Symfony Profiler

<?php
namespace App\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\HttpFoundation\RequestStack;
use App\Entity\User;
use App\Entity\Userlog;
use App\Entity\Cart;
class UserController extends AbstractController
{
private $requestStack;
public function __construct(RequestStack $requestStack)
{
$this->requestStack = $requestStack;
// Accessing the session in the constructor is *NOT* recommended, since
// it might not be accessible yet or lead to unwanted side-effects
// $this->session = $requestStack->getSession();
}
/**
* @Route("/loggedin/" , name="loggedin")
*/
public function loggedin()
{
include("./include/function.php");
include("./include/global.php");
$user = $this->get('security.token_storage')->getToken()->getUser();
if($user->getId() != 0)
{
$em = $this->getDoctrine()->getManager();
$d = new \DateTime(strtotime('Y-m-d H:i:s'));
$user->setULastlogin($d);
$em->persist($user);
$em->flush();
$session = $this->requestStack->getSession(); //$session = $this->get('session');
$placeid = $session->get('place');
$log = new Userlog();
if($this->get('security.token_storage')->getToken()->getUser() == 'anon.'){
$log->setUlUid(0);
}
else{
$log->setUlUid( $user->getId());
}
$log->setUlSessionid($session->getId());
$log->setUlBrowser($_SERVER['HTTP_USER_AGENT']);
$log->setUlIp($_SERVER['REMOTE_ADDR']);
$now = new \DateTime(date("Y-m-d H:i:s"));
$log->setUlNow($now);
if($placeid == NULL)
{
$log->setUlPlace(0);
}
else
{
$log->setUlPlace($placeid);
}
$log->setUlAction(1);
$log->setUlReferer($_SERVER['HTTP_REFERER']);
$log->setUlCurrentPage($_SERVER['REQUEST_URI']);
$em = $this->getDoctrine()->getManager();
$em->persist($log);
$em->flush();
$conn = $this->getDoctrine()->getManager()->getConnection();
$query = "DELETE FROM cart WHERE ca_now <= ?";
$conn->executeQuery(
$query
,array(
date("Y-m-d 00:00:00")
)
);
}
$session = $this->requestStack->getSession(); //$session = $this->get('session');
if($company == 'KVO')
{
$placeid = 1;
}
else
{
$placeid = $session->get('place');
}
//$response = $this->forward('App\Controller\CourseController::homepage', []);
$response = $this->forward('App\Controller\CourseController::homepage2', ['placeid' => $placeid]);
return $response;
}
/**
* @Route("/usersettings" , name="userSettings")
*/
public function settings(): Response
{
if($this->get('security.token_storage')->getToken()->getUser() == 'anon.')
{
$response = $this->forward('App\Controller\CourseController::homepage', []);
return $response;
}
$user = $this->get('security.token_storage')->getToken()->getUser();
$user->getId();
$t1 = $user->getUBirthday(); ;
$t1 = $t1->format('d.m.Y');
$session = $this->requestStack->getSession(); //$session = $this->get('session');
$place = $session->get('place');
return $this->render('user/settings.html.twig', [
'first' => $user->getUFirstname(),
'last' => $user->getULastname(),
'email' => $user->getUEmail(),
'username' => $user->getUUsername(),
'password' => $user->getUPassword(),
'street' => $user->getUStreet(),
'zip' => $user->getUZip(),
'city' => $user->getUCity(),
'birthday' => $t1,
'place' => $place,
'telephone' => $user->getUTelephone()
]);
}
/**
* @Route("/register" , name="register")
*/
public function register(): Response
{
$session = $this->requestStack->getSession(); //$session = $this->get('session');
$place = $session->get('place');
return $this->render('user/register.html.twig',['place' => $place]);
}
/**
* @Route("/pwforgot" , name="pwforgot")
*/
public function pwforgot(): Response
{
$session = $this->requestStack->getSession(); //$session = $this->get('session');
$place = $session->get('place');
return $this->render('user/pwforgot.html.twig',['place' => $place]);
}
/**
* @Route("/sendNewPw/{mail}/{username}/" , name="sendNewPw", options={"expose"=true})
*/
public function sendNewPw($mail, $username)
{
include("./include/function.php");
include("./include/global.php");
if(trim(checkUserInput($username)) == "" || trim(checkUserInput($mail)) == ""){ return new Response('error2'); die(); }
$repository = $this->getDoctrine()->getRepository(User::class);
$user = $repository->findOneBy([
'u_username' => trim(checkUserInput($username)),
'u_email' => trim(checkUserInput($mail))
]);
if(empty($user))
{
return new Response('error1');
die();
}
$session = $this->requestStack->getSession(); //$session = $this->get('session');
$placeid = $session->get('place');
if($placeid == "" || $placeid == NULL || $placeid == 0)
{
$placeid = 2;
}
$newpw = $this->generateRandomString(10);
ini_set('max_execution_time', 30);
require("./include/phpmailer/PHPMailerAutoload.php");
$mail2 = new \PHPMailer();
$mail2->IsSMTP();
$mail2->SMTPDebug = 0;
$mail2->Host = $smtp_mail_host;
$mail2->Port = $smtp_mail_port;
if(!empty($smtp_mail_user[$placeid])) {
$mail2->SMTPAuth = true;
$mail2->Username = $smtp_mail_user[$placeid];
$mail2->Password = $smtp_mail_pass[$placeid];
} else {
$mail2->SMTPAuth = false;
}
if($smtp_mail_secured)
{
$mail2->SMTPSecure = "ssl";
}
$mail2->SetFrom($mailFromAdress[$placeid], $mailFromAdressName);
$mail2->Subject = "Ihr neues Passwort";
$txt = "Sehr geehrte Damen und Herren, ";
$txt .= "anbei senden wir Ihnen Ihr neues Passwort für das Kurstool. ";
$txt .= "Ihr neues Passwort lautet: ".$newpw." ";
$txt .= "Mit freundlichen Grüßen, ";
$txt .= "".$companyFull;
$mail2->MsgHTML($txt);
$mail2->AddAddress(checkUserInput($mail));
if(!$mail2->Send())
{
debugText("Die E-Mail konnte nicht versendet werden! Bitte wenden Sie sich an den Administrator! " . $mail2->ErrorInfo);
return new Response("nok");
}
else
{
$em = $this->getDoctrine()->getManager();
$user->setUPassword(password_hash($newpw, PASSWORD_BCRYPT ));
$em->persist($user);
$em->flush();
return new Response('ok');
die();
}
}
function generateRandomString($length = 10)
{
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
/**
* @Route("/setAccountInfos/{email}/{username}/{first}/{last}/{pw}/{street}/{zip}/{city}/{birthday}/{telephone}/" , name="setAccountInfos", options={"expose"=true})
*/
public function setAccountInfos($email, $username, $first, $last, $pw, $street, $zip, $city, $birthday, $telephone)
{
if($this->get('security.token_storage')->getToken()->getUser() == 'anon.')
{
$response = $this->forward('App\Controller\CourseController::homepage', []);
return $response;
}
include("./include/function.php");
if($pw == "empty"){$pw = "";}
if($first == "empty"){$first = "";}
if($last == "empty"){$last = "";}
if($street == "empty"){$street = "";}
if($zip == "empty"){$zip = 0;}
if($city == "empty"){$city = "";}
if(!is_numeric($zip)){$zip = 0;}
if(trim(checkUserInput($username)) == "" || trim(checkUserInput($email)) == "" || trim(checkUserInput($birthday)) == ""){ return new Response('error2'); die(); }
$pw = checkUserInput(trim($pw));
if($pw != "")
{
if (strlen($pw) < 8) {
return new Response('error3');die();
}
if (!preg_match("#[0-9]+#", $pw)) {
return new Response('error4');die();
}
if (!preg_match("#[a-zA-Z]+#", $pw)) {
return new Response('error5');die();
}
}
$em = $this->getDoctrine()->getManager();
$user = $this->get('security.token_storage')->getToken()->getUser();
$repository = $this->getDoctrine()->getRepository(User::class);
$user2 = $repository->findOneBy(['u_username' => trim(checkUserInput($username))]);
if($user2)
{
if($user2->getUUsername() != $user->getUUsername())
{
return new Response('error1');
die();
}
}
if(trim(checkUserInput($first)) != "")
{
$user->setUFirstName(checkUserInput($first));
}
if(trim(checkUserInput($last)) != "")
{
$user->setULastName(checkUserInput($last));
}
$user->setUUsername(checkUserInput($username));
$user->setUEmail(checkUserInput($email));
if($pw != "")
{
$user->setUPassword(password_hash($pw, PASSWORD_BCRYPT ));
}
$user->setUStreet(checkUserInput($street));
$user->setUZip(checkUserInput($zip));
$user->setUCity(checkUserInput($city));
$user->setUTelephone(checkUserInput($telephone));
$d = new \DateTime(date('Y-m-d',strtotime(checkUserInput($birthday))));
$user->setUBirthday($d);
$em->persist($user);
$em->flush();
return new Response('ok');die();
}
/**
* @Route("/checkNewUser/{mail}/{username}/{pw}/{birthday}/{first}/{last}/{street}/{zip}/{city}/{telephone}" , name="checkNewUser", options={"expose"=true})
*/
public function checkNewUser($mail, $username, $pw, $birthday, $first, $last, $street,$zip, $city, $telephone )
{
include("./include/function.php");
if(trim(checkUserInput($username)) == "" || trim(checkUserInput($pw)) == "" || trim(checkUserInput($mail)) == "" || trim(checkUserInput($birthday)) == "" ){ return new Response('error2'); die(); }
$repository = $this->getDoctrine()->getRepository(User::class);
$user = $repository->findOneBy(['u_username' => trim(checkUserInput($username))]);
if($user)
{
return new Response('error1');
die();
}
$pw = checkUserInput($pw);
if (strlen($pw) < 8) {
return new Response('error3');die();
}
if (!preg_match("#[0-9]+#", $pw)) {
return new Response('error4');die();
}
if (!preg_match("#[a-zA-Z]+#", $pw)) {
return new Response('error5');die();
}
$em = $this->getDoctrine()->getManager();
if($first == '###'){$first = "";}
if($last == '###'){$last = "";}
if($street == '###'){$street = "";}
if($zip == '###'){$zip = 0;}
if($city == '###'){$city = "";}
if($telephone == '###'){$telephone = "";}
if(!is_numeric($zip)){$zip = 0;}
$d = new \DateTime(strtotime('Y-m-d H:i:s'));
$user = new User();
$user->setUUsername($username);
$user->setUPassword(password_hash($pw, PASSWORD_BCRYPT ));
$user->setUEmail(checkUserInput($mail));
$user->setURole(1);
$user->setULocked(0);
$user->setUFirstname(checkUserInput($first));
$user->setULastname(checkUserInput($last));
$user->setULastlogin($d);
$user->setUStreet(checkUserInput($street));
$user->setUCity(checkUserInput($city));
$user->setUZip(checkUserInput($zip));
$user->setUHouseadmin(0);
$user->setUTelephone(checkUserInput($telephone));
$user->setUCompany(0);
$d = new \DateTime(date('Y-m-d',strtotime(checkUserInput($birthday))));
$user->setUBirthday($d);
// tell Doctrine you want to (eventually) save the Product (no queries yet)
$em->persist($user);
// actually executes the queries (i.e. the INSERT query)
$em->flush();
$session = $this->requestStack->getSession(); //$session = $this->get('session');
$placeid = $session->get('place');
$log = new Userlog();
$log->setUlUid( $user->getId());
$log->setUlSessionid($session->getId());
$log->setUlBrowser($_SERVER['HTTP_USER_AGENT']);
$log->setUlIp($_SERVER['REMOTE_ADDR']);
$now = new \DateTime(date("Y-m-d H:i:s"));
$log->setUlNow($now);
if($placeid == NULL)
{
$log->setUlPlace(0);
}
else
{
$log->setUlPlace($placeid);
}
$log->setUlAction(4);
$log->setUlReferer($_SERVER['HTTP_REFERER']);
$log->setUlCurrentPage($_SERVER['REQUEST_URI']);
$em = $this->getDoctrine()->getManager();
$em->persist($log);
$em->flush();
return new Response('ok');
}
}

src/Controller/UserController.php line 163