From 7f89f360111d490ceae98cbde4228678b09afeed Mon Sep 17 00:00:00 2001
From: Bitha17 <16521076@mahasiswa.itb.ac.id>
Date: Thu, 16 Nov 2023 21:24:35 +0700
Subject: [PATCH] feat: temp changes
---
Dockerfile | 12 +-
database/6-seed.sql | 10 +-
src/.htaccess | 13 ++
{styles => src/Client}/auth.css | 0
src/Client/components/navbar.php | 2 +-
{styles => src/Client}/container.css | 0
{styles => src/Client}/dropdown.css | 0
{styles => src/Client}/footer.css | 0
{styles => src/Client}/form.css | 0
{styles => src/Client}/global.css | 0
{styles => src/Client}/navbar.css | 0
src/Client/pages/event/create.php | 5 +-
src/Client/pages/event/update.php | 5 +-
src/Client/pages/history/history.php | 5 +-
src/Client/pages/home/home.php | 50 ++++----
src/Client/pages/login/login.php | 61 +++++-----
src/Client/pages/login/register.php | 11 +-
src/Client/pages/pembelian/pembelian.php | 5 +-
src/Client/pages/profile/view_profile.php | 5 +-
{styles => src/Client}/pagination.css | 0
src/Server/Controllers/EventController.php | 5 +-
src/Server/Controllers/HomeController.php | 11 ++
.../Controllers/PembelianController.php | 3 +-
src/Server/Controllers/TicketController.php | 2 +-
src/Server/Controllers/UserController.php | 114 +++++++++++++++---
src/Server/Models/Event.php | 49 ++++----
src/Server/Models/User.php | 3 +
src/Server/Router/Router.php | 21 ++--
src/Server/web.php | 61 ++++++----
src/index.php | 11 ++
30 files changed, 312 insertions(+), 152 deletions(-)
create mode 100644 src/.htaccess
rename {styles => src/Client}/auth.css (100%)
rename {styles => src/Client}/container.css (100%)
rename {styles => src/Client}/dropdown.css (100%)
rename {styles => src/Client}/footer.css (100%)
rename {styles => src/Client}/form.css (100%)
rename {styles => src/Client}/global.css (100%)
rename {styles => src/Client}/navbar.css (100%)
rename {styles => src/Client}/pagination.css (100%)
create mode 100644 src/Server/Controllers/HomeController.php
create mode 100644 src/index.php
diff --git a/Dockerfile b/Dockerfile
index e29d064..1d2b0aa 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,3 +1,11 @@
-FROM php:8.0-apache
+FROM php:8.1-apache
+
+RUN apt-get update && apt-get upgrade -y
+RUN apt-get install -y libxml2-dev libpq-dev
+RUN docker-php-ext-install pgsql pdo pdo_pgsql && docker-php-ext-enable pgsql pdo pdo_pgsql
+RUN a2enmod rewrite && service apache2 restart
+RUN chown -R :www-data /var/www/html/
-RUN docker-php-ext-install pdo pdo_mysql
\ No newline at end of file
+WORKDIR /var
+
+EXPOSE 80
\ No newline at end of file
diff --git a/database/6-seed.sql b/database/6-seed.sql
index 75d29b1..36241df 100644
--- a/database/6-seed.sql
+++ b/database/6-seed.sql
@@ -29,8 +29,8 @@ END $$;
-- Insert user data
INSERT INTO users (user_name, username, user_email, user_hashedPass, isAdmin)
VALUES
- ('John Doe', 'john_doe', 'john@example.com', crypt('password_1', gen_salt('bf', 8)), 1),
- ('Jane Smith', 'jane_smith', 'jane@example.com', crypt('password_2', gen_salt('bf', 8)), 0),
- ('Admin User', 'admin_user', 'admin@example.com', crypt('password_3', gen_salt('bf', 8)), 1),
- ('Alice Johnson', 'alice', 'alice@example.com', crypt('password_4', gen_salt('bf', 8)), 0),
- ('Bob Williams', 'bob', 'bob@example.com', crypt('password_5', gen_salt('bf', 8)), 0);
+ ('John Doe', 'john_doe', 'john@example.com', '$2y$10$8sA2N5Sx/1zMQv2yrTDAaOFlbGWECrrgB68axL.hBb78NhQdyAqWm', 'true'),
+ ('Jane Smith', 'jane_smith', 'jane@example.com', '$2y$10$8sA2N5Sx/1zMQv2yrTDAaOFlbGWECrrgB68axL.hBb78NhQdyAqWm', 'false'),
+ ('Admin User', 'admin_user', 'admin@example.com', '$2y$10$8sA2N5Sx/1zMQv2yrTDAaOFlbGWECrrgB68axL.hBb78NhQdyAqWm', 'true'),
+ ('Alice Johnson', 'alice', 'alice@example.com', '$2y$10$8sA2N5Sx/1zMQv2yrTDAaOFlbGWECrrgB68axL.hBb78NhQdyAqWm', 'false'),
+ ('Bob Williams', 'bob', 'bob@example.com', '$2y$10$8sA2N5Sx/1zMQv2yrTDAaOFlbGWECrrgB68axL.hBb78NhQdyAqWm', 'false');
diff --git a/src/.htaccess b/src/.htaccess
new file mode 100644
index 0000000..122631d
--- /dev/null
+++ b/src/.htaccess
@@ -0,0 +1,13 @@
+DirectoryIndex index.php
+
+RewriteEngine On
+
+RewriteBase /
+
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-d
+
+RewriteRule ^(.*)$ index.php [QSA]
+
+php_value post_max_size 16M
+php_value upload_max_filesize 16M
\ No newline at end of file
diff --git a/styles/auth.css b/src/Client/auth.css
similarity index 100%
rename from styles/auth.css
rename to src/Client/auth.css
diff --git a/src/Client/components/navbar.php b/src/Client/components/navbar.php
index ec8dd2a..d8b9f31 100644
--- a/src/Client/components/navbar.php
+++ b/src/Client/components/navbar.php
@@ -7,7 +7,7 @@
<li><a href="/app/Views/history/history.php">History</a></li>
<!-- Logout Button -->
<li>
- <form method="post" action="/app/router.php">
+ <form method="post" action="/logout">
<button type="submit" name="userAction" value="logout">Logout</button>
</form>
</li>
diff --git a/styles/container.css b/src/Client/container.css
similarity index 100%
rename from styles/container.css
rename to src/Client/container.css
diff --git a/styles/dropdown.css b/src/Client/dropdown.css
similarity index 100%
rename from styles/dropdown.css
rename to src/Client/dropdown.css
diff --git a/styles/footer.css b/src/Client/footer.css
similarity index 100%
rename from styles/footer.css
rename to src/Client/footer.css
diff --git a/styles/form.css b/src/Client/form.css
similarity index 100%
rename from styles/form.css
rename to src/Client/form.css
diff --git a/styles/global.css b/src/Client/global.css
similarity index 100%
rename from styles/global.css
rename to src/Client/global.css
diff --git a/styles/navbar.css b/src/Client/navbar.css
similarity index 100%
rename from styles/navbar.css
rename to src/Client/navbar.css
diff --git a/src/Client/pages/event/create.php b/src/Client/pages/event/create.php
index b486caa..75b6a10 100644
--- a/src/Client/pages/event/create.php
+++ b/src/Client/pages/event/create.php
@@ -1,5 +1,8 @@
<?php
- session_start();
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
ob_start();
if (!isset($_SESSION["user_id"])) {
echo "here";
diff --git a/src/Client/pages/event/update.php b/src/Client/pages/event/update.php
index 3d63800..84f1251 100644
--- a/src/Client/pages/event/update.php
+++ b/src/Client/pages/event/update.php
@@ -1,5 +1,8 @@
<?php
- session_start();
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
ob_start();
if (!isset($_SESSION["user_id"])) {
echo "here";
diff --git a/src/Client/pages/history/history.php b/src/Client/pages/history/history.php
index b2e0263..10b8f57 100644
--- a/src/Client/pages/history/history.php
+++ b/src/Client/pages/history/history.php
@@ -1,5 +1,8 @@
<?php
- session_start();
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
ob_start();
if (!isset($_SESSION["user_id"])) {
echo "here";
diff --git a/src/Client/pages/home/home.php b/src/Client/pages/home/home.php
index 701666b..1cd9d38 100644
--- a/src/Client/pages/home/home.php
+++ b/src/Client/pages/home/home.php
@@ -1,22 +1,25 @@
<?php
- session_start();
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
ob_start();
if (!isset($_SESSION["user_id"])) {
echo "here";
// User is not authenticated; redirect to login page
- header("Location: /app/Views/login/login.php");
+ header("Location: login");
ob_end_flush();
}
- require_once '../../Controllers/PembelianController.php';
- require_once '../../Controllers/TicketController.php';
- require_once '../../Controllers/UserController.php';
- require_once '../../Controllers/EventController.php';
+ require_once (__DIR__.'/../../../Server/Controllers/PembelianController.php');
+ require_once (__DIR__.'/../../../Server/Controllers/TicketController.php');
+ require_once (__DIR__.'/../../../Server/Controllers/UserController.php');
+ require_once (__DIR__.'/../../../Server/Controllers/EventController.php');
$eventController = new EventController();
$pembelianController = new PembelianController();
$ticketController = new TicketController();
- $userController = new UserController();
+ $userController = new \Server\Controllers\UserController();
// Handle search query
$searchQuery = isset($_GET['search']) ? $_GET['search'] : '';
@@ -36,7 +39,7 @@
$currentPage = $paginationData['page'];
$maxPage = $paginationData['maxpage'];
- $isAdmin = $userController->getUser($_SESSION['user_id'])['isAdmin'];
+ $isAdmin = $userController->getUser($_SESSION['user_id'])['isadmin'];
?>
<!DOCTYPE html>
@@ -46,20 +49,20 @@
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>HOME • TICKET KU</title>
- <link rel="stylesheet" type="text/css" href="/../../styles/global.css">
- <link rel="stylesheet" type="text/css" href="/../../styles/form.css">
- <link rel="stylesheet" type="text/css" href="/../../styles/footer.css">
- <link rel="stylesheet" type="text/css" href="/../../styles/navbar.css">
- <link rel="stylesheet" type="text/css" href="/../../styles/container.css">
- <link rel="stylesheet" type="text/css" href="/../../styles/auth.css">
- <link rel="stylesheet" type="text/css" href="/../../styles/dropdown.css">
- <link rel="stylesheet" type="text/css" href="/../../styles/pagination.css">
- <link rel="stylesheet" type="text/css" href="/../../styles/media.css">
+ <link rel="stylesheet" type="text/css" href="/../../global.css">
+ <link rel="stylesheet" type="text/css" href="/../../form.css">
+ <link rel="stylesheet" type="text/css" href="/../../footer.css">
+ <link rel="stylesheet" type="text/css" href="/../../navbar.css">
+ <link rel="stylesheet" type="text/css" href="/../../container.css">
+ <link rel="stylesheet" type="text/css" href="/../../auth.css">
+ <link rel="stylesheet" type="text/css" href="/../../dropdown.css">
+ <link rel="stylesheet" type="text/css" href="/../../pagination.css">
+ <link rel="stylesheet" type="text/css" href="/../../media.css">
</head>
<body>
<!-- Navbar -->
- <?php include '../template/navbar.php';?>
+ <?php include (__DIR__.'/../../components/navbar.php');?>
<div class="main-content">
<div class="column">
@@ -67,19 +70,20 @@
<button onclick="openCreateEventPage()" id="createEventBtn" class="admin">Create Event</button>
<?php endif; ?>
<div class="row">
- <input type="text" id="searchInput" placeholder="Search.." value="<?= htmlspecialchars($searchQuery)?>" style="width:250%;">
+ <input type="text" id="searchInput" placeholder="Search.." value="<?= isset($searchQuery) ? htmlspecialchars($searchQuery) : '' ?>" style="width:250%;">
<select name="sort" id="sortSelect" class="styled-select">
<option value="" <?= empty($sortKey) ? 'selected' : '' ?>>No Sorting</option>
<option value="name" <?= $sortKey === 'name' ? 'selected' : '' ?>>Sort by Name</option>
<option value="location" <?= $sortKey === 'location' ? 'selected' : '' ?>>Sort by Location</option>
</select>
<!-- Change input type to "text" for minimum stock -->
- <input type="text" id="minStockInput" name="min_stock" placeholder="Min Stock" value="<?= htmlspecialchars($minStock) ?>">
+ <input type="text" id="minStockInput" name="min_stock" placeholder="Min Stock" value="<?= isset($minStock) ? htmlspecialchars($minStock) : 0 ?>"
+">
<button type="submit" id="search-button">Search</button>
</div>
<?php foreach ($events as $event) :
- include '../template/event.php';
+ include (__DIR__.'/../../components/event.php');
endforeach;?>
<div class="pagination">
@@ -112,7 +116,7 @@
</div>
</div>
- <?php include '../template/footer.php';?>
+ <?php include (__DIR__.'/../../components/footer.php');?>
<script defer>
function toggleMenu() {
@@ -142,7 +146,7 @@
const sortKey = document.getElementById('sortSelect').value;
// Construct the URL with search, min_stock, and sort parameters
- const url = `/app/Views/home/home.php?search=${encodeURIComponent(searchQuery)}&min_stock=${encodeURIComponent(minStock)}&sort=${encodeURIComponent(sortKey)}`;
+ const url = `/home?search=${encodeURIComponent(searchQuery)}&min_stock=${encodeURIComponent(minStock)}&sort=${encodeURIComponent(sortKey)}`;
// Redirect to the updated URL
window.location.href = url;
diff --git a/src/Client/pages/login/login.php b/src/Client/pages/login/login.php
index 2ca035a..017eba7 100644
--- a/src/Client/pages/login/login.php
+++ b/src/Client/pages/login/login.php
@@ -1,37 +1,40 @@
<?php
+if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
session_start();
+}
?>
<!DOCTYPE html>
<html lang="en">
- <head>
- <title>Login • TICKET KU</title>
- <meta charset="UTF-8">
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
- <link rel="stylesheet" type="text/css" href="../../../styles/auth.css">
- </head>
+<head>
+ <title>Login • TICKET KU</title>
+ <meta charset="UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <link rel="stylesheet" type="text/css" href="../../auth.css">
+</head>
- <body>
- <div class="login-container">
- <h1>Login</h1>
- <form id="loginForm" method="post" action="../../router.php">
- <!-- Aslinya email atau username bisa(?) -->
- <label for="email">Email or Username</label>
- <input type="text" id="identifier" name="loginIdentifier" required>
-
- <label for="password">Password</label>
- <input type="password" id="password" name="loginPassword" required>
+<body>
+ <div class="login-container">
+ <h1>Login</h1>
+ <form id="loginForm" method="post" action="login">
+ <!-- Aslinya email atau username bisa(?) -->
+ <label for="email">Email or Username</label>
+ <input type="text" id="identifier" name="loginIdentifier" required>
+
+ <label for="password">Password</label>
+ <input type="password" id="password" name="loginPassword" required>
- <?php
- // Check if there is an error message in the session
- if (isset($_SESSION['message'])) {
- echo '<p>' . $_SESSION['message'] . '</p>';
- unset($_SESSION['message']); // Remove the error message from the session
- }
- ?>
- <button type="submit" name="userAction" value="login">Login</button>
- </form>
- <p>Don't have an account? <a href="register.php">Register</a></p>
- </div>
- </body>
-</html>
\ No newline at end of file
+ <?php
+ // Check if there is an error message in the session
+ if (isset($_SESSION['message'])) {
+ echo '<p>' . $_SESSION['message'] . '</p>';
+ unset($_SESSION['message']); // Remove the error message from the session
+ }
+ ?>
+ <button type="submit" name="userAction" value="login">Login</button>
+ </form>
+ <p>Don't have an account? <a href="register">Register</a></p>
+ </div>
+</body>
+</html>
diff --git a/src/Client/pages/login/register.php b/src/Client/pages/login/register.php
index bdd3a09..660b237 100644
--- a/src/Client/pages/login/register.php
+++ b/src/Client/pages/login/register.php
@@ -1,5 +1,8 @@
<?php
- session_start();
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
?>
<!DOCTYPE html>
<html lang="en">
@@ -8,13 +11,13 @@
<title>Register • TICKET KU</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
- <link rel="stylesheet" type="text/css" href="../../../styles/auth.css">
+ <link rel="stylesheet" type="text/css" href="../../auth.css">
</head>
<body>
<div class="register-container">
<h1>Register</h1>
- <form id="registerForm" method="post" action="../../router.php">
+ <form id="registerForm" method="post" action="register">
<label for="userName">Name</label>
<input type="text" id="userName" name="userName" required>
@@ -41,7 +44,7 @@
<button type="submit" name="userAction" value="createUser">Register</button>
</form>
- <p>Already have an account? <a href="login.php">Login</a></p>
+ <p>Already have an account? <a href="login">Login</a></p>
</div>
</body>
</html>
\ No newline at end of file
diff --git a/src/Client/pages/pembelian/pembelian.php b/src/Client/pages/pembelian/pembelian.php
index 00d8ce4..e8b2cfa 100644
--- a/src/Client/pages/pembelian/pembelian.php
+++ b/src/Client/pages/pembelian/pembelian.php
@@ -1,5 +1,8 @@
<?php
- session_start();
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
ob_start();
if (!isset($_SESSION["user_id"])) {
echo "here";
diff --git a/src/Client/pages/profile/view_profile.php b/src/Client/pages/profile/view_profile.php
index 2eab3bc..7c3c492 100644
--- a/src/Client/pages/profile/view_profile.php
+++ b/src/Client/pages/profile/view_profile.php
@@ -1,5 +1,8 @@
<?php
- session_start();
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
ob_start();
if (!isset($_SESSION["user_id"])) {
echo "here";
diff --git a/styles/pagination.css b/src/Client/pagination.css
similarity index 100%
rename from styles/pagination.css
rename to src/Client/pagination.css
diff --git a/src/Server/Controllers/EventController.php b/src/Server/Controllers/EventController.php
index 21dd49f..0e5c9be 100644
--- a/src/Server/Controllers/EventController.php
+++ b/src/Server/Controllers/EventController.php
@@ -1,8 +1,7 @@
<?php
-// app/Controllers/EventController.php
ob_start();
-require_once(__DIR__ . '/../../Models/Event.php');
+include(__DIR__ . '../../Models/Event.php');
require_once(__DIR__ . '/TicketController.php');
@@ -10,7 +9,7 @@ class EventController {
private $eventModel;
public function __construct() {
- $this->eventModel = new EventModel();
+ $this->eventModel = new \Server\Models\EventModel();
}
public function createEvent($event_name, $stock, $event_price, $event_date, $event_location, $gambar, $vid){
diff --git a/src/Server/Controllers/HomeController.php b/src/Server/Controllers/HomeController.php
new file mode 100644
index 0000000..edb1b11
--- /dev/null
+++ b/src/Server/Controllers/HomeController.php
@@ -0,0 +1,11 @@
+<?php
+
+namespace Server\Controllers;
+
+class HomeController {
+ public function __construct(){}
+ public function home()
+ {
+ include (__DIR__.'/../../Client/pages/home/home.php');
+ }
+}
\ No newline at end of file
diff --git a/src/Server/Controllers/PembelianController.php b/src/Server/Controllers/PembelianController.php
index 9f5526d..5f5701d 100644
--- a/src/Server/Controllers/PembelianController.php
+++ b/src/Server/Controllers/PembelianController.php
@@ -10,11 +10,10 @@ class PembelianController {
public function __construct() {
- $this->pembelianModel = new PembelianModel();
+ $this->pembelianModel = new \Server\Models\PembelianModel();
}
public function createPembelian($ticketId, $userId, $createdTime) {
- $pembelianModel = new PembelianModel();
return $this->pembelianModel->createPembelian($ticketId, $userId, $createdTime);
}
diff --git a/src/Server/Controllers/TicketController.php b/src/Server/Controllers/TicketController.php
index 962586f..8d2944d 100644
--- a/src/Server/Controllers/TicketController.php
+++ b/src/Server/Controllers/TicketController.php
@@ -8,7 +8,7 @@ class TicketController {
private $ticketModel;
public function __construct() {
- $this->ticketModel = new TicketModel();
+ $this->ticketModel = new \Server\Models\TicketModel();
}
public function createTicket($name, $eventId) {
diff --git a/src/Server/Controllers/UserController.php b/src/Server/Controllers/UserController.php
index 3ae2e6c..6bf0731 100644
--- a/src/Server/Controllers/UserController.php
+++ b/src/Server/Controllers/UserController.php
@@ -1,14 +1,15 @@
<?php
-// app/controllers/userController.php
-ob_start();
-require_once(__DIR__ . '/../Models/User.php');
+
+namespace Server\Controllers;
+
+include (__DIR__.'/../Models/User.php');
class UserController {
private $userModel;
public function __construct() {
- $this->userModel = new UserModel();
+ $this->userModel = new \Server\Models\UserModel();
}
public function createUser($name, $username, $email, $hashedPass, $isAdmin) {
@@ -32,8 +33,15 @@ class UserController {
}
public function registerUser($name, $username, $email, $password, $isAdmin) {
- return $this->createUser($name, $username, $email, password_hash($password,PASSWORD_DEFAULT), $isAdmin);
+ $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
+
+ if ($hashedPassword === false) {
+ return ['success' => false, 'message' => 'Password hashing failed'];
+ }
+
+ return $this->createUser($name, $username, $email, $hashedPassword, $isAdmin);
}
+
public function loginByEmail($email,$password) {
$user = $this->userModel->getUserByEmail($email);
@@ -45,18 +53,6 @@ class UserController {
return "wrong credentials";
}
}
-
- public function loginByUsername($username,$password) {
- $user = $this->userModel->getUserByUsername($username);
- if ($user !== false && password_verify($password, $user['user_hashedPass'])) {
- session_start();
- $_SESSION["user_id"] = $user['user_ID'];
- return "success";
- } else {
- session_start();
- return "wrong credentials";
- }
- }
public function logout() {
session_start();
@@ -72,6 +68,90 @@ class UserController {
public function editProfile($user_id, $name, $username, $email) {
return $this->userModel->editProfile($user_id, $name, $username, $email);
}
+
+ public function loginview() {
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
+ // Check if the user is already logged in, redirect to home if true
+ if (isset($_SESSION['user_id'])) {
+ header("Location: /home");
+ ob_end_flush();
+ exit();
+ }
+
+ include (__DIR__.'/../../Client/pages/login/login.php');
+ }
+
+ public function login() {
+ // Check if the required parameters are set in the POST request
+ if (isset($_POST['loginIdentifier']) && isset($_POST['loginPassword'])) {
+ $emailOrUsername = $_POST['loginIdentifier'];
+ $password = $_POST['loginPassword'];
+
+ if (filter_var($emailOrUsername, FILTER_VALIDATE_EMAIL)) {
+ $user = $this->userModel->getUserByEmail($emailOrUsername);
+ } else {
+ $user = $this->userModel->getUserByUsername($emailOrUsername);
+ }
+
+ if ($user !== false) {
+ if (password_verify($password, $user['user_hashedpass'])) {
+ session_start();
+ $_SESSION["user_id"] = $user['user_id'];
+ header("Location: /home");
+ ob_end_flush();
+ exit();
+ } else {
+ session_start();
+ $_SESSION['message'] = "Wrong Password";
+ header("Location: /login");
+ ob_end_flush();
+ exit();
+ }
+ } else {
+ session_start();
+ $_SESSION['message'] = "Wrong credentials";
+ header("Location: /login");
+ ob_end_flush();
+ exit();
+ }
+ } else {
+ // Handle missing parameters
+ session_start();
+ $_SESSION['message'] = "Missing login parameters";
+ header("Location: /login");
+ ob_end_flush();
+ exit();
+ }
+ }
+
+ public function registerview() {
+ include (__DIR__."/../../Client/pages/login/register.php");
+ }
+
+ public function register() {
+ $userName = $_POST['userName'];
+ $userUsername = $_POST['userUsername'];
+ $userEmail = $_POST['userEmail'];
+ $userPassword = $_POST['userPassword'];
+ $isAdmin = isset($_POST['isAdmin']) ? 1 : 0;
+ $response = $this->registerUser($userName,$userUsername,$userEmail,$userPassword,$isAdmin);
+
+ $success = $response['success'];
+ if($success){
+ session_start();
+ $_SESSION['message'] = "You have successfully registered. Please log in";
+ header("Location:login");
+ ob_end_flush();
+ } else {
+ session_start();
+ $_SESSION['error_message'] = $response['message'];
+ header("Location:register");
+ ob_end_flush();
+ }
+ }
public function handleRequest() {
if (isset($_POST['userAction'])) {
diff --git a/src/Server/Models/Event.php b/src/Server/Models/Event.php
index a9c3285..85a9021 100644
--- a/src/Server/Models/Event.php
+++ b/src/Server/Models/Event.php
@@ -146,38 +146,31 @@ class EventModel extends Model {
public function searchEvents($searchQuery, $sortKey, $minStock) {
try {
- $sql = "SELECT * FROM events WHERE 1";
-
- if (!empty($searchQuery)) {
- $sql .= " AND (LOWER(event_name) LIKE CONCAT('%', :query, '%') OR LOWER(event_location) LIKE CONCAT('%', :query, '%'))";
- }
-
- if ($minStock !== null) {
- $sql .= " AND event_stock >= :minStock";
+ if ($minStock == null) {
+ $minStock = 0;
}
-
- if ($sortKey === 'name') {
- $sql .= " ORDER BY event_name ASC";
- } elseif ($sortKey === 'location') {
- $sql .= " ORDER BY event_location ASC";
+
+ $stmt = "SELECT * FROM events
+ WHERE (LOWER(event_name) LIKE LOWER(?) OR LOWER(event_location) LIKE LOWER(?))
+ AND event_stock >= ?";
+
+ if (!empty($sortKey)) {
+ $stmt .= " ORDER BY ";
+
+ if ($sortKey === 'name') {
+ $stmt .= "event_name ASC";
+ } elseif ($sortKey === 'location') {
+ $stmt .= "event_location ASC";
+ }
}
-
- $stmt = $this->database->prepare($sql);
-
- if (!empty($searchQuery)) {
- $lowerSearchQuery = strtolower("%" . $searchQuery . "%");
- $stmt->bindParam(':query', $lowerSearchQuery, PDO::PARAM_STR);
- }
-
- if ($minStock !== null) {
- $stmt->bindParam(':minStock', $minStock, PDO::PARAM_INT);
- }
-
- $stmt->execute();
-
- return $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+ $query = $this->database->prepare($stmt);
+ $query->execute(array('%'.$searchQuery.'%', '%'.$searchQuery.'%', $minStock));
+
+ return $query->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
throw new Exception("Error searching events: " . $e->getMessage());
}
}
+
}
diff --git a/src/Server/Models/User.php b/src/Server/Models/User.php
index 43d1dc9..818b24b 100644
--- a/src/Server/Models/User.php
+++ b/src/Server/Models/User.php
@@ -4,6 +4,9 @@ namespace Server\Models;
use PDO;
+include (__DIR__."/Model.php");
+
+
class UserModel extends Model {
public function createUser($name, $username, $email, $hashedPass, $isAdmin) {
$response = [
diff --git a/src/Server/Router/Router.php b/src/Server/Router/Router.php
index c6d4249..7849f64 100644
--- a/src/Server/Router/Router.php
+++ b/src/Server/Router/Router.php
@@ -39,16 +39,23 @@ class Router {
}
}
- if(is_string($callback)) {
+ if (is_string($callback)) {
$parts = explode('@', $callback);
- if(is_array($parts)) {
- $className = array_shift($parts);
+ if (is_array($parts)) {
+ $className = array_shift($parts);
+ $method = array_shift($parts);
+
+ // Check if the class exists before creating an instance
+ if (class_exists($className)) {
$handler = new $className;
-
- $method = array_shift($parts);
- $callback = [$handler, $method];
+
+ // Check if the method exists before setting the callback
+ if (method_exists($handler, $method)) {
+ $callback = [$handler, $method];
+ }
}
- }
+ }
+ }
if(!$callback) {
include 'Client/pages/Errors/NotFound.php';
diff --git a/src/Server/web.php b/src/Server/web.php
index 773e259..d3dbe64 100644
--- a/src/Server/web.php
+++ b/src/Server/web.php
@@ -2,43 +2,54 @@
declare(strict_types=1);
-namespace Server;
-
-include "Router/Router.php";
-include "Controllers/UserController.php";
-include "Controllers/EventsController.php";
+include (__DIR__."/Router/Router.php");
+include (__DIR__."/Controllers/UserController.php");
+include (__DIR__."/Controllers/EventController.php");
+include (__DIR__."/Controllers/HomeController.php");
$router = new \Server\Router\Router();
-function checkLoggedIn() {
- session_start();
- if (!isset($_SESSION['user_id'])) {
- header('Location: /login'); // Redirect to the login page if not logged in
- exit();
+function checkLoggedIn(): bool {
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
}
+ return isset($_SESSION['user_id']);
}
$router->get('/', function() {
header('Location: /home');
-
+ exit();
});
+// Routes for HomeController
+$router->get('/home', [new \Server\Controllers\HomeController(),'home']);
+
// Routes for UserController
-$router->get('/register', [checkLoggedIn, \Server\Controllers\UserController::class, 'registerview']);
-$router->post('/register', [checkLoggedIn, \Server\Controllers\UserController::class, 'register']);
-$router->post('/register/search-email', [checkLoggedIn, \Server\Controllers\UserController::class, 'findEmail']);
-$router->post('/register/search-username', [checkLoggedIn, \Server\Controllers\UserController::class, 'findByUsername']);
-$router->get('/login', [\Server\Controllers\UserController::class, 'loginview']);
-$router->post('/login', [\Server\Controllers\UserController::class, 'login']);
-$router->post('/logout', [checkLoggedIn, \Server\Controllers\UserController::class, 'logout']);
-$router->post('/profile', [checkLoggedIn, \Server\Controllers\UserController::class, 'viewProfile']);
-$router->post('/profile/edit', [checkLoggedIn, \Server\Controllers\UserController::class, 'editProfile']);
+$router->get('/register', [new \Server\Controllers\UserController(), 'registerview']);
+$router->post('/register', [new \Server\Controllers\UserController(), 'register']);
+$router->post('/register/search-email', [checkLoggedIn(), [new \Server\Controllers\UserController(), 'findEmail']]);
+$router->post('/register/search-username', [checkLoggedIn(), [new \Server\Controllers\UserController(), 'findByUsername']]);
+$router->get('/login', [new \Server\Controllers\UserController(), 'loginview']);
+$router->post('/login', [new \Server\Controllers\UserController(), 'login']);
+$router->post('/logout', function() {
+ // No need to checkLoggedIn() here, as users can access this even if not logged in
+ if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+ }
+ session_destroy();
+ header('Location: /login');
+ exit();
+});
+$router->post('/profile', [checkLoggedIn(), [new \Server\Controllers\UserController(), 'viewProfile']]);
+$router->post('/profile/edit', [checkLoggedIn(), [new \Server\Controllers\UserController(), 'editProfile']]);
// Routes for EventsController
-$router->get('/events', [checkLoggedIn, \Server\Controllers\EventsController::class, 'eventList10view']);
-$router->post('/events/create', [checkLoggedIn, \Server\Controllers\EventsController::class, 'createEvent']);
-$router->post('/events/update', [checkLoggedIn, \Server\Controllers\EventsController::class, 'updateEvent']);
-$router->post('/events/delete', [checkLoggedIn, \Server\Controllers\EventsController::class, 'deleteEvent']);
-$router->get('/events/search', [checkLoggedIn, \Server\Controllers\EventsController::class, 'searchview']);
+// $router->get('/events', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'eventList10view']]);
+// $router->post('/events/create', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'createEvent']]);
+// $router->post('/events/update', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'updateEvent']]);
+// $router->post('/events/delete', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'deleteEvent']]);
+// $router->get('/events/search', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'searchview']]);
$router->run();
diff --git a/src/index.php b/src/index.php
new file mode 100644
index 0000000..f6f970c
--- /dev/null
+++ b/src/index.php
@@ -0,0 +1,11 @@
+<?php
+declare(strict_types=1);
+
+if (session_status() == PHP_SESSION_NONE) {
+ // If a session is not already started, start a new one
+ session_start();
+}
+
+include 'Server/web.php';
+
+?>
--
GitLab