Create an insecure bank application
This commit is contained in:
61
webroot/lib/Controller/RegisterController.php
Normal file
61
webroot/lib/Controller/RegisterController.php
Normal file
@ -0,0 +1,61 @@
|
||||
<?php
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace Controller;
|
||||
|
||||
use Model\Session;
|
||||
use Model\User;
|
||||
use View\LoginRedirection;
|
||||
use View\RegisterPage;
|
||||
use View\Sendable;
|
||||
|
||||
class RegisterController extends RestrictedPageController
|
||||
{
|
||||
public function __construct()
|
||||
{
|
||||
parent::__construct('/register.php');
|
||||
}
|
||||
|
||||
protected function runLogic(): Sendable
|
||||
{
|
||||
$registerPage = new RegisterPage($this->context);
|
||||
if ($registerPage->formWasSent) {
|
||||
$registerPage->fieldUsername = trim($registerPage->fieldUsername);
|
||||
$error = false;
|
||||
|
||||
// check username
|
||||
if (empty($registerPage->fieldUsername)) {
|
||||
$registerPage->errorUsernameEmpty = true;
|
||||
$error = true;
|
||||
} elseif (iconv_strlen($registerPage->fieldUsername) > 20) {
|
||||
$registerPage->errorUsernameTooLong = true;
|
||||
$error = true;
|
||||
}
|
||||
|
||||
// check password
|
||||
if ($registerPage->fieldPassword != $registerPage->fieldRepeatPassword) {
|
||||
$registerPage->errorPasswordsMismatch = true;
|
||||
$error = true;
|
||||
} else if (empty($registerPage->fieldPassword)) {
|
||||
$registerPage->errorPasswordEmpty = true;
|
||||
$error = true;
|
||||
}
|
||||
|
||||
// create account
|
||||
if (!$error) {
|
||||
$pwHash = password_hash($registerPage->fieldPassword, PASSWORD_ARGON2ID);
|
||||
$user = User::create($registerPage->fieldUsername, $pwHash);
|
||||
if (!empty($user)) {
|
||||
$this->context->session = Session::create($user);
|
||||
return new LoginRedirection($this->context);
|
||||
} else {
|
||||
$registerPage->errorUsernameInUse = true;
|
||||
}
|
||||
}
|
||||
|
||||
return $registerPage;
|
||||
} else {
|
||||
return $registerPage;
|
||||
}
|
||||
}
|
||||
}
|
Reference in New Issue
Block a user