MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Password change

Browse Source
This commit is contained in:
Marijn Jansen
2017-01-25 16:21:17 +01:00
parent ded314f4d6
commit 4ebdd378a6
2 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
website/public/resetpassword.php
View File

@@ -8,16 +8,19 @@ if ($_SERVER["REQUEST_METHOD"] == "GET") {
echo "Ongeldige link.";
}
} else {
echo "Ongeldige link";
echo "Ongeldige link.";
}
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
if (verifyLink($_POST["u"], $_POST["h"])) {
if ($_POST["password"] == $_POST["password-confirm"]) {
changePassword();
echo "Wachtwoord is veranderd";
} else {
echo "Wachtwoorden zijn niet hetzelfde";
}
}
} else {
echo "Ongeldige link";
echo "Ongeldige link.";
}
function changePassword() {
@@ -29,7 +32,7 @@ function changePassword() {
WHERE
`userID` = :userID
");
$stmt->bindParam(":password", $_POST["password"]);
$stmt->bindValue(":password", password_hash($_POST["password"], PASSWORD_DEFAULT));
$stmt->bindParam(":userID", $_POST["u"]);
$stmt->execute();
}
@@ -44,6 +47,7 @@ function verifyLink(int $userID, string $hash) {
`userID` = :userID
");
$stmt->bindParam(":userID", $userID);
$stmt->execute();
$password = $stmt->fetch()["password"];
return password_verify($password, $hash);
}

9
website/queries/requestpassword.php
View File

@@ -15,7 +15,6 @@ function sendPasswordRecovery(string $email) {
$stmt->bindParam(":email", $email);
$stmt->execute();
if (!$stmt->rowCount()) {
// TODO: Just stop.
return;
}
$result = $stmt->fetch();
@@ -25,8 +24,6 @@ function sendPasswordRecovery(string $email) {
$hashedHash = password_hash($hash, PASSWORD_DEFAULT);
setHashToDatabase($userID, $hash);
doSendPasswordRecovery($userID, $email, $username, $hashedHash);
} else {
// TODO: Be angry!
}
@@ -46,10 +43,12 @@ function setHashToDatabase(int $userID, string $hash) {
UPDATE
`user`
SET
`password` = $hash
`password` = :hash
WHERE
`userID` = $userID
`userID` = :userID
");
$stmt->bindParam(":hash", $hash);
$stmt->bindParam(":userID", $userID);
$stmt->execute();
return $stmt->rowCount();
}