Merge branch 'joey-testing' into 'master'
Joey testing See merge request !123
This commit was merged in pull request #127.
This commit is contained in:
Lars van Hijfte
@@ -97,6 +97,18 @@ function validateEmail($variable){
|
||||
}
|
||||
}
|
||||
|
||||
/* checks if an input is a valid email. */
|
||||
function resetEmail($variable){
|
||||
if (empty($variable)) {
|
||||
throw new emailException("Verplicht!");
|
||||
} else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) {
|
||||
throw new emailException("Geldige email invullen");
|
||||
} else if (getResetEmail() == 0){
|
||||
throw new emailException("Email bestaat niet!");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* checks if two passwords matches. */
|
||||
function matchPassword(){
|
||||
if ($_POST["password"] != $_POST["confirmpassword"]) {
|
||||
|
||||
@@ -32,6 +32,22 @@ function getExistingEmail() {
|
||||
|
||||
}
|
||||
|
||||
function getResetEmail() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`email`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`email` LIKE :email
|
||||
");
|
||||
|
||||
$stmt->bindParam(":email", $_POST["forgotEmail"]);
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
|
||||
}
|
||||
|
||||
function registerAccount() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
INSERT INTO
|
||||
|
||||
55
website/queries/requestpassword.php
Normal file
55
website/queries/requestpassword.php
Normal file
@@ -0,0 +1,55 @@
|
||||
<?php
|
||||
include_once "../queries/connect.php";
|
||||
|
||||
function sendPasswordRecovery(string $email) {
|
||||
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`userID`,
|
||||
`username`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`email` = :email
|
||||
");
|
||||
$stmt->bindParam(":email", $email);
|
||||
$stmt->execute();
|
||||
if (!$stmt->rowCount()) {
|
||||
// TODO: Just stop.
|
||||
return;
|
||||
}
|
||||
$result = $stmt->fetch();
|
||||
$userID = $result["userID"];
|
||||
$username = $result["username"];
|
||||
$hash = md5(random_int(0, 1000000));
|
||||
$hashedHash = password_hash($hash, PASSWORD_DEFAULT);
|
||||
setHashToDatabase($userID, $hash);
|
||||
doSendPasswordRecovery($userID, $email, $username, $hashedHash);
|
||||
|
||||
|
||||
} else {
|
||||
// TODO: Be angry!
|
||||
}
|
||||
}
|
||||
|
||||
function doSendPasswordRecovery(int $userID, string $email, string $username, string $hash) {
|
||||
$resetLink = "https://myhyvesbookplus.nl/resetpassword.php?u=$userID&h=$hash";
|
||||
|
||||
$subject = "Reset uw wachtwoord";
|
||||
$body = "Hallo $username,\r\n\r\nKlik op de onderstaande link om uw wachtwoord te resetten.\r\n\r\n$resetLink\r\n\r\nGroeten MyHyvesbook+";
|
||||
$header = "From: MyHyvesbook+ <noreply@myhyvesbookplus.nl>";
|
||||
mail($email, $subject, $body, $header);
|
||||
}
|
||||
|
||||
function setHashToDatabase(int $userID, string $hash) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
UPDATE
|
||||
`user`
|
||||
SET
|
||||
`password` = $hash
|
||||
WHERE
|
||||
`userID` = $userID
|
||||
");
|
||||
$stmt->execute();
|
||||
return $stmt->rowCount();
|
||||
}
|
||||
Reference in New Issue
Block a user