Added Posts

Author: davepartner

.htaccess

@@ -1,8 +1,11 @@
+# Uncomment the following to prevent the httpoxy vulnerability
+# See: https://httpoxy.org/
+#<IfModule mod_headers.c>
+#    RequestHeader unset Proxy
+#</IfModule>
+
 <IfModule mod_rewrite.c>
-	RewriteEngine on
-	# Uncomment if you have a .well-known directory in the root folder, e.g. for the Let's Encrypt challenge
-	# https://tools.ietf.org/html/rfc5785
-	#RewriteRule ^(\.well-known/.*)$ $1 [L]
-	RewriteRule ^$ public/ [L]
-	RewriteRule (.*) public/$1 [L]
+    RewriteEngine on
+    RewriteRule    ^$    public/    [L]
+    RewriteRule    (.*) public/$1    [L]
 </IfModule>

app/Controllers/Auth/AuthController.php

@@ -21,41 +21,40 @@ public function getSignout(){
 
 	}
 
-	/**
-	* Display sign in page
-	* 
-	* @return
-	*/
-	public function getSignin($request , $response){
-	
-	return $this->view->render($response,'auth/signin.twig');
-	}
+
 
 	/**
 	* Display sign in page
 	* 
 	* @return
 	*/
-	public function postSignin($request, $response){
+	public function signin($request, $response){
 
-		$auth = $this->auth->attempt(
-			$request->getParam('email'),
-			$request->getParam('password')
-		);
-		
-		if(!$auth){
-			$this->flash->addMessage('error', 'Login Failed!'); //You can also use error, info, warning
-		
-			return $response->withRedirect($this->router->pathFor('auth.signin'));
-		};
-		
-		$this->flash->addMessage('success', 'Logiin successful!'); //You can also use error, info, warning
+		if($request->isPost()){
+
+			//Attempt to log user in
+				$auth = $this->auth->attempt(
+					$request->getParam('email'),
+					$request->getParam('password')
+				);
+			
+			//if login fails
+			if(!$auth){
+				$this->flash->addMessage('error', 'Login Failed!'); //You can also use error, info, warning
+				return $response->withRedirect($this->router->pathFor('auth.signin'));
+			};
+			
+			$this->flash->addMessage('success', 'Login successful!'); //You can also use error, info, warning
+			
+			return $response->withRedirect($this->router->pathFor('home'));
+		}
+
+		return $this->view->render($response,'auth/signin.twig');
 
-		return $response->withRedirect($this->router->pathFor('home'));
 	}
 
 	/**
-	* Render Signin view
+	* Render Signin up
 	* @param get $request
 	* 
 	* 
@@ -89,7 +88,7 @@ public function postSignup($request , $response){
 
 		//redirect if validation fails
 		if($validation->failed()){
-			$this->flash->addMessage('error', 'Signup Failed'); //You can also use error, info, warning
+			$this->flash->addMessage('error', 'Signup Failed!'); //You can also use error, info, warning
 
 			return $response->withRedirect($this->router->pathFor('auth.signup')); 
 		}
@@ -100,7 +99,7 @@ public function postSignup($request , $response){
 			'last_name' => $request->getParam('last_name'),
 			'email' => $request->getParam('email'),
 			//harsh password with PHPs inbuilt password harsher
-			'password' => password_hash($request->getParam('email'), PASSWORD_DEFAULT) //PASSWORD_BCRYPT is also available
+			'password' => password_hash($request->getParam('password'), PASSWORD_DEFAULT) //PASSWORD_BCRYPT is also available
 		]);
 
 		$this->flash->addMessage('success', 'Signup successful'); //You can also use error, info, warning

app/Controllers/Auth/PasswordController.php

@@ -10,10 +10,7 @@
 */
 class PasswordController extends Controller{
 
-	public function getChangePassword($request , $response){
-		
-		return $this->view->render($response, 'auth/password/change.twig');	
-	}
+	
 
 	/**
 	* 
@@ -22,35 +19,48 @@ public function getChangePassword($request , $response){
 	* 
 	* @return
 	*/
-	public function postChangePassword(($request , $response){
+	public function changePassword($request , $response){
 
-		/**
-		* validate input before submission
-		* @var 
-		* 
-		*/ 
-		$validation = $this->validator->validate($request, [	
-			'old_password' => v::notEmpty()->matchesPassword($this->auth->user()->password),	//from the custom validation rule defined in App\Validation\Rules and Exception
-			'password' => v::notEmpty(),	
-		]);
-		
-		//redirect if validation fails
-		if($validation->failed()){
-			$this->flash->addMessage('error', 'Password Change Attempt Failed'); //You can also use error, info, warning
-		
-			return $response->withRedirect($this->router->pathFor('auth.password.change')); 
-		}
-		
+
+			if($request->isPost()){
+					/**
+						* validate input before submission
+						* @var 
+						* 
+						*/ 
+						$validation = $this->validator->validate($request, [	
+							'old_password' => v::notEmpty()->matchesPassword($this->auth->user()->password),	//from the custom validation rule defined in App\Validation\Rules and Exception
+							'new_password1' => v::notEmpty()->fieldsMatch($request->getParam('new_password2'), $request->getParam('new_password1')),	
+							'new_password2' => v::notEmpty(),
+						]);
+						
+						//redirect if validation fails
+						if($validation->failed()){
+							$this->flash->addMessage('error', 'Password Change Attempt Failed'); //You can also use error, info, warning
+						
+							return $response->withRedirect($this->router->pathFor('auth.password.change')); 
+						}
+
+						$this->auth->user()->setPassword($request->getParam('new_password1'));
+					
+						$this->flash->addMessage('success', 'Password change successful');
+						
+						
+						return $response->withRedirect($this->router->pathFor('home'));
 
-		$this->auth->user()->setPassword($request->getParam('password'));
+			}
 
-		$this->flash->addMessage('success', 'Password change successful'); //You can also use error, info, warning
-		
-		
-		
-		
-		return $response->withRedirect($this->router->pathFor('home'));
-		
+		return $this->view->render($response, 'auth/password/change.twig');	
 
 	}
+
+	/**
+	* Method to reset password for users who are logged out
+	*/
+	public function resetPassword(){
+		// There are many ways to do this, but the way we will use here is
+		// 1. Generate Random Password
+		// 2. Encrypt it and update the database
+		// 2. Send email containing the new password to the user
+	}
 }

app/Controllers/HomeController.php

@@ -14,4 +14,9 @@ public function index($request, $response){
 	return $this->view->render($response,'home.twig');
 	}
 
+
+	public function about($request, $response){
+	
+	return $this->view->render($response,'about.twig');
+	}
 }

app/Controllers/PostsController.php

@@ -0,0 +1,159 @@
+<?php
+
+namespace App\Controllers;
+use App\Controllers\Controller;
+use App\Models\User;
+use Respect\Validation\Validator as v; 
+use App\Models\Post;
+
+class PostsController extends Controller{
+	
+	/**
+	* List all users
+	* 
+	* @return
+	*/
+	public function index($request, $response,  $args){
+
+        //find all posts
+        if(isset($args['user_id'])){
+            $posts = Post::where('user_id',$args['user_id'] )->get();
+             //get the user's details
+	          $user = User::find($args['user_id']);
+
+              return $this->view->render($response,'posts/index.twig', ['posts'=>$posts, 'user'=>$user]);
+        }else{
+            $posts = Post::all();
+            return $this->view->render($response,'posts/index.twig', ['posts'=>$posts]);
+        }
+
+	}
+
+
+
+	/**
+	* Display a post
+	* 
+	* @return
+	*/
+	public function view($request, $response, $args){
+	
+	    $post = Post::find( $args['id']);
+		
+		return $this->view->render($response,'posts/view.twig', ['post'=>$post]);
+		
+	}
+
+
+	
+	/**
+	* Create A New Post
+	* 
+	* @return
+	*/
+	public function add($request, $response,  $args){
+	
+        if($request->isPost()){
+           
+            /**
+            * validate input before submission
+            * @var 
+            * 
+            */ 
+            $validation = $this->validator->validate($request, [
+                'title' => v::notEmpty(),	
+                'body' => v::notEmpty(),	
+            ]);
+
+
+		//redirect if validation fails
+		if($validation->failed()){
+			$this->flash->addMessage('error', 'Validation Failed!'); 
+		
+			return $response->withRedirect($this->router->pathFor('posts/add.twig')); 
+		}
+		
+            $post = Post::create([
+                'title' => $request->getParam('title'),
+                'body' => $request->getParam('body'),
+                'user_id' => $this->auth->user()->id,
+            ]);
+
+                $this->flash->addMessage('success', 'Post Added Successfully');
+                //redirect to eg. posts/view/8 
+                return $response->withRedirect($this->router->pathFor('posts.view', ['id'=>$post->id]));
+           
+        }
+		return $this->view->render($response,'posts/add.twig');
+		
+	}
+
+    
+	
+	/**
+	* Edit post
+	* 
+	* @return
+	*/
+	public function edit($request, $response,  $args){
+	
+              //find the post
+            $post = Post::find( $args['id']);
+
+			//only admin and the person that created the post can edit or delete it.
+			if(($this->auth->user()->id != $post->user_id) OR ($this->auth->user()->role_id < 3) ){
+                
+			$this->flash->addMessage('error', 'You are not allowed to perform this action!'); 
+		
+			return $this->view->render($response,'posts/edit.twig', ['post'=>$post]);
+
+			}
+
+        //if form was submitted
+        if($request->isPost()){
+        
+         $validation = $this->validator->validate($request, [
+                'title' => v::notEmpty(),	
+                'body' => v::notEmpty(),	
+            ]);
+        //redirect if validation fails
+		if($validation->failed()){
+			$this->flash->addMessage('error', 'Validation Failed!'); 
+		
+			return $this->view->render($response,'posts/edit.twig', ['post'=>$post]);
+		}
+		
+            //save Data
+            $post =  Post::where('id', $args['id'])
+                            ->update([
+                                'title' => $request->getParam('title'),
+                                'body' => $request->getParam('body')
+                                ]);
+            
+            if($post){
+                $this->flash->addMessage('success', 'Post Updated Successfully');
+                //redirect to eg. posts/view/8 
+                return $response->withRedirect($this->router->pathFor('posts.view', ['id'=>$args['id']]));
+            }
+        }
+        
+	    
+		return $this->view->render($response,'posts/edit.twig', ['post'=>$post]);
+		
+	}
+
+
+/**
+	* Delete a post
+	* 
+	* @return
+	*/
+	public function delete($request, $response,  $args){
+		$user = Post::find( $args['id']);
+		if($user->delete()){
+			$this->flash->addMessage('success', 'Post Deleted Successfully');
+			return $response->withRedirect($this->router->pathFor('posts.index', ['user_id'=>$this->auth->user()->id]));
+		}
+	}
+
+}