MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into hendrik-search

Browse Source
This commit is contained in:
Hendrik
2017-01-20 16:18:53 +01:00
parent 9152ae4f75 7e3648d36c
commit 581f6e18f0
7 changed files with 81 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
website/queries/settings.php
View File

@@ -87,11 +87,11 @@ function updateSettings() {
`userID` = :userID
");
$stmt->bindParam(":fname", $_POST["fname"]);
$stmt->bindParam(":lname", $_POST["lname"]);
$stmt->bindParam(":location", $_POST["location"]);
$stmt->bindParam(":fname", test_input($_POST["fname"]));
$stmt->bindParam(":lname", test_input($_POST["lname"]));
$stmt->bindParam(":location", test_input($_POST["location"]));
$stmt->bindParam(":bday", $_POST["bday"]);
$stmt->bindParam(":bio", $_POST["bio"]);
$stmt->bindParam(":bio", test_input($_POST["bio"]));
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
@@ -99,11 +99,11 @@ function updateSettings() {
return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
}
function updatePassword() {
function changePassword() {
$user = getPasswordHash();
if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword()) {
if (doChangePassword()) {
return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else {
return new settingsMessage("angry", "Er is iets mis gegaan.");
@@ -116,7 +116,7 @@ function updatePassword() {
}
}
function changePassword() {
function doChangePassword() {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
@@ -184,4 +184,26 @@ function doChangeEmail($email) {
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
}
function updateProfilePicture() {
$profilePictureDir = "/var/www/html/public/";
$relativePath = "uploads/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]);
move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath);
setProfilePictureToDatabase("../" . $relativePath);
}
function setProfilePictureToDatabase($url) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`profilepicture` = :profilepicture
WHERE
`userID` = :userID
");
$stmt->bindParam(":profilepicture", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
}