From 7ea9eac407a7dd9234cf2d93925aa060f92b488d Mon Sep 17 00:00:00 2001
From: Bitha17 <16521076@mahasiswa.itb.ac.id>
Date: Mon, 9 Oct 2023 13:29:10 +0700
Subject: [PATCH] auth messages
---
app/Controllers/EventController.php | 8 --------
app/Controllers/PembelianController.php | 9 ---------
app/Controllers/TicketController.php | 8 --------
app/Controllers/UserController.php | 20 ++++++++++++++++----
app/Views/login/login.php | 10 ++++++++++
app/Views/login/register.php | 11 +++++++++++
6 files changed, 37 insertions(+), 29 deletions(-)
diff --git a/app/Controllers/EventController.php b/app/Controllers/EventController.php
index 57c5df8..2961a63 100644
--- a/app/Controllers/EventController.php
+++ b/app/Controllers/EventController.php
@@ -5,14 +5,6 @@ ob_start();
require_once(__DIR__ . '/../Models/Event.php');
require_once(__DIR__ . '/TicketController.php');
-if (!isset($_SESSION["user_id"])) {
- session_start();
- if (!isset($_SESSION["user_id"])) {
- // User is not authenticated; redirect to login page
- header("Location: /app/Views/login/login.php");
- ob_end_flush();
- }
-}
class EventController {
private $eventModel;
diff --git a/app/Controllers/PembelianController.php b/app/Controllers/PembelianController.php
index fa33e13..9f5526d 100644
--- a/app/Controllers/PembelianController.php
+++ b/app/Controllers/PembelianController.php
@@ -5,15 +5,6 @@ ob_start();
// require_once 'Pembelian.php';
require_once(__DIR__ . '/../Models/Pembelian.php');
-if (!isset($_SESSION["user_id"])) {
- session_start();
- if (!isset($_SESSION["user_id"])) {
- // User is not authenticated; redirect to login page
- header("Location: /app/Views/login/login.php");
- ob_end_flush();
- }
-}
-
class PembelianController {
private $pembelianModel;
diff --git a/app/Controllers/TicketController.php b/app/Controllers/TicketController.php
index 0c5c8f0..962586f 100644
--- a/app/Controllers/TicketController.php
+++ b/app/Controllers/TicketController.php
@@ -3,14 +3,6 @@
ob_start();
// require_once 'Ticket.php';
require_once(__DIR__ . '/../Models/Ticket.php');
-if (!isset($_SESSION["user_id"])) {
- session_start();
- if (!isset($_SESSION["user_id"])) {
- // User is not authenticated; redirect to login page
- header("Location: /app/Views/login/login.php");
- ob_end_flush();
- }
-}
class TicketController {
private $ticketModel;
diff --git a/app/Controllers/UserController.php b/app/Controllers/UserController.php
index 5ba7394..d4c0dc8 100644
--- a/app/Controllers/UserController.php
+++ b/app/Controllers/UserController.php
@@ -53,10 +53,11 @@ class UserController {
$_SESSION["user_id"] = $user['user_ID'];
return "success";
} else {
+ session_start();
return "wrong credentials";
}
}
-
+
public function logout() {
session_start();
if (isset($_SESSION["user_id"])) {
@@ -67,11 +68,11 @@ class UserController {
return "user not logged in";
}
}
-
+
public function editProfile($user_id, $name, $username, $email) {
return $this->userModel->editProfile($user_id, $name, $username, $email);
}
-
+
public function handleRequest() {
if (isset($_POST['userAction'])) {
if ($_POST['userAction'] === 'login') {
@@ -83,6 +84,8 @@ class UserController {
header("Location:Views/home/home.php");
ob_end_flush();
} else {
+ session_start();
+ $_SESSION['message'] = "wrong credentials";
header("Location:Views/login/login.php");
ob_end_flush();
}
@@ -91,6 +94,8 @@ class UserController {
header("Location:Views/home/home.php");
ob_end_flush();
} else {
+ session_start();
+ $_SESSION['message'] = "wrong credentials";
header("Location:Views/login/login.php");
ob_end_flush();
}
@@ -102,17 +107,24 @@ class UserController {
$userEmail = $_POST['userEmail'];
$userPassword = $_POST['userPassword'];
$isAdmin = isset($_POST['isAdmin']) ? 1 : 0;
- $success = $this->registerUser($userName,$userUsername,$userEmail,$userPassword,$isAdmin)['success'];
+ $response = $this->registerUser($userName,$userUsername,$userEmail,$userPassword,$isAdmin);
+ $success = $response['success'];
if($success){
+ session_start();
+ $_SESSION['message'] = "You have successfully registered. Please log in";
header("Location:Views/login/login.php");
ob_end_flush();
} else {
+ session_start();
+ $_SESSION['error_message'] = $response['message'];
header("Location:Views/login/register.php");
ob_end_flush();
}
} elseif ($_POST['userAction'] === 'logout') {
unset($_POST['userAction']);
$this->logout();
+ session_start();
+ $_SESSION['message'] = "User logged out successfully. Please log in again.";
header("Location:Views/login/login.php");
ob_end_flush();
} elseif ($_POST['userAction'] === 'viewProfile') {
diff --git a/app/Views/login/login.php b/app/Views/login/login.php
index 6e6b601..2ca035a 100644
--- a/app/Views/login/login.php
+++ b/app/Views/login/login.php
@@ -1,3 +1,6 @@
+<?php
+ session_start();
+?>
<!DOCTYPE html>
<html lang="en">
@@ -19,6 +22,13 @@
<label for="password">Password</label>
<input type="password" id="password" name="loginPassword" required>
+ <?php
+ // Check if there is an error message in the session
+ if (isset($_SESSION['message'])) {
+ echo '<p>' . $_SESSION['message'] . '</p>';
+ unset($_SESSION['message']); // Remove the error message from the session
+ }
+ ?>
<button type="submit" name="userAction" value="login">Login</button>
</form>
<p>Don't have an account? <a href="register.php">Register</a></p>
diff --git a/app/Views/login/register.php b/app/Views/login/register.php
index d6a5772..bdd3a09 100644
--- a/app/Views/login/register.php
+++ b/app/Views/login/register.php
@@ -1,3 +1,6 @@
+<?php
+ session_start();
+?>
<!DOCTYPE html>
<html lang="en">
@@ -28,6 +31,14 @@
Admin <input type="checkbox" id="isAdmin" name="isAdmin" value="1">
</label>
+ <?php
+ // Check if there is an error message in the session
+ if (isset($_SESSION['error_message'])) {
+ echo '<p>' . $_SESSION['error_message'] . '</p>';
+ unset($_SESSION['error_message']); // Remove the error message from the session
+ }
+ ?>
+
<button type="submit" name="userAction" value="createUser">Register</button>
</form>
<p>Already have an account? <a href="login.php">Login</a></p>
--
GitLab