coderkun/questlab
1
0
Fork 0
Code Issues 15 Pull requests Projects Releases Wiki Activity

add validation to UsersController and let users change their own data and add breadcrumbs to user pages

Browse source
This commit is contained in:
coderkun 2014-05-01 03:22:02 +02:00
commit 231d13538e
8 changed files with 312 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

127
controllers/UsersController.inc
View file

@ -28,7 +28,7 @@
'index' => array('admin', 'moderator'),
'user' => array('admin', 'moderator', 'user'),
'create' => array('admin', 'moderator'),
'edit' => array('admin', 'moderator'),
'edit' => array('admin', 'moderator', 'user'),
'delete' => array('admin')
);
/**
@ -245,21 +245,61 @@
*/
public function create()
{
// Values
$username = '';
$prename = '';
$surname = '';
$email = '';
$fields = array('username', 'prename', 'surname', 'email', 'password');
$validation = array();
// Create new user
if($this->request->getRequestMethod() == 'POST' && !is_null($this->request->getPostParam('create')))
{
// Create new user
$userId = $this->Users->createUser(
$this->request->getPostParam('username'),
$this->request->getPostParam('prename'),
$this->request->getPostParam('surname'),
$this->request->getPostParam('email'),
$this->request->getPostParam('password')
);
// Get params and validate them
$validation = $this->Validation->validateParams($this->request->getPostParams(), $fields);
$username = $this->request->getPostParam('username');
if($this->Users->usernameExists($username)) {
$validation = $this->Validation->addValidationResult($validation, 'username', 'exist', true);
}
$prename = $this->request->getPostParam('prename');
$surname = $this->request->getPostParam('surname');
$email = $this->request->getPostParam('email');
if($this->Users->emailExists($email)) {
$validation = $this->Validation->addValidationResult($validation, 'email', 'exist', true);
}
// Redirect to user
$user = $this->Users->getUserById($userId);
$this->redirect($this->linker->link(array($user['url']), 1));
// Create
if($validation === true)
{
$userId = $this->Users->createUser(
$this->request->getPostParam('username'),
$this->request->getPostParam('prename'),
$this->request->getPostParam('surname'),
$this->request->getPostParam('email'),
$this->request->getPostParam('password')
);
// Redirect to user
$user = $this->Users->getUserById($userId);
$this->redirect($this->linker->link(array($user['url']), 1));
}
}
// Get validation settings
$validationSettings = array();
foreach($fields as &$field) {
$validationSettings[$field] = \nre\configs\AppConfig::$validation[$field];
}
// Pass data to view
$this->set('username', $username);
$this->set('prename', $prename);
$this->set('surname', $surname);
$this->set('email', $email);
$this->set('validation', $validation);
$this->set('validationSettings', $validationSettings);
}
@ -276,32 +316,77 @@
// User
$user = $this->Users->getUserByUrl($userUrl);
// Check request method
if($this->request->getRequestMethod() == 'POST')
// Check permissions
if(count(array_intersect(array('admin','moderator'), \hhu\z\controllers\IntermediateController::$user['roles'])) == 0 && $user['id'] != \hhu\z\controllers\IntermediateController::$user['id']) {
throw new \nre\exceptions\AccessDeniedException();
}
// Values
$username = $user['username'];
$prename = $user['prename'];
$surname = $user['surname'];
$email = $user['email'];
$fields = array('username', 'prename', 'surname', 'email');
$validation = array();
// Edit user
if($this->request->getRequestMethod() == 'POST' && !is_null($this->request->getPostParam('save')))
{
// Get params and validate them
$validation = $this->Validation->validateParams($this->request->getPostParams(), $fields);
$username = $this->request->getPostParam('username');
if($this->Users->usernameExists($username, $user['id'])) {
$validation = $this->Validation->addValidationResult($validation, 'username', 'exist', true);
}
if(!empty($this->request->getPostParam('password'))) {
$validation = $this->Validation->addValidationResults($validation,
'password',
$this->Validation->validateParam(
$this->request->getPostParams(),
'password'
)
);
}
$prename = $this->request->getPostParam('prename');
$surname = $this->request->getPostParam('surname');
$email = $this->request->getPostParam('email');
if($this->Users->emailExists($email, $user['id'])) {
$validation = $this->Validation->addValidationResult($validation, 'email', 'exist', true);
}
// Save changes
if(!is_null($this->request->getPostParam('save')))
if($validation === true)
{
// Edit user
$this->Users->editUser(
$user['id'],
$this->request->getPostParam('username'),
(count(array_intersect(array('admin','moderator'),\hhu\z\controllers\IntermediateController::$user['roles'])) > 0) ? $this->request->getPostParam('username') : $user['username'],
$this->request->getPostParam('prename'),
$this->request->getPostParam('surname'),
$this->request->getPostParam('email'),
$this->request->getPostParam('password')
);
// Redirect to entry
$user = $this->Users->getUserById($user['id']);
$this->redirect($this->linker->link(array('user', $user['url']), 1));
}
// Redirect to entry
$this->redirect($this->linker->link(array($user['url']), 1));
}
// Get validation settings
$validationSettings = array();
foreach($fields as &$field) {
$validationSettings[$field] = \nre\configs\AppConfig::$validation[$field];
}
// Pass data to view
$this->set('user', $user);
$this->set('username', $username);
$this->set('prename', $prename);
$this->set('surname', $surname);
$this->set('email', $email);
$this->set('validation', $validation);
$this->set('validationSettings', $validationSettings);
}

20
models/UsersModel.inc
View file

@ -149,24 +149,22 @@
* Check if an username already exists.
*
* @param string $username Username to check
* @param int $userId Do not check this ID (for editing)
* @return boolean Whether username exists or not
*/
public function usernameExists($username)
public function usernameExists($username, $userId=null)
{
$data = $this->db->query(
'SELECT count(id) AS c '.
'SELECT id '.
'FROM users '.
'WHERE username = ? OR url = ?',
'ss',
$username,
\nre\core\Linker::createLinkParam($username)
);
if(!empty($data)) {
return ($data[0]['c'] > 0);
}
return false;
return (!empty($data) && (is_null($userId) || $userId != $data[0]['id']));
}
@ -174,23 +172,21 @@
* Check if an email address already exists.
*
* @param string $email Email address to check
* @param int $userId Do not check this ID (for editing)
* @return boolean Whether email address exists or not
*/
public function emailExists($email)
public function emailExists($email, $userId=null)
{
$data = $this->db->query(
'SELECT count(id) AS c '.
'SELECT id '.
'FROM users '.
'WHERE email = ?',
's',
$email
);
if(!empty($data)) {
return ($data[0]['c'] > 0);
}
return false;
return (!empty($data) && (is_null($userId) || $userId != $data[0]['id']));
}

92
views/html/users/create.tpl
View file

@ -1,21 +1,97 @@
<div class="moodpic">
<img src="<?=$linker->link(array('grafics','questlab.jpg'))?>" />
</div>
<h1><?=_('Users')?></h1>
<h2><?=_('New user')?></h2>
<ul class="breadcrumbs">
<li><a href="<?=$linker->link('index',1)?>"><?=_('Users')?></a></li>
</ul>
<form method="post" action="<?=$linker->link('create', 1)?>" class="logreg">
<h1><?=_('New user')?></h1>
<?php if($validation !== true) : ?>
<ul>
<?php foreach($validation as $field => &$settings) : ?>
<li>
<ul>
<?php foreach($settings as $setting => $value) : ?>
<li>
<?php switch($field) {
case 'username':
switch($setting) {
case 'minlength': printf(_('Username is too short (min. %d chars)'), $value);
break;
case 'maxlength': printf(_('Username is too long (max. %d chars)'), $value);
break;
case 'regex': echo _('Username contains illegal characters');
break;
case 'exist': echo _('Username already exists');
break;
default: echo _('Username invalid');
}
break;
case 'prename':
switch($setting) {
case 'minlength': printf(_('Prename is too short (min. %d chars)'), $value);
break;
case 'maxlength': printf(_('Prename is too long (max. %d chars)'), $value);
break;
case 'regex': printf(_('Prename contains illegal characters'));
break;
default: echo _('Prename invalid');
}
break;
case 'surname':
switch($setting) {
case 'minlength': printf(_('Surname is too short (min. %d chars)'), $value);
break;
case 'maxlength': printf(_('Surname is too long (max. %d chars)'), $value);
break;
case 'regex': printf(_('Surname contains illegal characters'));
break;
default: echo _('Surname invalid');
}
break;
case 'email':
switch($setting) {
case 'regex': echo _('Email address invalid');
break;
case 'exist': echo _('Email address already exists');
break;
default: echo _('Email address invalid');
}
break;
case 'password':
switch($setting) {
case 'minlength': printf(_('Password is too short (min. %d chars)'), $value);
break;
case 'maxlength': printf(_('Password is too long (max. %d chars)'), $value);
break;
default: echo _('Password invalid');
}
break;
default:
echo $exception->getMessage();
break;
} ?>
</li>
<?php endforeach ?>
</ul>
</li>
<?php endforeach ?>
</ul>
<?php endif ?>
<form method="post" class="logreg">
<fieldset>
<fieldset>
<label for="username"><?=_('Username')?>:</label>
<input type="text" name="username" placeholder="<?=_('Username')?>" /><br />
<input name="username" type="text" placeholder="<?=_('Username')?>" title="<?=_('Username')?>" required="required" maxlength="<?=$validationSettings['username']['maxlength']?>" value="<?=$username?>" <?=(array_key_exists('username', $validation)) ? 'class="invalid"' : null?> /><br />
<label for="prename"><?=_('Prename')?>:</label>
<input name="prename" type="text" placeholder="<?=_('Prename')?>" /><br />
<input name="prename" type="text" placeholder="<?=_('Prename')?>" title="<?=_('Prename')?>" required="required" maxlength="<?=$validationSettings['prename']['maxlength']?>" value="<?=$prename?>" <?=(array_key_exists('prename', $validation)) ? 'class="invalid"' : null?> /><br />
<label for="surname"><?=_('Surname')?>:</label>
<input name="surname" type="text" placeholder="<?=_('Surname')?>" /><br />
<input name="surname" type="text" placeholder="<?=_('Surname')?>" title="<?=_('Surname')?>" required="required" maxlength="<?=$validationSettings['surname']['maxlength']?>" value="<?=$surname?>" <?=(array_key_exists('surname', $validation)) ? 'class="invalid"' : null?> /><br />
<label for="email"><?=_('Email address')?>:</label>
<input type="email" name="email" placeholder="<?=_('Email address')?>" /><br />
<input name="email" type="email" placeholder="<?=_('Email address')?>" title="<?=_('Email address')?>" required="required" value="<?=$email?>" <?=(array_key_exists('email', $validation)) ? 'class="invalid"' : null?> /><br />
<label for="password"><?=_('Password')?>:</label>
<input type="password" name="password" placeholder="<?=_('Password')?>" /><br />
<input name="password" type="password" placeholder="<?=_('Password')?>" title="<?=_('Password')?>" required="required" maxlength="<?=$validationSettings['password']['maxlength']?>" <?=(array_key_exists('password', $validation)) ? 'class="invalid"' : null?> /><br />
</fieldset>
</fieldset>
<input type="submit" name="create" value="<?=_('create')?>" />
</form>

6
views/html/users/delete.tpl
View file

@ -1,9 +1,11 @@
<div class="moodpic">
<img src="<?=$linker->link(array('grafics','questlab.jpg'))?>" />
</div>
<h1><?=_('Users')?></h1>
<h2><?=_('Delete user')?></h2>
<ul class="breadcrumbs">
<li><a href="<?=$linker->link('index',1)?>"><?=_('Users')?></a></li>
</ul>
<h1><?=_('Delete user')?></h1>
<?=sprintf(_('Should the user “%s” (%s) really be deleted?'), $user['username'], $user['email'])?>
<form method="post">
<input type="submit" name="delete" value="<?=_('delete')?>" />

98
views/html/users/edit.tpl
View file

@ -1,20 +1,104 @@
<div class="moodpic">
<img src="<?=$linker->link(array('grafics','questlab.jpg'))?>" />
</div>
<h1><?=_('Users')?></h1>
<h2><?=_('Edit user')?></h2>
<ul class="breadcrumbs">
<?php if(count(array_intersect(array('admin','moderator'),\hhu\z\controllers\IntermediateController::$user['roles'])) > 0) : ?>
<li><a href="<?=$linker->link('index',1)?>"><?=_('Users')?></a></li>
<?php else : ?>
<li><?=_('Users')?></li>
<?php endif ?>
</ul>
<h1><?=_('Edit user')?></h1>
<?php if($validation !== true) : ?>
<ul>
<?php foreach($validation as $field => &$settings) : ?>
<li>
<ul>
<?php foreach($settings as $setting => $value) : ?>
<li>
<?php switch($field) {
case 'username':
switch($setting) {
case 'minlength': printf(_('Username is too short (min. %d chars)'), $value);
break;
case 'maxlength': printf(_('Username is too long (max. %d chars)'), $value);
break;
case 'regex': echo _('Username contains illegal characters');
break;
case 'exist': echo _('Username already exists');
break;
default: echo _('Username invalid');
}
break;
case 'prename':
switch($setting) {
case 'minlength': printf(_('Prename is too short (min. %d chars)'), $value);
break;
case 'maxlength': printf(_('Prename is too long (max. %d chars)'), $value);
break;
case 'regex': printf(_('Prename contains illegal characters'));
break;
default: echo _('Prename invalid');
}
break;
case 'surname':
switch($setting) {
case 'minlength': printf(_('Surname is too short (min. %d chars)'), $value);
break;
case 'maxlength': printf(_('Surname is too long (max. %d chars)'), $value);
break;
case 'regex': printf(_('Surname contains illegal characters'));
break;
default: echo _('Surname invalid');
}
break;
case 'email':
switch($setting) {
case 'regex': echo _('Email address invalid');
break;
case 'exist': echo _('Email address already exists');
break;
default: echo _('Email address invalid');
}
break;
case 'password':
switch($setting) {
case 'minlength': printf(_('Password is too short (min. %d chars)'), $value);
break;
case 'maxlength': printf(_('Password is too long (max. %d chars)'), $value);
break;
default: echo _('Password invalid');
}
break;
default:
echo $exception->getMessage();
break;
} ?>
</li>
<?php endforeach ?>
</ul>
</li>
<?php endforeach ?>
</ul>
<?php endif ?>
<form method="post" class="logreg">
<fieldset>
<label for="username"><?=_('Username')?>:</label>
<input type="text" name="username" placeholder="<?=_('Username')?>" value="<?=$user['username']?>" /><br />
<label for="prename"><?=_('Prename')?>:</label> <input name="prename" type="text" placeholder="<?=_('Prename')?>" value="<?=$user['prename']?>" /><br />
<?php if(count(array_intersect(array('admin','moderator'),\hhu\z\controllers\IntermediateController::$user['roles'])) > 0) : ?>
<input name="username" type="text" placeholder="<?=_('Username')?>" title="<?=_('Username')?>" value="<?=$username?>" required="required" maxlength="<?=$validationSettings['username']['maxlength']?>" <?=(array_key_exists('username', $validation)) ? 'class="invalid"' : null ?> />
<?php else : ?>
<input name="username" type="text" placeholder="<?=_('Username')?>" title="<?=_('Username')?>" value="<?=$username?>" disabled="disabled" />
<input type="hidden" name="username" value="<?=$username?>" />
<?php endif ?><br />
<label for="prename"><?=_('Prename')?>:</label>
<input name="prename" type="text" placeholder="<?=_('Prename')?>" title="<?=_('Prename')?>" required="required" maxlength="<?=$validationSettings['prename']['maxlength']?>" value="<?=$prename?>" <?=(array_key_exists('prename', $validation)) ? 'class="invalid"' : null?> /><br />
<label for="surname"><?=_('Surname')?>:</label>
<input name="surname" type="text" placeholder="<?=_('Surname')?>" value="<?=$user['surname']?>" /><br />
<input name="surname" type="text" placeholder="<?=_('Surname')?>" title="<?=_('Surname')?>" required="required" maxlength="<?=$validationSettings['surname']['maxlength']?>" value="<?=$surname?>" <?=(array_key_exists('surname', $validation)) ? 'class="invalid"' : null?> /><br />
<label for="email"><?=_('Email address')?>:</label>
<input type="email" name="email" placeholder="<?=_('Email address')?>" value="<?=$user['email']?>" /><br />
<input name="email" type="email" placeholder="<?=_('Email address')?>" title="<?=_('Email address')?>" required="required" value="<?=$email?>" <?=(array_key_exists('email', $validation)) ? 'class="invalid"' : null?> /><br />
<label for="password"><?=_('Password')?>:</label>
<input type="password" name="password" placeholder="<?=_('Password')?>" /><br />
<input name="password" type="password" placeholder="<?=_('Password')?>" title="<?=_('Password')?>" maxlength="<?=$validationSettings['password']['maxlength']?>" <?=(array_key_exists('password', $validation)) ? 'class="invalid"' : null?> /><br />
</fieldset>
<input type="submit" name="save" value="<?=_('save')?>" />
</form>

2
views/html/users/login.tpl
View file

@ -7,7 +7,7 @@
<?php if($failed) : ?>
<p class="invalid"><?=_('Login failed')?>.</p>
<?php endif ?>
<form method="post" action="<?=$linker->link(array(), 2)?>" class="logreg">
<form method="post" class="logreg">
<fieldset>
<label for="username"><?=_('Username')?>:</label>
<input name="username" type="text" placeholder="<?=_('Username')?>" value="<?=$username?>" required="required" autofocus="autofocus" /><br />

8
views/html/users/register.tpl
View file

@ -1,9 +1,11 @@
<div class="moodpic">
<img src="<?=$linker->link(array('grafics','questlab.jpg'))?>" />
</div>
<h1><?=_('Users')?></h1>
<ul class="breadcrumbs">
<li><?=_('Users')?></li>
</ul>
<h2><?=_('Registration')?></h2>
<h1><?=_('Registration')?></h1>
<?php if($validation !== true) : ?>
<ul>
<?php foreach($validation as $field => &$settings) : ?>
@ -76,7 +78,7 @@
<?php endforeach ?>
</ul>
<?php endif ?>
<form method="post" action="<?=$linker->link(array(), 2)?>" class="logreg">
<form method="post" class="logreg">
<fieldset>
<label for="username"><?=_('Username')?>:</label>
<input name="username" type="text" placeholder="<?=_('Username')?>" title="<?=_('Username')?>" required="required" maxlength="<?=$validationSettings['username']['maxlength']?>" value="<?=$username?>" <?=(array_key_exists('username', $validation)) ? 'class="invalid"' : null?> /><br />

17
views/html/users/user.tpl
View file

@ -1,14 +1,23 @@
<div class="moodpic">
<img src="<?=$linker->link(array('grafics','questlab.jpg'))?>" />
</div>
<h1><?=_('Users')?></h1>
<?php if(count(array_intersect(array('admin','moderator'),\hhu\z\controllers\IntermediateController::$user['roles'])) > 0) : ?>
<ul class="breadcrumbs">
<?php if(count(array_intersect(array('admin','moderator'),\hhu\z\controllers\IntermediateController::$user['roles'])) > 0) : ?>
<li><a href="<?=$linker->link('index',1)?>"><?=_('Users')?></a></li>
<?php else : ?>
<li><?=_('Users')?></li>
<?php endif ?>
</ul>
<h1><?=$user['username']?></h1>
<nav class="admin">
<?php if(count(array_intersect(array('admin','moderator'),\hhu\z\controllers\IntermediateController::$user['roles'])) > 0 || $user['id'] == \hhu\z\controllers\IntermediateController::$user['id']) : ?>
<li><a href="<?=$linker->link('edit', 3)?>"><?=_('Edit user')?></a></li>
<?php endif ?>
<?php if(count(array_intersect(array('admin','moderator'),\hhu\z\controllers\IntermediateController::$user['roles'])) > 0) : ?>
<li><a href="<?=$linker->link('delete', 3)?>"><?=_('Delete user')?></a></li>
<?php endif ?>
</nav>
<?php endif ?>
<h2><?=$user['username']?></h2>
<p>
<?=sprintf(_('registered on %s'), $dateFormatter->format(new \DateTime($user['created'])))?><br />
<?=_('Name')?>: <?=$user['prename']?> <?=$user['surname']?><br />