MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'joey-testing' into 'master'

Browse Source 
Joey testing

See merge request !123
This commit was merged in pull request #127.
This commit is contained in:
Lars van Hijfte
2017-01-25 16:21:02 +01:00
parent e1ca3c52ed 4c5ea08614
commit 09dac78eb4
12 changed files with 399 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
website/public/login.php
View File

@@ -6,6 +6,8 @@
include_once("../queries/login.php"); include_once("../queries/login.php");
include_once("../queries/checkInput.php"); include_once("../queries/checkInput.php");
include_once("../queries/emailconfirm.php"); include_once("../queries/emailconfirm.php");
include_once("../queries/requestpassword.php");
include_once("../queries/register.php");
?> ?>
<body> <body>
<?php <?php
@@ -19,17 +21,43 @@
// Define variables and set to empty values // Define variables and set to empty values
$uname = $psw =""; $uname = $psw ="";
$loginErr =""; $loginErr = $resetErr ="";
// Trying to login
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
try{ switch ($_POST["submit"]) {
$uname = ($_POST["uname"]); case "login":
validateLogin($_POST["uname"], $_POST["psw"]); try {
} catch(loginException $e) { $uname = ($_POST["uname"]);
$loginErr = $e->getMessage(); validateLogin($_POST["uname"], $_POST["psw"]);
} catch(loginException $e) {
$loginErr = $e->getMessage();
}
break;
case "reset":
try {
resetEmail($_POST["forgotEmail"]);
sendPasswordRecovery($_POST["forgotEmail"]);
} catch (emailException $e){
$resetErr = $e->getMessage();
echo "<script>
window.onload = function() {
$('#myModal').show();
}
</script>";
}
break;
} }
} }
// // Trying to login
// if ($_SERVER["REQUEST_METHOD"] == "POST") {
// try{
// $uname = ($_POST["uname"]);
// validateLogin($_POST["uname"], $_POST["psw"]);
// } catch(loginException $e) {
// $loginErr = $e->getMessage();
// }
// }
/* This view adds login view */ /* This view adds login view */
include("../views/login-view.php"); include("../views/login-view.php");

49
website/public/resetpassword.php Normal file
View File

@@ -0,0 +1,49 @@
<?php
include_once("../queries/connect.php");
if ($_SERVER["REQUEST_METHOD"] == "GET") {
if (array_key_exists("u", $_GET) and array_key_exists("h", $_GET)) {
if (verifyLink($_GET["u"], $_GET["h"])) {
include "../views/resetpassword.php";
} else {
echo "Ongeldige link.";
}
} else {
echo "Ongeldige link";
}
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
if (verifyLink($_POST["u"], $_POST["h"])) {
if ($_POST["password"] == $_POST["password-confirm"]) {
changePassword();
}
}
} else {
echo "Ongeldige link";
}
function changePassword() {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`password` = :password
WHERE
`userID` = :userID
");
$stmt->bindParam(":password", $_POST["password"]);
$stmt->bindParam(":userID", $_POST["u"]);
$stmt->execute();
}
function verifyLink(int $userID, string $hash) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $userID);
$password = $stmt->fetch()["password"];
return password_verify($password, $hash);
}

135
website/public/styles/index.css
View File

@@ -3,11 +3,11 @@ a.button {
border-radius: 5px; border-radius: 5px;
color: black; color: black;
cursor: pointer; cursor: pointer;
height: 50%;
padding: 8px 20px; padding: 8px 20px;
width: 50%;
font-family: Arial; font-family: Arial;
font-size: 20px; font-size: 22px;
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
} }
/* Body */ /* Body */
@@ -28,12 +28,13 @@ body {
form { form {
/*background-color: #a87a87;*/ /*background-color: #a87a87;*/
border-radius: 12px; border-radius: 12px;
height: 75%; height: 85%;
margin: auto; margin: auto;
width: 80%; width: 80%;
overflow-y:auto; overflow-y:auto;
} }
/* inlog titel */ /* inlog titel */
h1 { h1 {
padding: 8px; padding: 8px;
@@ -48,6 +49,11 @@ h2 {
font-size: 2.0em; font-size: 2.0em;
} }
h3 {
padding: 16px;
text-align: center;
font-size: 1.5em;
}
input[type=text], input[type=password], input[type=email], input[type="date"] { input[type=text], input[type=password], input[type=email], input[type="date"] {
box-sizing: border-box; box-sizing: border-box;
@@ -60,14 +66,22 @@ input[type=text], input[type=password], input[type=email], input[type="date"] {
width: 55%; width: 55%;
} }
button[type=submit] { .center{
text-align: center;
}
button {
background-color: #C8CABD; background-color: #C8CABD;
border-radius: 5px;
color: black; color: black;
cursor: pointer; cursor: pointer;
height: 50%;
padding: 8px 20px;
margin: 10px;
font-family: Arial; font-family: Arial;
font-size: 22px; font-size: 22px;
height: 30px; box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
width: 120px;
} }
.error { .error {
@@ -80,31 +94,6 @@ label {
display: block; display: block;
} }
.left-arrow {
display: inline-block;
position: relative;
background-color: #C8CABD;
height: 25px;
width: 120px;
padding: 3px 3px 3px 3px;
text-align: center;
border-radius: 0px 5px 5px 0px;
font-size: 22px;
}
.left-arrow:after {
content: '';
display: block;
position: absolute;
right: 100%;
top: 0;
bottom: 0;
border-top: 12px solid transparent;
border-right: 20px solid #C8CABD;
border-bottom: 12px solid transparent;
border-left: 0px solid transparent;
}
/* padding voor registreer container */ /* padding voor registreer container */
.login_containerregister { .login_containerregister {
padding: 16px; padding: 16px;
@@ -137,24 +126,84 @@ label {
background-repeat: repeat-x; background-repeat: repeat-x;
background-attachment: fixed;*/ background-attachment: fixed;*/
box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24);
height: 500px; height: 400px;
margin: 34px auto; margin: 34px auto;
overflow-y: auto; overflow-y: auto;
padding: 20px; padding: 20px;
width: 45%; width: 45%;
} }
/*.platform {
width: 40%;
margin: 34px auto;
}*/
@-webkit-keyframes animatezoom {
from {-webkit-transform: scale(0)}
to {-webkit-transform: scale(1)}
}
ul { ul {
font-family: Arial; font-family: Arial;
font-size: 16px; font-size: 16px;
} }
/* The Modal (background) */
.modal {
display: none; /* Hidden by default */
position: fixed; /* Stay in place */
z-index: 1; /* Sit on top */
padding-top: 100px; /* Location of the box */
left: 0;
top: 0;
width: 100%; /* Full width */
height: 100%; /* Full height */
overflow: auto; /* Enable scroll if needed */
background-color: rgb(0,0,0); /* Fallback color */
background-color: rgba(0,0,0,0.4); /* Black w/ opacity */
}
/* Modal Content */
.modal-content {
position: relative;
background-color: #FFFFFF;
margin: auto;
padding: 0;
border: 1px solid #888;
width: 500px;
box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2),0 6px 20px 0 rgba(0,0,0,0.19);
-webkit-animation-name: animatetop;
-webkit-animation-duration: 0.4s;
animation-name: animatetop;
animation-duration: 0.4s
}
/* Add Animation */
@-webkit-keyframes animatetop {
from {top:-300px; opacity:0}
to {top:0; opacity:1}
}
@keyframes animatetop {
from {top:-300px; opacity:0}
to {top:0; opacity:1}
}
/* The Close Button */
.close {
color: white;
float: right;
font-size: 28px;
font-weight: bold;
}
.close:hover,
.close:focus {
color: #000;
text-decoration: none;
cursor: pointer;
}
.modal-header {
padding: 2px 16px;
background-color: #FBC02D;
color: black;
}
.modal-body {padding: 2px 16px;}
.modal-footer {
padding: 2px 16px;
background-color: #FBC02D;
color: black;
}

17
website/public/styles/resetpassword.css Normal file
View File

@@ -0,0 +1,17 @@
.password-change {
height: 100%;
background-color: #FBC02D;
margin: auto;
}
.top-logo {
text-align: center;
}
.item-box {
margin: 30px auto auto;
display: block;
}
.password-change img {
width: 50%;
}

12
website/queries/checkInput.php
View File

@@ -97,6 +97,18 @@ function validateEmail($variable){
} }
} }
/* checks if an input is a valid email. */
function resetEmail($variable){
if (empty($variable)) {
throw new emailException("Verplicht!");
} else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) {
throw new emailException("Geldige email invullen");
} else if (getResetEmail() == 0){
throw new emailException("Email bestaat niet!");
}
}
/* checks if two passwords matches. */ /* checks if two passwords matches. */
function matchPassword(){ function matchPassword(){
if ($_POST["password"] != $_POST["confirmpassword"]) { if ($_POST["password"] != $_POST["confirmpassword"]) {

16
website/queries/register.php
View File

@@ -32,6 +32,22 @@ function getExistingEmail() {
} }
function getResetEmail() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`email`
FROM
`user`
WHERE
`email` LIKE :email
");
$stmt->bindParam(":email", $_POST["forgotEmail"]);
$stmt->execute();
return $stmt->rowCount();
}
function registerAccount() { function registerAccount() {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
INSERT INTO INSERT INTO

55
website/queries/requestpassword.php Normal file
View File

@@ -0,0 +1,55 @@
<?php
include_once "../queries/connect.php";
function sendPasswordRecovery(string $email) {
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`userID`,
`username`
FROM
`user`
WHERE
`email` = :email
");
$stmt->bindParam(":email", $email);
$stmt->execute();
if (!$stmt->rowCount()) {
// TODO: Just stop.
return;
}
$result = $stmt->fetch();
$userID = $result["userID"];
$username = $result["username"];
$hash = md5(random_int(0, 1000000));
$hashedHash = password_hash($hash, PASSWORD_DEFAULT);
setHashToDatabase($userID, $hash);
doSendPasswordRecovery($userID, $email, $username, $hashedHash);
} else {
// TODO: Be angry!
}
}
function doSendPasswordRecovery(int $userID, string $email, string $username, string $hash) {
$resetLink = "https://myhyvesbookplus.nl/resetpassword.php?u=$userID&h=$hash";
$subject = "Reset uw wachtwoord";
$body = "Hallo $username,\r\n\r\nKlik op de onderstaande link om uw wachtwoord te resetten.\r\n\r\n$resetLink\r\n\r\nGroeten MyHyvesbook+";
$header = "From: MyHyvesbook+ <noreply@myhyvesbookplus.nl>";
mail($email, $subject, $body, $header);
}
function setHashToDatabase(int $userID, string $hash) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`password` = $hash
WHERE
`userID` = $userID
");
$stmt->execute();
return $stmt->rowCount();
}

81
website/views/login-view.php
View File

@@ -7,8 +7,9 @@
<h1>Welkom bij MyHyvesbook+</h1> <h1>Welkom bij MyHyvesbook+</h1>
<!-- Login content --> <!-- Login content -->
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct return=$correct
method="post"> method="post"
name="login">
<!-- Login name --> <!-- Login name -->
<div class="login_containerlogin"> <div class="login_containerlogin">
@@ -37,15 +38,79 @@
<!-- Button for logging in --> <!-- Button for logging in -->
<div class="login_containerlogin"> <div class="login_containerlogin">
<button type="submit" <button type="submit"
value="Login" value="login"
name="submit" name="submit"
id="frm1_submit"> id="frm1_submit">
Login Inloggen
</button> </button>
</div> </div>
</form> </form>
</div>
<!-- Button for going to the register screen --> <!-- Button for going to the register screen -->
<div class="login_containerlogin"> <div class="login_containerlogin">
<a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a> <a href="https://myhyvesbookplus.nl/register" class="button">Registreer een account</a>
<!-- Trigger/Open The Modal -->
<button id="myBtn" class="button">Wachtwoord vergeten</button>
<!-- The Modal -->
<div id="myModal" class="modal">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post"
name="forgotPassword">
<!-- Modal content -->
<div class="modal-content">
<div class="modal-header">
<span class="close">&times;</span>
<h3>Voer uw emailadres in</h3>
</div>
<div class="modal-body">
<input type="text"
placeholder="Voer uw email in"
name="forgotEmail"
title="Voer een email in">
</div>
<div class="modal-footer">
<div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
<button type="submit"
value="reset"
name="submit"
id="frm1_submit">
Reset password
</button>
</div>
</div>
</form>
</div>
</div> </div>
</div> <script>
// Get the modal
var modal = document.getElementById('myModal');
// Get the button that opens the modal
var btn = document.getElementById("myBtn");
// Get the <span> element that closes the modal
var span = document.getElementsByClassName("close")[0];
// When the user clicks the button, open the modal
btn.onclick = function() {
modal.style.display = "block";
}
// When the user clicks on <span> (x), close the modal
span.onclick = function() {
modal.style.display = "none";
}
// When the user clicks anywhere outside of the modal, close it
window.onclick = function(event) {
if (event.target == modal) {
modal.style.display = "none";
}
}
</script>

2
website/views/login_head.php
View File

@@ -7,7 +7,7 @@
<link rel="stylesheet" <link rel="stylesheet"
type="text/css" type="text/css"
href="styles/index.css"> href="styles/index.css">
<script src="js/jqeury.js"></script> <script src="js/jquery.js"></script>
<script src="js/registerAndLogin.js"></script> <script src="js/registerAndLogin.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script> <script src='https://www.google.com/recaptcha/api.js'></script>
</head> </head>

2
website/views/register-view.php
View File

@@ -126,7 +126,7 @@
<!-- Button for registering --> <!-- Button for registering -->
<div class="login_containerlogin"> <div class="login_containerlogin">
<!-- Button for going back to login screen --> <!-- Button for going back to login screen -->
<a href="https://myhyvesbookplus.nl/login.php" class="left-arrow">Login</a> <a href="https://myhyvesbookplus.nl/login.php" class="button">Annuleren</a>
<button type="submit" <button type="submit"
value="Registreer uw account" value="Registreer uw account"

47
website/views/resetpassword.php Normal file
View File

@@ -0,0 +1,47 @@
<!DOCTYPE html>
<html>
<head>
<style>
@import url(styles/main.css);
@import url(styles/settings.css);
@import url(styles/resetpassword.css);
</style>
</head>
<body>
<div class='password-change'>
<div class="top-logo"><img src="img/top-logo.png" alt="MyHyvesbook+"/></div>
<form class='settings platform item-box' method='post'>
<h5>Voer een nieuw wachtwoord in</h5>
<input type="hidden"
name="u"
value="<?=$_GET["u"]?>"
>
<input type="hidden"
name="h"
value="<?=$_GET["h"]?>"
>
<ul>
<li>
<label>Nieuw wachtwoord</label>
<input type='password'
name='password'
placeholder='Nieuw wachtwoord'
>
</li>
<li>
<label>Bevestig wachtwoord</label>
<input type='password'
name='password-confirm'
placeholder='Bevestig wachtwoord'
>
</li>
<li>
<label></label>
<button type='submit'>Verander wachtwoord</button>
</li>
</ul>
</form>
</div>
</body>
</html>