Modified confirmation code. Added basic session handler, and added user data returns

joandvgv · joandvgv · commit 5a35e3559eec · 2017-09-09T17:50:29.000-04:00
diff --git a/controladores/LoginController.php b/controladores/LoginController.php
@@ -28,7 +28,11 @@ public static function login(){
         $socio = Socio::createLogin($correo,$contrasena);
         
         if(self::dataMatches($socio)){
-            echo json_encode(array("success" => true, "m"=> "Login exitoso"));
+
+            $membresia = SocioController::getMembresia($correo);
+            $_SESSION["id"] = $membresia;
+            $data = SocioController::getSocio($membresia);
+            echo json_encode(array("success" => true, "m"=> "Login exitoso", "d" => $data[0]));
             return;
         }
 
diff --git a/controladores/SocioController.php b/controladores/SocioController.php
@@ -59,21 +59,35 @@ public static function sendMail($body, $subject, $socio)
 
     public static function findOne($membresia)
     {
-        self::listar($membresia);
+        $data = self::getSocio($membresia);
+        
+        if (!$data) {
+            echo json_encode(array("success" => false, "m"=> "No se encontraron registros"));
+            return;
+        }
+
+        echo json_encode(array("success" => true, "d"=> $data));
     }
 
     public static function findAll()
     {
-        self::listar(false);
+        $data = self::getSocio(false);
+
+        if (!$data) {
+            echo json_encode(array("success" => false, "m"=> "No se encontraron registros"));
+            return;
+        }
+
+        echo json_encode(array("success" => true, "d"=> $data));
     }
 
-    private static function listar($membresia)
+    public static function getSocio($membresia)
     {
 
         $conexion = Conexion::conectar();
 
-        $query = "SELECT CONCAT(Nombre, ' ', ApellidoP) AS Nombre, Email AS Correo FROM personas AS p
-        JOIN usuarios AS usr ON usr.ID_Persona = p.id ";
+        $query = "SELECT CONCAT(Nombre, ' ', ApellidoP) AS Nombre, Email AS Correo , p.ID AS membresia, Activo, tipo_membresia AS tipoMembresia FROM personas AS p
+        JOIN usuarios AS usr ON usr.ID_Persona = p.ID ";
 
         $stmt = $conexion->prepare($query);
 
@@ -87,17 +101,46 @@ private static function listar($membresia)
 
         $result = $stmt->get_result();
 
-        if ($result->num_rows==0) {
-            echo json_encode(array("success" => false, "m"=> "No se encontraron registros"));
-            return;
-        }
+        if ($result->num_rows==0)
+            return array();
 
         while ($row = $result->fetch_assoc()) {
+            $membresia = $row["membresia"];
+            $row["vinculados"] = self::getVinculados($membresia);
+
             $rows[] = $row;
         }
 
-        echo json_encode(array("success" => true, "d"=> $rows));
-        return;
+      
+        return $rows;
+    }
+
+    private static function getVinculados($membresia){
+
+        $conexion = Conexion::conectar();
+        
+
+        $query = "SELECT p.Nombre, vp.parentesco FROM personas AS p 
+            JOIN vinculacion_persona AS vp ON vp.idVinculado= p.id
+            WHERE vp.idPersona = ?";
+
+        $stmt = $conexion->prepare($query);
+        $stmt->bind_param('i', $membresia);
+        $stmt->execute();
+
+
+        $result = $stmt->get_result();
+        $vinculados = array();
+
+        while($row = $result->fetch_assoc()){
+            
+            array_push($vinculados,$row);
+
+        } 
+
+        return $vinculados;
+   
+
     }
     
 
@@ -136,11 +179,15 @@ public static function delete($membresia)
     public static function update($codigo)
     {
 
-        if (!self::codigoValido($codigo)) {
+        $membresia = self::codigoValido($codigo);   
+
+        if (!$membresia) {
             echo json_encode(array("success" => false, "m"=> "Código incorrecto"));
             return;
         }
 
+        
+
         $query = "UPDATE usuarios SET activado = 1 WHERE codigo = ? ";
         $conexion = Conexion::conectar();
 
@@ -149,7 +196,8 @@ public static function update($codigo)
         $stmt->execute();
 
         if ($conexion->affected_rows==1) {
-            echo json_encode(array("success" => true, "m"=> "Código confirmado"));
+            $data = self::getSocio($membresia);
+            echo json_encode(array("success" => true, "m"=> "Código confirmado", "d" => $data[0]));
             return;
         }
 
@@ -182,7 +230,7 @@ public static function getName($membresia)
     */
     private static function codigoValido($codigo)
     {
-        $query = "SELECT codigo FROM usuarios where codigo = ?";
+        $query = "SELECT codigo, ID_Persona FROM usuarios where codigo = ?";
         $conexion = Conexion::conectar();
 
         $stmt = $conexion->prepare($query);
@@ -191,7 +239,12 @@ private static function codigoValido($codigo)
 
         $result = $stmt->get_result();
 
-        return ( $result->num_rows > 0 );
+        if ($result->num_rows > 0){
+            $membresia = $result->fetch_assoc()["ID_Persona"];
+            return $membresia;
+        }
+            
+        return false;
     }
     
 
diff --git a/index.php b/index.php
@@ -9,6 +9,8 @@
     header("Content-Type: application/json; charset=utf-8");    
     include("routes/SociosRouter.php");
     include("routes/LoginRouter.php");
+
+    session_start();
     
     $base_url = getCurrentUri();
     $routes = array();
@@ -30,7 +32,11 @@
     //Sends each requests accordingly to its router
     switch($routes[1]){
         case "socio":
-            SociosRouter::enrutar($request,$routes);
+            if(isset($_SESSION["id"]) || $request == "POST"){
+                SociosRouter::enrutar($request,$routes);
+            }else{
+                sendSessionMessage();
+            }
             break;
         case "login":
             LoginRouter::enrutar($request,$routes);
@@ -44,6 +50,10 @@ function sendErrorMessage(){
         echo json_encode(array("success" => false, "m" => "Petición incorrecta"));
     }
 
+    function sendSessionMessage(){
+        echo json_encode(array("success" => false, "m" => "No se ha inciado sesión"));
+    }
+
     /**
     * Returns the adress of the current request who called the script. 
     *
diff --git a/modelos/Socio.php b/modelos/Socio.php
@@ -40,7 +40,7 @@ private function setUserData($nombre,$membresia,$correo,$contrasena){
         $this->nombre = $nombre;
         $this->correo = $correo;
         $this->contrasena = password_hash($contrasena,PASSWORD_BCRYPT);
-        $this->key = md5(microtime().rand());
+        $this->key = rand(1234,9999);
         $this->activado = 0;
     }
 

Original file line number	Diff line number	Diff line change
`@@ -40,7 +40,7 @@ private function setUserData($nombre,$membresia,$correo,$contrasena){`
`40`	`40`	`$this->nombre = $nombre;`
`41`	`41`	`$this->correo = $correo;`
`42`	`42`	`$this->contrasena = password_hash($contrasena,PASSWORD_BCRYPT);`
`43`		`- $this->key = md5(microtime().rand());`
	`43`	`+ $this->key = rand(1234,9999);`
`44`	`44`	`$this->activado = 0;`
`45`	`45`	`}`
`46`	`46`