fix: login not working

This commit is contained in:
grandeljay 2023-08-30 14:58:00 +02:00
parent 749f247261
commit cf253bf8c0
24 changed files with 245 additions and 174 deletions

View file

@ -48,14 +48,11 @@ if (file_exists($configPath)) {
*/
session_start(
array(
'name' => 'wishthis',
'read_and_close' => true,
'name' => 'wishthis'
)
);
if (!isset($_SESSION['user'])) {
$_SESSION['user'] = new User();
}
$user = User::getCurrent();
/**
* Database
@ -85,7 +82,7 @@ if (
/**
* Persistent (stay logged in)
*/
if (isset($_COOKIE[COOKIE_PERSISTENT]) && $database && !$_SESSION['user']->isLoggedIn()) {
if (isset($_COOKIE[COOKIE_PERSISTENT]) && $database && !$user->isLoggedIn()) {
$sessions = $database
->query(
'SELECT *
@ -102,7 +99,7 @@ if (isset($_COOKIE[COOKIE_PERSISTENT]) && $database && !$_SESSION['user']->isLog
$expires = strtotime($session['expires']);
if (time() < $expires) {
$_SESSION['user'] = User::getFromID($session['user']);
$user = User::getFromID($session['user']);
break;
}
@ -130,7 +127,7 @@ $locales = array_filter(
)
);
$locale = isset($_REQUEST['locale']) ? $_REQUEST['locale'] : \Locale::lookup($locales, $_SESSION['user']->getLocale(), false, 'en_GB');
$locale = isset($_REQUEST['locale']) ? $_REQUEST['locale'] : \Locale::lookup($locales, $user->getLocale(), false, 'en_GB');
/**
* Wish

View file

@ -15,8 +15,10 @@ if (!isset($page)) {
die('Direct access to this location is not allowed.');
}
$user = User::getCurrent();
$dateFormatter = new \IntlDateFormatter(
$_SESSION['user']->getLocale(),
$user->getLocale(),
\IntlDateFormatter::MEDIUM,
\IntlDateFormatter::NONE
);

View file

@ -15,6 +15,8 @@ if (!isset($page)) {
die('Direct access to this location is not allowed.');
}
$user = User::getCurrent();
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
if (isset($_POST['preview'], $_POST['page'])) {
@ -36,7 +38,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
$preview_create = true;
}
if ($preview_create && $_SESSION['user']->power >= $page->power) {
if ($preview_create && $user->power >= $page->power) {
file_put_contents($preview_filepath, $preview);
}
}

View file

@ -15,6 +15,8 @@ if (!isset($page)) {
die('Direct access to this location is not allowed.');
}
$user = User::getCurrent();
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
if (isset($_GET['table'])) {
@ -41,12 +43,12 @@ switch ($_SERVER['REQUEST_METHOD']) {
/** Get last modified */
$user_time_zome = new \IntlDateFormatter(
$_SESSION['user']->getLocale()
$user->getLocale()
);
$user_time_zome = $user_time_zome->getTimeZoneId();
$datetimeFormatter = new \IntlDateFormatter(
$_SESSION['user']->getLocale(),
$user->getLocale(),
\IntlDateFormatter::RELATIVE_FULL,
\IntlDateFormatter::SHORT,
$user_time_zome

View file

@ -15,12 +15,14 @@ if (!isset($page)) {
die('Direct access to this location is not allowed.');
}
$user = User::getCurrent();
switch ($_SERVER['REQUEST_METHOD']) {
case 'GET':
/**
* Get
*/
$response['data'] = $_SESSION['user']->getSavedWishlists();
$response['data'] = $user->getSavedWishlists();
break;
case 'POST':
@ -60,7 +62,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
:wishlist_id
);',
array(
'user_id' => $_SESSION['user']->id,
'user_id' => $user->id,
'wishlist_id' => Sanitiser::getNumber($_POST['wishlist']),
)
);

View file

@ -10,13 +10,15 @@ namespace wishthis;
global $page, $database;
$user = User::getCurrent();
switch ($_SERVER['REQUEST_METHOD']) {
case 'POST':
if (isset($_POST['wishlist-name'], $_SESSION['user']->id)) {
if (isset($_POST['wishlist-name'], $user->id)) {
/**
* Create
*/
$user_id = Sanitiser::getNumber($_SESSION['user']->id);
$user_id = Sanitiser::getNumber($user->id);
$wishlist_name = Sanitiser::getTitle($_POST['wishlist-name']);
$wishlist_hash = sha1(time() . $user_id . $wishlist_name);
@ -134,7 +136,7 @@ switch ($_SERVER['REQUEST_METHOD']) {
if ($wishlist->exists) {
/** Determine if user is allowed to access wishlist */
if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id === $wishlist->user) {
if ($user->isLoggedIn() && $user->id === $wishlist->user) {
$response['results'] = $wishlist;
} else {
http_response_code(403);
@ -153,11 +155,11 @@ switch ($_SERVER['REQUEST_METHOD']) {
} else {
http_response_code(404);
}
} elseif (isset($_GET['userid']) || isset($_SESSION['user']->id)) {
} elseif (isset($_GET['userid']) || isset($user->id)) {
/**
* Get user wishlists
*/
$user = $_SESSION['user'];
$user = $user;
if (!$user->isLoggedIn()) {
$this->response(403);

View file

@ -34,7 +34,7 @@ class Database
$this->pdo = new \PDO($dsn, $this->user, $this->password, $options);
}
public function query(string $query, array $placeholders = array()): \PDOStatement
public function query(string $query, array $placeholders = array()): \PDOStatement|false
{
$statement = $this->pdo->prepare($query, array(\PDO::FETCH_ASSOC));

View file

@ -153,7 +153,7 @@ class Page
/**
* Session
*/
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$user = User::getCurrent();
/**
* Login
@ -279,7 +279,7 @@ class Page
{
global $locales;
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$user = User::getCurrent();
?>
<!DOCTYPE html>
<html lang="<?= $this->language ?>">
@ -424,7 +424,7 @@ class Page
public function navigation(): void
{
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$user = User::getCurrent();
$wishlists = Navigation::Wishlists->value;
$blog = Navigation::Blog->value;

View file

@ -41,6 +41,16 @@ class User
return sha1($plainPassword);
}
public static function getCurrent(): self {
if (!isset($_SESSION['user'])) {
$_SESSION['user'] = new self();
}
$user = $_SESSION['user'];
return $user;
}
/**
* The users unique ID.
*
@ -235,7 +245,7 @@ class User
*/
public function isLoggedIn(): bool
{
return isset($_SESSION['user']->id) && $_SESSION['user']->id >= 1;
return isset($this->id) && $this->id >= 1;
}
/**
@ -300,6 +310,117 @@ class User
?: $this->email;
}
/**
* Attempts to log in the user. Return whether it was successful or not.
*
* @return bool Whether the log in was successful.
*/
public function logIn(string $email = '', string $password = '', bool $user_login_is_persistent = false): bool {
global $database;
$login_was_successful = false;
if ('' === $email && '' === $password && isset($this->email, $this->password)) {
$email = $this->email;
$password = $this->password;
}
/**
* Update the `last_login` column before fetching the user, so it's up
* to date for the session and later usage.
*
* If this fails, we are assuming the user credentials are wrong or that
* the user does not exist.
*/
$update_last_login = $database
->query(
'UPDATE `users`
SET `last_login` = NOW()
WHERE `email` = :user_email
AND `password` = :user_password;',
array(
'user_email' => $email,
'user_password' => $password,
)
);
/**
* Updating the `last_login` column in the database has failed and we
* are now assuming that the credentials are wrong or that the user does
* not exist.
*/
if (false === $update_last_login) {
return $login_was_successful;
}
/**
* The credentials seem fine, so we are fetching the user fields now.
*/
$user_database_fields = $database
->query(
'SELECT *
FROM `users`
WHERE `email` = :user_email
AND `password` = :user_password;',
array(
'user_email' => $email,
'user_password' => $password,
)
)
->fetch();
/**
* Create a `User` object instance and assign it for later use.
*/
if (\is_array($user_database_fields)) {
$this->__construct($user_database_fields);
$_SESSION['user'] = $this;
$login_was_successful = true;
}
/**
* Make the session persist
*/
if ($user_login_is_persistent) {
/** Cookie options */
$sessionLifetime = 2592000 * 4; // 4 Months
$sessionExpires = time() + $sessionLifetime;
$sessionIsDev = defined('ENV_IS_DEV') && ENV_IS_DEV || '127.0.0.1' === $_SERVER['REMOTE_ADDR'];
$sessionOptions = array (
'domain' => getCookieDomain(),
'expires' => $sessionExpires,
'httponly' => true,
'path' => '/',
'samesite' => 'None',
'secure' => !$sessionIsDev,
);
/** Set cookie */
setcookie(COOKIE_PERSISTENT, session_id(), $sessionOptions);
$database->query(
'INSERT INTO `sessions` (
`user`,
`session`,
`expires`
) VALUES (
:user_id,
:session_id,
:session_expires
);',
array(
'user_id' => $this->id,
'session_id' => session_id(),
'session_expires' => date('Y-m-d H:i:s', $sessionExpires),
)
);
}
return $login_was_successful;
}
public function logOut(): void
{
/** Destroy session */
@ -335,4 +456,12 @@ class User
)
);
}
public function getEmail(): string {
return $this->email;
}
public function getPassword(): string {
return $this->password;
}
}

View file

@ -192,11 +192,12 @@ class Wish
ob_start();
$userCard = User::getFromID($ofUser);
$userCurrent = User::getCurrent();
$numberFormatter = new \NumberFormatter(
$userCard->getLocale() . '@currency=' . $userCard->getCurrency(),
\NumberFormatter::CURRENCY
);
$userIsCurrent = isset($_SESSION['user']->id) && $_SESSION['user']->id === $userCard->id;
$userIsCurrent = isset($userCurrent->id) && $userCurrent->id === $userCard->id;
/**
* Card

View file

@ -120,12 +120,14 @@ class Wishlist
)
)';
if ($_SESSION['user']->isLoggedIn()) {
$user = User::getCurrent();
if ($user->isLoggedIn()) {
$wishlist_ids = array_map(
function ($wishlist_data) {
return intval($wishlist_data['id']);
},
$_SESSION['user']->getWishlists()
$user->getWishlists()
);
/** Show all wishes (except fulfilled) */

View file

@ -10,7 +10,7 @@ namespace wishthis;
function getWishlistNameSuggestion(): string
{
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$user = User::getCurrent();
$now = time();
$month = date('n');
$name = '';

View file

@ -9,7 +9,7 @@ namespace wishthis;
function __(string $text, string $context = null, User $user = null): string
{
if (null === $user) {
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$user = User::getCurrent();
}
if (null !== $user->translations) {

View file

@ -10,7 +10,7 @@ use wishthis\User;
function redirect(string $target)
{
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$user = User::getCurrent();
/**
* Redirect user based on channel setting

View file

@ -14,8 +14,9 @@ $page->bodyStart();
$page->navigation();
$posts = Blog::getPosts();
$user = User::getCurrent();
if ('en' !== \Locale::getPrimaryLanguage($_SESSION['user']->getLocale())) {
if ('en' !== \Locale::getPrimaryLanguage($user->getLocale())) {
$page->messages[] = Page::warning(
sprintf(
/** TRANSLATORS: %s: Language, most likely English */
@ -37,7 +38,7 @@ if ('en' !== \Locale::getPrimaryLanguage($_SESSION['user']->getLocale())) {
<?php foreach ($posts as $post) { ?>
<?php
$dateFormatter = new \IntlDateFormatter(
$_SESSION['user']->getLocale(),
$user->getLocale(),
\IntlDateFormatter::MEDIUM,
\IntlDateFormatter::NONE
);

View file

@ -12,6 +12,8 @@ $page = new Page(__FILE__, __('Home'));
$page->header();
$page->bodyStart();
$page->navigation();
$user = User::getCurrent();
?>
<main>
@ -26,7 +28,7 @@ $page->navigation();
<p><?= __('wishthis is a simple, intuitive and modern wishlist platform to create, manage and view your wishes for any kind of occasion.') ?></p>
<div class="ui two column doubling stackable centered grid actions">
<?php if ($_SESSION['user']->isLoggedIn()) { ?>
<?php if ($user->isLoggedIn()) { ?>
<div class="column">
<a class="ui fluid primary button"
href="<?= Page::PAGE_WISHLISTS ?>"
@ -47,7 +49,7 @@ $page->navigation();
ORDER BY `wishes`.`edited` DESC
LIMIT 1;',
array(
'user_id' => $_SESSION['user']->id,
'user_id' => $user->id,
)
);
@ -209,9 +211,9 @@ $page->navigation();
<?php
$locale_browser = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? \Locale::acceptFromHttp($_SERVER['HTTP_ACCEPT_LANGUAGE']) : DEFAULT_LOCALE;
$locale_user = $_SESSION['user']->getLocale();
$locale_user = $user->getLocale();
if ($_SESSION['user']->isLoggedIn() && $locale_browser !== $locale_user && in_array($locale_browser, $locales, true)) {
if ($user->isLoggedIn() && $locale_browser !== $locale_user && in_array($locale_browser, $locales, true)) {
?>
<div class="ui segment">
<h2 class="ui header"><?= __('Hey, you') ?></h2>
@ -221,7 +223,7 @@ $page->navigation();
printf(
/** TRANSLATORS: %s: the users display name */
__('Yes, I mean you, %s.'),
$_SESSION['user']->getDisplayName()
$user->getDisplayName()
);
?>
</p>

View file

@ -9,6 +9,7 @@
namespace wishthis;
$page = new Page(__FILE__, __('Login as'), 100);
$user = User::getCurrent();
if (isset($_POST['email'])) {
$email = Sanitiser::getEmail($_POST['email']);
@ -28,7 +29,8 @@ if (isset($_POST['email'])) {
if ($success) {
$fields = $userQuery->fetch();
$_SESSION['user'] = new User($fields);
$user = new User($fields);
$user->logIn();
}
}
@ -55,7 +57,7 @@ $users = $database
<?php
if (isset($success)) {
if ($success) {
echo Page::success(sprintf(__('Successfully logged in as %s.'), $_SESSION['user']->email), __('Success'));
echo Page::success(sprintf(__('Successfully logged in as %s.'), $user->email), __('Success'));
} else {
echo Page::error(__('User not found!'), __('Error'));
}

View file

@ -14,94 +14,13 @@ $page = new Page(__FILE__, __('Login'));
* Login
*/
if (isset($_POST['login'], $_POST['email'], $_POST['password'])) {
$email = Sanitiser::getEmail($_POST['email']);
$password = User::passwordToHash($_POST['password']);
$user_email = \filter_input(\INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$user_password = User::passwordToHash($_POST['password']);
$user_login_is_persistent = isset($_POST['persistent']);
$database
->query(
'UPDATE `users`
SET `last_login` = NOW()
WHERE `email` = :user_email
AND `password` = :user_password;',
array(
'user_email' => $email,
'user_password' => $password,
)
);
$user->login($user_email, $user_password, $user_login_is_persistent);
$fields = $database
->query(
'SELECT *
FROM `users`
WHERE `email` = :user_email
AND `password` = :user_password;',
array(
'user_email' => $email,
'user_password' => $password,
)
)
->fetch();
$success = is_array($fields);
if ($success) {
$_SESSION['user'] = new User($fields);
/**
* Persisent session
*/
if (isset($_POST['persistent'])) {
/** Cookie options */
$sessionLifetime = 2592000 * 4; // 4 Months
$sessionExpires = time() + $sessionLifetime;
$sessionIsDev = defined('ENV_IS_DEV') && ENV_IS_DEV || '127.0.0.1' === $_SERVER['REMOTE_ADDR'];
$sessionOptions = array (
'domain' => getCookieDomain(),
'expires' => $sessionExpires,
'httponly' => true,
'path' => '/',
'samesite' => 'None',
'secure' => !$sessionIsDev,
);
/** Set cookie */
setcookie(COOKIE_PERSISTENT, session_id(), $sessionOptions);
/** Column sessions.expires was added in v0.7.1. */
if ($database->columnExists('sessions', 'expires')) {
$database->query(
'INSERT INTO `sessions` (
`user`,
`session`,
`expires`
) VALUES (
:user_id,
:session_id,
:session_expires
);',
array(
'user_id' => $_SESSION['user']->id,
'session_id' => session_id(),
'session_expires' => date('Y-m-d H:i:s', $sessionExpires),
)
);
} else {
$database->query(
'INSERT INTO `sessions` (
`user`,
`session`
) VALUES (
:user_id,
:session_id
);',
array(
'user_id' => $_SESSION['user']->id,
'session_id' => session_id(),
)
);
}
}
} else {
if (!$user->isLoggedIn()) {
$page->messages[] = Page::error(
__('No user could be found with the credentials you provided.'),
__('Invalid credentials'),
@ -109,7 +28,7 @@ if (isset($_POST['login'], $_POST['email'], $_POST['password'])) {
}
}
if ($_SESSION['user']->isLoggedIn()) {
if ($user->isLoggedIn()) {
if (isset($_SESSION['REDIRECT_URL'])) {
redirect($_SESSION['REDIRECT_URL']);
} else {

View file

@ -9,8 +9,8 @@
namespace wishthis;
$page = new Page(__FILE__, __('Logout'));
$_SESSION['user']->logOut();
$user = User::getCurrent();
$user->logOut();
$page->header();
$page->bodyStart();

View file

@ -6,10 +6,11 @@
namespace wishthis;
$user = User::getCurrent();
?>
<?php if ($_SESSION['user']->isLoggedIn()) { ?>
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<?php if ($user->isLoggedIn()) { ?>
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<?php } ?>
<div class="wishlist-filter-wrapper">

View file

@ -12,6 +12,8 @@ $page = new Page(__FILE__, __('Insufficient power'));
$page->header();
$page->bodyStart();
$page->navigation();
$user = User::getCurrent();
?>
<main>
@ -20,7 +22,7 @@ $page->navigation();
<div class="ui segment">
<h2 class="ui header"><?= __('Restricted access') ?></h2>
<p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $_SESSION['user']->power . '</strong>') ?></p>
<p><?= sprintf(__('You do not have enough power to view this page. You need %s to see this page, but only have %s.'), '<strong>' . $_GET['required'] . '</strong>', '<strong>' . $user->power . '</strong>') ?></p>
</div>
</div>
</main>

View file

@ -9,6 +9,7 @@
namespace wishthis;
$page = new Page(__FILE__, __('Profile'), 1);
$user = User::getCurrent();
if (isset($_POST['user-id'], $_POST['section'])) {
$set = array();
@ -37,10 +38,10 @@ if (isset($_POST['user-id'], $_POST['section'])) {
$loginRequired = false;
foreach ($formFieldsString as $field) {
if (!empty($_POST[$field['key']]) && $_POST[$field['key']] !== $_SESSION['user']->{$field['column']}) {
if (!empty($_POST[$field['key']]) && $_POST[$field['key']] !== $user->{$field['column']}) {
$set[] = '`' . $field['column'] . '` = "' . $_POST[$field['key']] . '"';
$_SESSION['user']->{$field['column']} = $_POST[$field['key']];
$user->{$field['column']} = $_POST[$field['key']];
$page->messages[] = Page::success(
sprintf(
@ -52,7 +53,7 @@ if (isset($_POST['user-id'], $_POST['section'])) {
}
}
if (!empty($_POST['user-email']) && $_POST['user-email'] !== $_SESSION['user']->email) {
if (!empty($_POST['user-email']) && $_POST['user-email'] !== $user->email) {
$loginRequired = true;
}
@ -61,13 +62,13 @@ if (isset($_POST['user-id'], $_POST['section'])) {
*/
if (isset($_POST['user-birthdate'])) {
if (empty($_POST['user-birthdate'])) {
$_SESSION['user']->birthdate = null;
$user->birthdate = null;
$set[] = '`birthdate` = NULL';
} else {
$_SESSION['user']->birthdate = date('Y-m-d', strtotime($_POST['user-birthdate']));
$user->birthdate = date('Y-m-d', strtotime($_POST['user-birthdate']));
$set[] = '`birthdate` = "' . $_SESSION['user']->birthdate . '"';
$set[] = '`birthdate` = "' . $user->birthdate . '"';
}
}
@ -89,57 +90,57 @@ if (isset($_POST['user-id'], $_POST['section'])) {
*/
/** Language */
if (isset($_POST['user-language']) && $_POST['user-language'] !== $_SESSION['user']->getLocale()) {
$_SESSION['user']->setLocale($_POST['user-language']);
if (isset($_POST['user-language']) && $_POST['user-language'] !== $user->getLocale()) {
$user->setLocale($_POST['user-language']);
$set[] = '`language` = "' . $_SESSION['user']->getLocale() . '"';
$set[] = '`language` = "' . $user->getLocale() . '"';
$page->messages[] = Page::success(
sprintf(
/** TRANSLATORS: %s: The new locale */
__('Language set to %s.'),
'<strong>' . $_SESSION['user']->getLocale() . '</strong>'
'<strong>' . $user->getLocale() . '</strong>'
),
__('Success')
);
}
/** Currency */
if (isset($_POST['user-currency']) && $_POST['user-currency'] !== $_SESSION['user']->getLocale() && $_POST['user-currency'] !== $_SESSION['user']->getCurrency()) {
$_SESSION['user']->setCurrency($_POST['user-currency']);
if (isset($_POST['user-currency']) && $_POST['user-currency'] !== $user->getLocale() && $_POST['user-currency'] !== $user->getCurrency()) {
$user->setCurrency($_POST['user-currency']);
$set[] = '`currency` = "' . $_SESSION['user']->getCurrency() . '"';
$set[] = '`currency` = "' . $user->getCurrency() . '"';
$page->messages[] = Page::success(
sprintf(
/** TRANSLATORS: %s: The new locale */
__('Currency set to %s.'),
'<strong>' . $_SESSION['user']->getCurrency() . '</strong>'
'<strong>' . $user->getCurrency() . '</strong>'
),
__('Success')
);
}
/** Channel */
if (isset($_POST['user-channel']) && $_POST['user-channel'] !== $_SESSION['user']->channel) {
if (isset($_POST['user-channel']) && $_POST['user-channel'] !== $user->channel) {
if (empty($_POST['user-channel'])) {
$_SESSION['user']->channel = null;
$user->channel = null;
$set[] = '`channel` = NULL';
} else {
$_SESSION['user']->channel = $_POST['user-channel'];
$user->channel = $_POST['user-channel'];
$set[] = '`channel` = "' . $_SESSION['user']->channel . '"';
$set[] = '`channel` = "' . $user->channel . '"';
}
}
/** Advertisements */
if (isset($_POST['enable-advertisements'])) {
$_SESSION['user']->advertisements = true;
$user->advertisements = true;
$set[] = '`advertisements` = TRUE';
} else {
$_SESSION['user']->advertisements = false;
$user->advertisements = false;
$set[] = '`advertisements` = FALSE';
}
@ -171,8 +172,8 @@ if (isset($_POST['user-id'], $_POST['section'])) {
* Account
*/
if (isset($_POST['account-delete'])) {
$_SESSION['user']->delete();
$_SESSION['user']->logOut();
$user->delete();
$user->logOut();
redirect(Page::PAGE_HOME);
}
@ -217,26 +218,26 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="section" value="personal" />
<div class="three fields">
<div class="field">
<label><?= __('First name') ?></label>
<input type="text" name="user-name-first" value="<?= $_SESSION['user']->name_first ?>" />
<input type="text" name="user-name-first" value="<?= $user->name_first ?>" />
</div>
<div class="field">
<label><?= __('Last name') ?></label>
<input type="text" name="user-name-last" value="<?= $_SESSION['user']->name_last ?>" />
<input type="text" name="user-name-last" value="<?= $user->name_last ?>" />
</div>
<div class="field">
<label><?= __('Nickname') ?></label>
<input type="text" name="user-name-nick" value="<?= $_SESSION['user']->name_nick ?>" />
<input type="text" name="user-name-nick" value="<?= $user->name_nick ?>" />
</div>
</div>
@ -244,7 +245,7 @@ $page->navigation();
<div class="field">
<label><?= __('Email') ?></label>
<input type="email" name="user-email" value="<?= $_SESSION['user']->email ?>" />
<input type="email" name="user-email" value="<?= $user->email ?>" />
</div>
<div class="field" data-content="<?= __('Used to suggest a wishlist called "Birthday", if it\'s coming up.') ?>">
@ -259,7 +260,7 @@ $page->navigation();
<input type="text"
name="user-birthdate"
placeholder="<?= __('Pick a date') ?>"
value="<?= $_SESSION['user']->birthdate ?>"
value="<?= $user->birthdate ?>"
/>
</div>
</div>
@ -283,7 +284,7 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="section" value="password" />
<div class="two fields">
@ -346,7 +347,7 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="section" value="preferences" />
<div class="two fields">
@ -355,14 +356,14 @@ $page->navigation();
<select class="ui search dropdown language" name="user-language">
<?php if (!in_array('en_GB', $locales)) { ?>
<option value="<?= 'en_GB' ?>"><?= \Locale::getDisplayName('en_GB', $_SESSION['user']->getLocale()) ?></option>
<option value="<?= 'en_GB' ?>"><?= \Locale::getDisplayName('en_GB', $user->getLocale()) ?></option>
<?php } ?>
<?php foreach ($locales as $locale) { ?>
<?php if ($locale === $_SESSION['user']->getLocale()) { ?>
<option value="<?= $locale ?>" selected><?= \Locale::getDisplayName($locale, $_SESSION['user']->getLocale()) ?></option>
<?php if ($locale === $user->getLocale()) { ?>
<option value="<?= $locale ?>" selected><?= \Locale::getDisplayName($locale, $user->getLocale()) ?></option>
<?php } else { ?>
<option value="<?= $locale ?>"><?= \Locale::getDisplayName($locale, $_SESSION['user']->getLocale()) ?></option>
<option value="<?= $locale ?>"><?= \Locale::getDisplayName($locale, $user->getLocale()) ?></option>
<?php } ?>
<?php } ?>
</select>
@ -390,7 +391,7 @@ $page->navigation();
}
?>
<?php if ($currencyISO === $_SESSION['user']->getCurrency()) { ?>
<?php if ($currencyISO === $user->getCurrency()) { ?>
<option value="<?= $currencyISO ?>" selected><?= $currencyValue ?></option>
<?php } else { ?>
<option value="<?= $currencyISO ?>"><?= $currencyValue ?></option>
@ -446,7 +447,7 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="section" value="preferences" />
<?php if (defined('CHANNELS') && is_array(CHANNELS)) { ?>
@ -461,7 +462,7 @@ $page->navigation();
<option value=""><?= __('Select channel') ?></option>
<?php foreach (CHANNELS as $channel) { ?>
<?php if ($channel['branch'] === $_SESSION['user']->channel) { ?>
<?php if ($channel['branch'] === $user->channel) { ?>
<option value="<?= $channel['branch'] ?>" selected><?= $channel['label'] ?></option>
<?php } else { ?>
<option value="<?= $channel['branch'] ?>"><?= $channel['label'] ?></option>
@ -511,7 +512,7 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="section" value="preferences" />
<div class="field">
@ -519,7 +520,7 @@ $page->navigation();
<div class="ui toggle checkbox advertisements">
<?php
$user = isset($_SESSION['user']->id) ? $_SESSION['user'] : new User();
$user = isset($user->id) ? $user : new User();
?>
<?php if (true === $user->advertisements) { ?>
@ -562,7 +563,7 @@ $page->navigation();
<div class="ui segment">
<form class="ui form" method="POST">
<input type="hidden" name="user-id" value="<?= $_SESSION['user']->id ?>" />
<input type="hidden" name="user-id" value="<?= $user->id ?>" />
<input type="hidden" name="section" value="account" />
<div class="field">

View file

@ -24,6 +24,8 @@ if (!$wishlist->exists) {
$page->header();
$page->bodyStart();
$page->navigation();
$user = User::getCurrent();
?>
<main>
@ -33,7 +35,7 @@ $page->navigation();
<div class="ui stackable grid">
<div class="column">
<?php if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id !== $wishlist->user) { ?>
<?php if ($user->isLoggedIn() && $user->id !== $wishlist->user) { ?>
<button class="ui white small basic labeled icon button save disabled loading">
<i class="heart icon"></i>
<span><?= __('Remember list') ?></span>
@ -47,7 +49,7 @@ $page->navigation();
/**
* Warn the wishlist creator
*/
if ($_SESSION['user']->isLoggedIn() && $_SESSION['user']->id === $wishlist->user) { ?>
if ($user->isLoggedIn() && $user->id === $wishlist->user) { ?>
<div class="ui icon warning message wishlist-own">
<i class="exclamation triangle icon"></i>
<div class="content">

View file

@ -13,7 +13,9 @@ $page->header();
$page->bodyStart();
$page->navigation();
$wishlists = $_SESSION['user']->getSavedWishlists();
$user = User::getCurrent();
$wishlists = $user->getSavedWishlists();
$wishlists_by_user = array();
foreach ($wishlists as $wishlist_saved) {