From 8cd1105b111b89106f24c5b50795afb5ff28a935 Mon Sep 17 00:00:00 2001 From: Thomas Lange Date: Tue, 22 Jun 2021 01:18:02 +0200 Subject: Implement new Repository and Entity classes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This commit adds new Repository and Entity classes which are better abstracted from the rest of the application. They dont know anymore about configuration options or how to parse to HTML because this is not the job for the ORM but for other parts of the application. The previous commits were a preparation for this big change. An entity now represents just a single record from a specific table of the database – nothing more. The repositories job is it to fetch or update records of the database and instantiate the entities. Another problem that was solved is the high amount of database queries that was needed before. For example, on the blogs home page first were all 10 latest post IDs fetched from the database and then another query was executed with "WHERE id = :id" for *each* single post?! ... This problem is solved with the new repository classes; they now use a single query to fetch and build the entities of the 10 latest posts. This change also solves the problem with database queries spread across the application and limits the exzessive use of try/catch blocks which were used before. The new classes make the whole code much cleaner. :) --- admin/auth.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'admin/auth.php') diff --git a/admin/auth.php b/admin/auth.php index 9674563..03460ba 100644 --- a/admin/auth.php +++ b/admin/auth.php @@ -28,11 +28,10 @@ if(Application::isAuthenticated()) { # IF: Login action #=============================================================================== if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) { - try { - $User = User\Factory::buildByUsername(HTTP::POST('username')); - $password = $User->getAttribute()->get('password'); + $UserRepository = Application::getRepository('User'); - if(password_verify(HTTP::POST('password'), $password)) { + if($User = $UserRepository->findBy('username', HTTP::POST('username'))) { + if(password_verify(HTTP::POST('password'), $User->get('password'))) { $_SESSION['auth'] = $User->getID(); HTTP::redirect(Application::getAdminURL()); } @@ -40,7 +39,9 @@ if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'pa else { $messages[] = $Language->text('authentication_failure'); } - } catch(User\Exception $Exception){ + } + + else { $fake_hash = '$2y$10$xpnwDU2HumOgGQhVpMOP9uataEF82YXizniFhSUhYjUiXF8aoDk0C'; $fake_pass = HTTP::POST('password'); -- cgit v1.2.3