diff --git a/website/public/js/registerAndLogin.js b/website/public/js/registerAndLogin.js index ef49e83..b2fda05 100644 --- a/website/public/js/registerAndLogin.js +++ b/website/public/js/registerAndLogin.js @@ -12,4 +12,4 @@ function bannedAlert(){ function emailNotConfirmed(){ alert("Your account has not been verified yet!\nAnother email has been sent to you") -} \ No newline at end of file +} diff --git a/website/public/login.php b/website/public/login.php index de4ecab..0515793 100644 --- a/website/public/login.php +++ b/website/public/login.php @@ -6,6 +6,8 @@ include_once("../queries/login.php"); include_once("../queries/checkInput.php"); include_once("../queries/emailconfirm.php"); + include_once("../queries/requestpassword.php"); + include_once("../queries/register.php"); ?> getMessage(); + switch ($_POST["submit"]) { + case "login": + try { + $uname = ($_POST["uname"]); + validateLogin($_POST["uname"], $_POST["psw"]); + } catch(loginException $e) { + $loginErr = $e->getMessage(); + } + break; + case "reset": + try { + resetEmail($_POST["forgotEmail"]); + sendPasswordRecovery($_POST["forgotEmail"]); + } catch (emailException $e){ + $resetErr = $e->getMessage(); + echo ""; + } + break; + } } +// // Trying to login +// if ($_SERVER["REQUEST_METHOD"] == "POST") { +// try{ +// $uname = ($_POST["uname"]); +// validateLogin($_POST["uname"], $_POST["psw"]); +// } catch(loginException $e) { +// $loginErr = $e->getMessage(); +// } +// } /* This view adds login view */ include("../views/login-view.php"); diff --git a/website/public/resetpassword.php b/website/public/resetpassword.php new file mode 100644 index 0000000..c2f9221 --- /dev/null +++ b/website/public/resetpassword.php @@ -0,0 +1,49 @@ +prepare(" + UPDATE + `user` + SET + `password` = :password + WHERE + `userID` = :userID + "); + $stmt->bindParam(":password", $_POST["password"]); + $stmt->bindParam(":userID", $_POST["u"]); + $stmt->execute(); +} + +function verifyLink(int $userID, string $hash) { + $stmt = $GLOBALS["db"]->prepare(" + SELECT + `password` + FROM + `user` + WHERE + `userID` = :userID + "); + $stmt->bindParam(":userID", $userID); + $password = $stmt->fetch()["password"]; + return password_verify($password, $hash); +} \ No newline at end of file diff --git a/website/public/styles/index.css b/website/public/styles/index.css index fc9d3d6..97d6f63 100644 --- a/website/public/styles/index.css +++ b/website/public/styles/index.css @@ -3,11 +3,11 @@ a.button { border-radius: 5px; color: black; cursor: pointer; - height: 50%; padding: 8px 20px; - width: 50%; font-family: Arial; - font-size: 20px; + font-size: 22px; + box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); + } /* Body */ @@ -28,12 +28,13 @@ body { form { /*background-color: #a87a87;*/ border-radius: 12px; - height: 75%; + height: 85%; margin: auto; width: 80%; overflow-y:auto; } + /* inlog titel */ h1 { padding: 8px; @@ -48,6 +49,11 @@ h2 { font-size: 2.0em; } +h3 { + padding: 16px; + text-align: center; + font-size: 1.5em; +} input[type=text], input[type=password], input[type=email], input[type="date"] { box-sizing: border-box; @@ -60,14 +66,22 @@ input[type=text], input[type=password], input[type=email], input[type="date"] { width: 55%; } -button[type=submit] { +.center{ + text-align: center; +} + +button { background-color: #C8CABD; + border-radius: 5px; color: black; cursor: pointer; + height: 50%; + padding: 8px 20px; + margin: 10px; font-family: Arial; font-size: 22px; - height: 30px; - width: 120px; + box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); + } .error { @@ -80,31 +94,6 @@ label { display: block; } -.left-arrow { - display: inline-block; - position: relative; - background-color: #C8CABD; - height: 25px; - width: 120px; - padding: 3px 3px 3px 3px; - text-align: center; - border-radius: 0px 5px 5px 0px; - font-size: 22px; - -} -.left-arrow:after { - content: ''; - display: block; - position: absolute; - right: 100%; - top: 0; - bottom: 0; - border-top: 12px solid transparent; - border-right: 20px solid #C8CABD; - border-bottom: 12px solid transparent; - border-left: 0px solid transparent; -} - /* padding voor registreer container */ .login_containerregister { padding: 16px; @@ -137,24 +126,84 @@ label { background-repeat: repeat-x; background-attachment: fixed;*/ box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); - height: 500px; + height: 400px; margin: 34px auto; overflow-y: auto; padding: 20px; width: 45%; } -/*.platform { - width: 40%; - margin: 34px auto; -}*/ - -@-webkit-keyframes animatezoom { - from {-webkit-transform: scale(0)} - to {-webkit-transform: scale(1)} -} - ul { font-family: Arial; font-size: 16px; } + +/* The Modal (background) */ +.modal { + display: none; /* Hidden by default */ + position: fixed; /* Stay in place */ + z-index: 1; /* Sit on top */ + padding-top: 100px; /* Location of the box */ + left: 0; + top: 0; + width: 100%; /* Full width */ + height: 100%; /* Full height */ + overflow: auto; /* Enable scroll if needed */ + background-color: rgb(0,0,0); /* Fallback color */ + background-color: rgba(0,0,0,0.4); /* Black w/ opacity */ +} + +/* Modal Content */ +.modal-content { + position: relative; + background-color: #FFFFFF; + margin: auto; + padding: 0; + border: 1px solid #888; + width: 500px; + box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2),0 6px 20px 0 rgba(0,0,0,0.19); + -webkit-animation-name: animatetop; + -webkit-animation-duration: 0.4s; + animation-name: animatetop; + animation-duration: 0.4s +} + +/* Add Animation */ +@-webkit-keyframes animatetop { + from {top:-300px; opacity:0} + to {top:0; opacity:1} +} + +@keyframes animatetop { + from {top:-300px; opacity:0} + to {top:0; opacity:1} +} + +/* The Close Button */ +.close { + color: white; + float: right; + font-size: 28px; + font-weight: bold; +} + +.close:hover, +.close:focus { + color: #000; + text-decoration: none; + cursor: pointer; +} + +.modal-header { + padding: 2px 16px; + background-color: #FBC02D; + color: black; +} + +.modal-body {padding: 2px 16px;} + +.modal-footer { + padding: 2px 16px; + background-color: #FBC02D; + color: black; +} \ No newline at end of file diff --git a/website/public/styles/resetpassword.css b/website/public/styles/resetpassword.css new file mode 100644 index 0000000..a3d7942 --- /dev/null +++ b/website/public/styles/resetpassword.css @@ -0,0 +1,17 @@ +.password-change { + height: 100%; + background-color: #FBC02D; + margin: auto; +} + +.top-logo { + text-align: center; +} + +.item-box { + margin: 30px auto auto; + display: block; +} +.password-change img { + width: 50%; +} diff --git a/website/queries/checkInput.php b/website/queries/checkInput.php index 5f72f10..9b91833 100644 --- a/website/queries/checkInput.php +++ b/website/queries/checkInput.php @@ -97,6 +97,18 @@ function validateEmail($variable){ } } +/* checks if an input is a valid email. */ +function resetEmail($variable){ + if (empty($variable)) { + throw new emailException("Verplicht!"); + } else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) { + throw new emailException("Geldige email invullen"); + } else if (getResetEmail() == 0){ + throw new emailException("Email bestaat niet!"); + } +} + + /* checks if two passwords matches. */ function matchPassword(){ if ($_POST["password"] != $_POST["confirmpassword"]) { diff --git a/website/queries/register.php b/website/queries/register.php index 4700e72..738ef43 100644 --- a/website/queries/register.php +++ b/website/queries/register.php @@ -32,6 +32,22 @@ function getExistingEmail() { } +function getResetEmail() { + $stmt = $GLOBALS["db"]->prepare(" + SELECT + `email` + FROM + `user` + WHERE + `email` LIKE :email + "); + + $stmt->bindParam(":email", $_POST["forgotEmail"]); + $stmt->execute(); + return $stmt->rowCount(); + +} + function registerAccount() { $stmt = $GLOBALS["db"]->prepare(" INSERT INTO diff --git a/website/queries/requestpassword.php b/website/queries/requestpassword.php new file mode 100644 index 0000000..abf87c7 --- /dev/null +++ b/website/queries/requestpassword.php @@ -0,0 +1,55 @@ +prepare(" + SELECT + `userID`, + `username` + FROM + `user` + WHERE + `email` = :email + "); + $stmt->bindParam(":email", $email); + $stmt->execute(); + if (!$stmt->rowCount()) { + // TODO: Just stop. + return; + } + $result = $stmt->fetch(); + $userID = $result["userID"]; + $username = $result["username"]; + $hash = md5(random_int(0, 1000000)); + $hashedHash = password_hash($hash, PASSWORD_DEFAULT); + setHashToDatabase($userID, $hash); + doSendPasswordRecovery($userID, $email, $username, $hashedHash); + + + } else { + // TODO: Be angry! + } +} + +function doSendPasswordRecovery(int $userID, string $email, string $username, string $hash) { + $resetLink = "https://myhyvesbookplus.nl/resetpassword.php?u=$userID&h=$hash"; + + $subject = "Reset uw wachtwoord"; + $body = "Hallo $username,\r\n\r\nKlik op de onderstaande link om uw wachtwoord te resetten.\r\n\r\n$resetLink\r\n\r\nGroeten MyHyvesbook+"; + $header = "From: MyHyvesbook+ "; + mail($email, $subject, $body, $header); +} + +function setHashToDatabase(int $userID, string $hash) { + $stmt = $GLOBALS["db"]->prepare(" + UPDATE + `user` + SET + `password` = $hash + WHERE + `userID` = $userID + "); + $stmt->execute(); + return $stmt->rowCount(); +} \ No newline at end of file diff --git a/website/views/login-view.php b/website/views/login-view.php index 7a023f0..de4c48b 100644 --- a/website/views/login-view.php +++ b/website/views/login-view.php @@ -7,8 +7,9 @@

Welkom bij MyHyvesbook+

" - return= $correct - method="post"> + return=$correct + method="post" + name="login">
+
- Registreer een account + Registreer een account + + + + + +
- + diff --git a/website/views/login_head.php b/website/views/login_head.php index e831cd2..e319a9d 100644 --- a/website/views/login_head.php +++ b/website/views/login_head.php @@ -7,7 +7,7 @@ - + diff --git a/website/views/register-view.php b/website/views/register-view.php index f970a6f..5f39472 100644 --- a/website/views/register-view.php +++ b/website/views/register-view.php @@ -126,7 +126,7 @@
- Login + Annuleren + + + +
+ + \ No newline at end of file