-
Moreau Elise authoredMoreau Elise authored
ModifyUserAction.php 2.65 KiB
<?php
declare(strict_types=1);
namespace App\Application\Actions\User;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use App\Domain\User\User ;
use DateTime;
class ModifyUserAction extends UserAction
{
/**
* {@inheritdoc}
*/
protected function action(): Response
{
$parsedRequestBody = (array)$this->request->getParsedBody();
$username = $this->checkvalue($parsedRequestBody['username']);
$firstname = $this->checkvalue($parsedRequestBody['firstname']);
$lastname = $this->checkvalue($parsedRequestBody['lastname']);
$mail = $this->checkvalue($parsedRequestBody['mail']);
$password = $this->checkvalue($parsedRequestBody['password']);
$confirmPassword = $this->checkvalue($parsedRequestBody['confirmpassword']);
$confirmPassword = $this->checkvalue($parsedRequestBody['confirmpassword']);
$contaminated = isset($parsedRequestBody['contaminated']) ? true : false;
if ($password != $confirmPassword) {
return $this->twig->render(
$this->response, "/user/modify_user.twig",
array(
"username" => $username,
"firstname" => $firstname,
"lastname" => $lastname,
"mail" => $mail,
"contaminated" => $contaminated,
"password" => null,
"confirmpassword" => null,
"password_message" => "Passwords don't match",
"password_formstatus" => true,
"formstatus" => "error"
)
);
}
$user_db = $this->userRepository->find($_SESSION['userId']);
if (isset($password)){
$password = password_hash($password, PASSWORD_DEFAULT);
$user_db->setPassword($password);
}
$user_db->setUsername($username);
$user_db->setFirstname($firstname);
$user_db->setLastname($lastname);
$user_db->setMail($mail);
$user_db->setContaminated($contaminated);
$this->em->persist($user_db);
$this->em->flush();
$this->logger->info("Your account has been changed.");
$this->flash->addMessage('modify_user', 'You account has been updated.');
return $this->response
->withHeader('Location', '/account')
->withStatus(302);
}
/**
* Remove html chars
* @return string
*/
protected function checkValue($value): string
{
$value = strip_tags($value);
$value = htmlspecialchars_decode($value);
return $value;
}
}