPatternException;
use Doctrine\Common\ClassLoader;
session_start();
/**
* Check entered e-mail and password when "log in" button has been pressed
*/
if(isset($_POST['emailField']))
{
$email = $_POST['emailField'];
$password = $_POST['passField'];
/**
* Connecting doctrine autoloader
*/
require_once'Doctrine/Common/ClassLoader.php';
$classLoader = new ClassLoader("src");
$classLoader->register();
try
{
/**
* Throw error if email and password fields are empty
*/
if (empty($email) || empty($password)) throw new EmptyDataException();
$validator = new ValidationHelpers(); // helper validation class
/**
* Email validation
*/
$emailValidated = $validator->validateEmail($_POST['emailField']);
if(!$emailValidated) throw new WrongEmailPatternException();
/**
* Password validation
*/
$passwordValidated = $validator->validatePassword($_POST['passField']);
if(!$passwordValidated) throw new WrongPasswordPatternException();
/**
* Throw error if email and password contain wrong characters
*/
if(empty($email) && empty($password)) throw new WrongDataException();
/**
* Authorize user
* Throw error if email-password combination is wrong (Exception comes from AuthorizationBusiness)
*/
$authorization = new AuthorizationBusiness();
$user = $authorization->authorize($email, $password);
/*
* Check if user is blocked
*/
if($user->getBlocked() == 1) throw new UserBlockedException();
/*
* Check if user is admin
*/
if($user->getAdmin() == 1)
{
$_SESSION['user']['role'] = 2; // Store in session that user is an admin; 2 = admin
}
else
{
$_SESSION['user']['role'] = 1; // Store in session that user is NOT an admin; 1 = regular user
}
$_SESSION['user']['id'] = $user->getId(); //Store userIn into session
$_SESSION['user']['firstname'] = $user->getFirstname(); // Store user firstname into session
$_SESSION['user']['username'] = $user->getUsername();
echo "<span class='success'>You're in</span>";
?>
<script>
setTimeout(function(){
location.reload();
}, 2000);
</script>
<?php
}
catch (EmptyDataException $e)
{
echo "<span class='error_message'>E-mail and password fields can't be empty</span>";
}
catch (WrongDataException $e)
{
echo "<span class='error_message'>Wrong e-mail and password combination.</span>";
}
catch (UserBlockedException $e)
{
echo "<span class='error_message'>Your account has been blocked.</span>";
}
catch (WrongPasswordPatternException $e)
{
echo "<span class='error_message'>Password must contain min. 8 characters, min. 1 capital letter and min. 1 number.</span>";
}
catch (WrongEmailPatternException $e)
{
echo "<span class='error_message'>E-mail must have this pattern: [email protected]</span>";
}
}
else
{
header('Location: index.php');
}
ob_flush();