Part 2

What are we building?

• Guestbook post form
• Guestbook list view
• User registration
• Login and logout
• Access restriction of certain pages

Documentation

• Slides: http://bit.ly/aft-slides-silex
• Silex: http://silex.sensiolabs.org/documentation
• All code examples: web/examples.php

Guestbook post form

• Route GET /guestbook
• Render template guestbook.twig
• Pass the path as submitUrl to the template
• Return the rendered template in a new Response

GIT Branch: workshop/1-guestbook-form

Submitting the form (1)

• Route POST /guestbook
• Use $request->request->get(...) to get the POST data
• Create an array with all the data for the entry:
  • id (use uniqid())
  • created (use time())
  • name
  • message

GIT Branch: workshop/2-guestbook-post

Submitting the form (2)

• Create a function called saveGuestbookEntry($entry)
• Encode the data using json_encode()
• Write the data to a file called files/guestbook-entries.json using file_put_contents()
• Return a RedirectResponse to /guestbook

GIT Branch: workshop/2-guestbook-post

Validating the input

• Create an array called $errors in the post handler
• Add an error message to the array if $name is empty
• Add an error message to the array if $message is empty
• If the array is not empty after validating all the fields:
  • Render the guestbook.twig template
  • Pass the errors as errors in the options
  • Pass an array called formValues with keys name and message
  • Return the rendered HTML as a new Response

GIT Branch: workshop/3-guestbook-validation

Guestbook entries

• Create a function called readGuestbookEntries()
• Inside, read the contents of files/guestbook-entries.json using file_get_contents()
• Decode the JSON data using json_decode($data, $assoc) with the $assoc parameter set to true to convert it to an array
• Pass the result of the function wherever you render guestbook.twig as the entries option

GIT Branch: workshop/4-guestbook-entries

User registration

• GET /user/registration should render registration.twig and return it in a Response
• POST /user/registration should get the values of username, password, passwordConfirmation, name and email
• All values should not be empty, and password and passwordConfirmation should be the same
• In case of errors, render the registration.twig template with errors and formValues
• Otherwise, save the user using a function saveUser($user) (key by username). Afterwards, redirect to /user/login

GIT Branch: workshop/5-registration

User login

• GET /user/login should render login.twig with submitUrl
• POST /user/login should get username and password from the post data
• Read the user data and compare the passwords
• Incorrect user/pwd: Render login.twig with errors
• Correct username and password:
  • $app['session']->set('username', ...) to store the username
  • Afterwards redirect to /user/profile
• GET /user/profile should render profile.twig with username ($app['session']->get(...))

GIT Branch: workshop/6-login

User logout

• On GET /user/profile, add logoutUrl option to template
• GET /user/logout
  • $app['session']->remove('username') to unset the username
  • Redirect to /user/login

GIT Branch: workshop/7-logout

Access restriction

• Use before() on the routes you want to restrict access to.
• Eg. /guestbook and /user/profile
• Check whether or not a username is set in the session data
• If not, redirect to /user/login
• http://silex.sensiolabs.org/doc/middlewares.html#route-middlewares

GIT Branch: workshop/8-access-control

Bonus challenges

• Custom login destinations: Redirect back to the page that was requested before the user logged in
• Pre-fill the user's name in the guestbook form
• Simplify the read/write functions: Reduce code duplication by creating a re-usable function for both
• Validate the user's e-mail address on registration