Merge branch 'marijn-settings' into 'master'
Password change See merge request !124
This commit was merged in pull request #128.
This commit is contained in:
Marijn Jansen
@@ -8,16 +8,19 @@ if ($_SERVER["REQUEST_METHOD"] == "GET") {
|
|||||||
echo "Ongeldige link.";
|
echo "Ongeldige link.";
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
echo "Ongeldige link";
|
echo "Ongeldige link.";
|
||||||
}
|
}
|
||||||
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
|
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||||
if (verifyLink($_POST["u"], $_POST["h"])) {
|
if (verifyLink($_POST["u"], $_POST["h"])) {
|
||||||
if ($_POST["password"] == $_POST["password-confirm"]) {
|
if ($_POST["password"] == $_POST["password-confirm"]) {
|
||||||
changePassword();
|
changePassword();
|
||||||
|
echo "Wachtwoord is veranderd";
|
||||||
|
} else {
|
||||||
|
echo "Wachtwoorden zijn niet hetzelfde";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
echo "Ongeldige link";
|
echo "Ongeldige link.";
|
||||||
}
|
}
|
||||||
|
|
||||||
function changePassword() {
|
function changePassword() {
|
||||||
@@ -29,7 +32,7 @@ function changePassword() {
|
|||||||
WHERE
|
WHERE
|
||||||
`userID` = :userID
|
`userID` = :userID
|
||||||
");
|
");
|
||||||
$stmt->bindParam(":password", $_POST["password"]);
|
$stmt->bindValue(":password", password_hash($_POST["password"], PASSWORD_DEFAULT));
|
||||||
$stmt->bindParam(":userID", $_POST["u"]);
|
$stmt->bindParam(":userID", $_POST["u"]);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
}
|
}
|
||||||
@@ -44,6 +47,7 @@ function verifyLink(int $userID, string $hash) {
|
|||||||
`userID` = :userID
|
`userID` = :userID
|
||||||
");
|
");
|
||||||
$stmt->bindParam(":userID", $userID);
|
$stmt->bindParam(":userID", $userID);
|
||||||
|
$stmt->execute();
|
||||||
$password = $stmt->fetch()["password"];
|
$password = $stmt->fetch()["password"];
|
||||||
return password_verify($password, $hash);
|
return password_verify($password, $hash);
|
||||||
}
|
}
|
||||||
@@ -15,7 +15,6 @@ function sendPasswordRecovery(string $email) {
|
|||||||
$stmt->bindParam(":email", $email);
|
$stmt->bindParam(":email", $email);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
if (!$stmt->rowCount()) {
|
if (!$stmt->rowCount()) {
|
||||||
// TODO: Just stop.
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$result = $stmt->fetch();
|
$result = $stmt->fetch();
|
||||||
@@ -25,8 +24,6 @@ function sendPasswordRecovery(string $email) {
|
|||||||
$hashedHash = password_hash($hash, PASSWORD_DEFAULT);
|
$hashedHash = password_hash($hash, PASSWORD_DEFAULT);
|
||||||
setHashToDatabase($userID, $hash);
|
setHashToDatabase($userID, $hash);
|
||||||
doSendPasswordRecovery($userID, $email, $username, $hashedHash);
|
doSendPasswordRecovery($userID, $email, $username, $hashedHash);
|
||||||
|
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
// TODO: Be angry!
|
// TODO: Be angry!
|
||||||
}
|
}
|
||||||
@@ -46,10 +43,12 @@ function setHashToDatabase(int $userID, string $hash) {
|
|||||||
UPDATE
|
UPDATE
|
||||||
`user`
|
`user`
|
||||||
SET
|
SET
|
||||||
`password` = $hash
|
`password` = :hash
|
||||||
WHERE
|
WHERE
|
||||||
`userID` = $userID
|
`userID` = :userID
|
||||||
");
|
");
|
||||||
|
$stmt->bindParam(":hash", $hash);
|
||||||
|
$stmt->bindParam(":userID", $userID);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
return $stmt->rowCount();
|
return $stmt->rowCount();
|
||||||
}
|
}
|
||||||
Reference in New Issue
Block a user