removed unnecessary authorization checks

dmistas · Jan 30, 2021 · 16c2199 · 16c2199
1 parent 48619a9
commit 16c2199
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 58 deletions.
diff --git a/create_user.php b/create_user.php
@@ -1,15 +1,6 @@
 <?php
 session_start();
 include_once 'functions.php';
-if (is_not_logged_in()) {
-    set_flash_message('danger', 'Необходима авторизация');
-    redirect_to('page_login.php');
-    exit();
-} elseif (!is_admin()) {
-    redirect_to('users.php');
-    exit();
-}
-
 ?>
 
 <!DOCTYPE html>

diff --git a/create_user_handler.php b/create_user_handler.php
@@ -1,26 +1,21 @@
 <?php
 session_start();
 include_once 'functions.php';
-//d($_POST, 0);
-//d($_FILES);
 
-if (!is_not_logged_in() && is_admin()){
-    if (isset($_POST['email']) && isset($_POST['password'])) {
-        $email = $_POST['email'];
-        $pass = $_POST['password'];
-        if (get_user_by_email($email)){
-            set_flash_message('danger', '<strong>Уведомление!</strong> Этот эл. адрес уже занят другим пользователем.');
-            redirect_to("create_user.php");
-        } else {
-            $new_user_id = add_user($email, $pass);
-            edit($new_user_id, $_POST['name'], $_POST['job_title'],$_POST['phone'],$_POST['address']);
-            set_status($new_user_id, $_POST['status']);
-            upload_avatar($new_user_id, $_FILES['img']);
-            set_social_links($new_user_id, $_POST['vk'], $_POST['telegram'], $_POST['instagram']);
-            set_flash_message('success', 'Пользователь добавлен');
-            redirect_to('users.php');
-        }
+if (isset($_POST['email']) && isset($_POST['password'])) {
+    $email = $_POST['email'];
+    $pass = $_POST['password'];
+    if (get_user_by_email($email)) {
+        set_flash_message('danger', '<strong>Уведомление!</strong> Этот эл. адрес уже занят другим пользователем.');
+        redirect_to("create_user.php");
+    } else {
+        $new_user_id = add_user($email, $pass); //добавляем нового пользователя в БД, функция возвращает id нового пользователя
+        edit($new_user_id, $_POST['name'], $_POST['job_title'], $_POST['phone'], $_POST['address']);
+        set_status($new_user_id, $_POST['status']);
+        upload_avatar($new_user_id, $_FILES['img']);
+        set_social_links($new_user_id, $_POST['vk'], $_POST['telegram'], $_POST['instagram']);
+        set_flash_message('success', 'Пользователь добавлен');
+        redirect_to('users.php');
     }
-}else {
-    redirect_to('login.php');
 }
+
diff --git a/login.php b/login.php
@@ -5,7 +5,7 @@
 $login_email = isset($_POST['email'])?$_POST['email']:"";
 $login_password = isset($_POST['password'])?$_POST['password']:"";
 
-if (authorisation_user($login_email, $login_password)){
+if (authorisation_user($login_email, $login_password) || !is_not_logged_in()){
     redirect_to('users.php');
 } else {
     set_flash_message('danger', 'Пара логин пароль не верна');

diff --git a/nav_component.php b/nav_component.php
@@ -9,7 +9,7 @@ class="d-inline-block align-top mr-2"
     <div class="collapse navbar-collapse" id="navbarColor02">
         <ul class="navbar-nav mr-auto">
             <li class="nav-item">
-                <a class="nav-link" href="#">Главная <span class="sr-only">(current)</span></a>
+                <a class="nav-link" href="users.php">Главная <span class="sr-only">(current)</span></a>
             </li>
         </ul>
         <ul class="navbar-nav ml-auto">

diff --git a/users.php b/users.php
@@ -26,33 +26,7 @@
     <link rel="stylesheet" media="screen, print" href="css/fa-regular.css">
 </head>
 <body class="mod-bg-1 mod-nav-link">
-<nav class="navbar navbar-expand-lg navbar-dark bg-primary bg-primary-gradient">
-    <a class="navbar-brand d-flex align-items-center fw-500" href="users.php">
-        <img alt="logo" class="d-inline-block align-top mr-2" src="img/logo.png"> Учебный проект
-    </a>
-    <button aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation" class="navbar-toggler"
-            data-target="#navbarColor02" data-toggle="collapse" type="button"><span class="navbar-toggler-icon"></span>
-    </button>
-    <div class="collapse navbar-collapse" id="navbarColor02">
-        <ul class="navbar-nav mr-auto">
-            <li class="nav-item active">
-                <a class="nav-link" href="#">Главная <span class="sr-only">(current)</span></a>
-            </li>
-        </ul>
-        <ul class="navbar-nav ml-auto">
-            <?php if (is_not_logged_in()): ?>
-                <li class="nav-item">
-                    <a class="nav-link" href="page_login.php">Войти</a>
-                </li>
-            <?php else: ?>
-                <li class="nav-item">
-                    <a class="nav-link" href="logout.php">Выйти</a>
-                </li>
-            <?php endif; ?>
-        </ul>
-    </div>
-</nav>
-
+<?php include 'nav_component.php'?>
 <main id="js-page-content" role="main" class="page-content mt-3">
     <?php
     if (isset($_SESSION['success'])) {