From e6a313f0ce599e14f2d6c55c8080582f0d539d10 Mon Sep 17 00:00:00 2001
From: vincent-peugnet <v.peugnet@free.fr>
Date: Sun, 23 Dec 2018 20:14:08 +0100
Subject: admin connect

---
 app/class/application.php       | 58 ++++++++++++++++++++++++++++++++---------
 app/class/controllerconnect.php |  4 ++-
 app/class/controllerhome.php    | 10 -------
 app/class/modeluser.php         | 38 +++++++++++++++++++--------
 4 files changed, 76 insertions(+), 34 deletions(-)

diff --git a/app/class/application.php b/app/class/application.php
index 4926a1b..d75df51 100644
--- a/app/class/application.php
+++ b/app/class/application.php
@@ -2,8 +2,13 @@
 
 class Application
 {
+    /**
+     * @var Modeluser
+     */
+    protected $usermanager;
+
     public function __construct() {
-        
+        $this->usermanager = new Modeluser();
     }
 
     public function wakeup()
@@ -21,22 +26,33 @@ class Application
                 header('Location: ./');
                 exit;
             }
+        } elseif(isset($_POST['userinit'])) {
+            $userdata = $_POST['userinit'];
+            $userdata['level'] = 10;
+            $user = new User($userdata);
+            $this->usermanager->add($user);
+            header('Location: ./');
+            exit;
+
         } else {
             if(Config::readconfig()) {
-                if(!Config::checkbasepath() || empty(Config::admin()) || empty(Config::arttable())) {
+                if(!Config::checkbasepath() || empty(Config::arttable())) {
                     echo '<ul>';
                     if(!Config::checkbasepath()) {
                         echo '<li>Wrong path</li>';
-                    } 
-                    if(empty(Config::admin())) {
-                        echo '<li>Wrong admin password</li>';
-                    } 
+                    }
                     if(empty(Config::arttable())) {
                         echo '<li>Unset table name</li>';
                     }
                     echo '</ul>';
                     $this->configform();
                     exit;
+                } else {
+                    if(!$this->usermanager->adminexist()) {
+                        echo 'missing admin user';
+                        $this->adminform();
+                        exit;
+                    }
                 }
             } else {
                 echo 'Missing config file';
@@ -64,18 +80,36 @@ class Application
         <p><i>Leave it empty if W-CMS is in your root folder, otherwise, indicate the subfolder(s) in witch you installed the CMS</i></p>
         </div>
         <div>
+        <h2>
+        <label for="arttable">Name of your database table</label>
+        </h2>
+        <input type="text" name="configinit[arttable]"  value="<?= Config::arttable() ?>" id="arttable">
+        <p><i>Set the name of the first folder that is going to store all your work</i></p>
+        </div>
+        <input type="submit" value="set">
+        </form>
+
+        <?php
+    }
+
+    public function adminform()
+    {
+        ?>
+
+        <form action="" method="post">
         <div>
         <h2>
-        <label for="admin">Admin Password</label>
+        <label for="id">Your identifiant</label>
         </h2>
-        <input type="password" name="configinit[admin]" value="<?= Config::admin() ?>" id="admin" minlength="4" maxlength="64">
-        <p><i>The main password for administration, you can change it later.</i></p>
+        <input type="text" name="userinit[id]" value="<?= Config::admin() ?>" id="admin" maxlength="64">
+        <p><i>Your user id as the first administrator.</i></p>
         </div>
+        <div>
         <h2>
-        <label for="arttable">Name of your database table</label>
+        <label for="password">Your password</label>
         </h2>
-        <input type="text" name="configinit[arttable]"  value="<?= Config::arttable() ?>" id="arttable">
-        <p><i>Set the name of the first folder that is going to store all your work</i></p>
+        <input type="password" name="userinit[password]" value="<?= Config::admin() ?>" id="admin" minlength="4" maxlength="64">
+        <p><i>Your user passworder as first administrator.</i></p>
         </div>
         <input type="submit" value="set">
         </form>
diff --git a/app/class/controllerconnect.php b/app/class/controllerconnect.php
index dd06933..355de1d 100644
--- a/app/class/controllerconnect.php
+++ b/app/class/controllerconnect.php
@@ -34,7 +34,9 @@ class Controllerconnect extends Controller
     {
         if (isset($_POST['pass'])) {
             $this->user = $this->usermanager->login($_POST['pass']);
-            $this->usermanager->writesession($this->user);
+            if($this->user != false) {
+                $this->usermanager->writesession($this->user);
+            }
         }
         if (!empty($id)) {
             $this->routedirect('artread/', ['art' => $id]);
diff --git a/app/class/controllerhome.php b/app/class/controllerhome.php
index c9ae8d4..caeb652 100644
--- a/app/class/controllerhome.php
+++ b/app/class/controllerhome.php
@@ -32,16 +32,6 @@ class Controllerhome extends Controller
 
     }
 
-    public function analyseall()
-    {
-        if($this->user->level() >= Modeluser::EDITOR) {
-            $scan = new Modelanalyse;
-            $scan->analyseall();
-            $this->redirect('./');
-
-        }
-    }
-
     public function massedit()
     {
         echo '<h2>Mass Edit</h2>';
diff --git a/app/class/modeluser.php b/app/class/modeluser.php
index e9474e0..3a5e9f0 100644
--- a/app/class/modeluser.php
+++ b/app/class/modeluser.php
@@ -33,22 +33,25 @@ class Modeluser extends Modeldb
 
     public function login($pass)
     {
-        $user = new User(['level' => $this->passlevel($pass)]);
-        return $user;
+        $passlevel = $this->passlevel($pass);
+        if($passlevel != false) {
+            $user = new User($passlevel);
+            return $user;
+        } else {
+            return false;
+        }
     }
 
     public function passlevel($pass)
     {
-        if (strip_tags($pass) == Config::admin()) {
-            return $level = self::ADMIN;
-        } elseif (strip_tags($pass) == Config::read()) {
-            return $level = self::READ;
-        } elseif (strip_tags($pass) == Config::editor()) {
-            return $level = self::EDITOR;
-        } elseif ($this->invitetest(strip_tags($pass))) {
-            return $level = self::INVITE;
+        $userdatalist = $this->repo->query()
+		->where('password', '==', $pass)
+        ->execute();
+        
+        if($userdatalist->total() === 1) {
+            return $userdatalist[0];
         } else {
-            return $level = self::FREE;
+            return 0;
         }
     }
 
@@ -93,6 +96,19 @@ class Modeluser extends Modeldb
 		}
 		return $userlist;
     }
+
+    public function adminexist()
+    {
+        $userdatalist = $this->repo->query()
+		->where('level', '==', 10)
+		->execute();
+
+        if($userdatalist->total() === 0) {
+            return false;
+        } else {
+            return true;
+        }
+    }
     
     public function add(User $user)
 	{
-- 
cgit v1.2.3