From 64ea5d3f68c70a51153d8288d127ebd5cacf004e Mon Sep 17 00:00:00 2001
From: Joey Lai <joeylai96@hotmail.com>
Date: Thu, 19 Jan 2017 15:55:28 +0100
Subject: [PATCH] Functions with validating

---
 website/mysql_config.xml        |   7 --
 website/public/login.php        |   8 +--
 website/public/register.php     | 124 +++-----------------------------
 website/queries/checkInput.php  |  95 ++++++++++++++++++++++++
 website/views/login-view.php    |   2 +-
 website/views/register-view.php |   4 +-
 6 files changed, 113 insertions(+), 127 deletions(-)
 delete mode 100644 website/mysql_config.xml
 create mode 100644 website/queries/checkInput.php

diff --git a/website/mysql_config.xml b/website/mysql_config.xml
deleted file mode 100644
index de2d929..0000000
--- a/website/mysql_config.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version='1.0'?>
-<MySQL_INIT>
-    <mysql_host>localhost</mysql_host>
-    <mysql_database>myhyvesbookplus</mysql_database>
-    <mysql_username>mhbp</mysql_username>
-    <mysql_password>qdtboXhCHJyL2szC</mysql_password>
-</MySQL_INIT>
\ No newline at end of file
diff --git a/website/public/login.php b/website/public/login.php
index f889f2f..d8eb62a 100644
--- a/website/public/login.php
+++ b/website/public/login.php
@@ -15,16 +15,16 @@
 
     // Trying to login
     if ($_SERVER["REQUEST_METHOD"] == "POST") {
-        $uname=strtolower($_POST["uname"]);
         // Empty username or password field
         if (empty($_POST["uname"]) || empty($_POST["psw"])) {
             $loginErr = "Gebruikersnaam of wachtwoord is niet ingevuld";
 
         }
         else {
-            $psw=$_POST["psw"];
-            $hash=getUser()["password"];
-            $userid=getUser()["userID"];
+            $uname = strtolower(test_input($_POST["uname"]));
+            $psw = test_input($_POST["psw"]);
+            $hash = getUser()["password"];
+            $userid = getUser()["userID"];
 
             // If there's an account, go to the profile page
             if(password_verify($psw, $hash)) {
diff --git a/website/public/register.php b/website/public/register.php
index c454d66..66d1454 100644
--- a/website/public/register.php
+++ b/website/public/register.php
@@ -4,7 +4,7 @@
     include("../views/login_head.php");
     require_once("../queries/connect.php");
     include_once("../queries/register.php");
-
+    include_once("../queries/checkInput.php");
 ?>
 <body>
 <?php
@@ -17,127 +17,25 @@
 
     // Trying to register an account
     if ($_SERVER["REQUEST_METHOD"] == "POST") {
-        if (empty($_POST["name"])) {
-            $nameErr = "Naam is verplicht!";
-            $correct = false;
+        checkInputChoice("name", "lettersAndSpace");
+        checkInputChoice("surname", "lettersAndSpace");
 
-        } else {
-            $name = test_input($_POST["name"]);
-            if (!preg_match("/^[a-zA-Z ]*$/",$name)) {
-                $nameErr = "Alleen letters en spaties zijn toegestaan!";
-                $correct = false;
-
-            }
-        }
-
-        if (empty($_POST["surname"])) {
-            $surnameErr = "Achternaam is verplicht!";
-            $correct = false;
-
-        } else {
-            $surname = test_input($_POST["surname"]);
-            if (!preg_match("/^[a-zA-Z ]*$/",$surname)) {
-                $surnameErr = "Alleen letters en spaties zijn toegestaan!";
-                $correct = false;
-
-            }
-        }
         if (empty($_POST["bday"])) {
             $bdayErr = "Geboortedatum is verplicht!";
             $correct = false;
 
-        }
-
-        if (empty($_POST["username"])) {
-            $usernameErr = "Gebruikersnaam is verplicht!";
-            $correct = false;
-
         } else {
-            $username = test_input($_POST["username"]);
-            if (strlen($username) < 6) {
-                $usernameErr = "Gebruikersnaam moet minstens 6 karakters bevatten";
-                $correct = false;
-
-            } else if (getExistingUsername() == 1){
-                $usernameErr = "Gebruikersnaam bestaat al";
-                $correct = false;
-
-            }
+          $bday = test_input($_POST["bday"]);
         }
 
-        if (empty($_POST["password"])) {
-            $passwordErr = "Wachtwoord is verplicht!";
-            $correct = false;
-
-        } else {
-            $password = test_input($_POST["password"]);
-            if (strlen($password) < 8) {
-                $passwordErr = "Wachtwoord moet minstens 8 karakters bevatten";
-                $correct = false;
-
-            }
-        }
-
-        if (empty($_POST["confirmpassword"])) {
-            $confirmpasswordErr = "Herhaal wachtwoord!";
-            $correct = false;
-
-        }
-
-        if ($_POST["password"] != $_POST["confirmpassword"]) {
-            $confirmpasswordErr = "Wachtwoorden matchen niet";
-            $correct = false;
-
-        }
-
-        if (empty($_POST["location"])) {
-            $locationErr = "Straatnaam is verplicht!";
-            $correct = false;
-
-        } else {
-            $location = test_input($_POST["location"]);
-            if (!preg_match("/^[a-zA-Z ]*$/",$location)) {
-                $locationErr = "Alleen letters en spaties zijn toegestaan!";
-                $correct = false;
-
-            }
-        }
-
-        if (empty($_POST["email"])) {
-            $emailErr = "Email is verplicht!";
-            $correct = false;
-
-        } else {
-            $email = test_input($_POST["email"]);
-            if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
-                $emailErr = "Geldige email invullen!";
-                $correct = false;
-
-            } else if (getExistingEmail() == 1){
-                $emailErr = "Email bestaat al";
-                $correct = false;
-
-            }
-        }
-
-        // Checks if everything is filled in correctly
-        if ($correct == false){
-            $genericErr = "Bepaalde velden zijn verkeerd of niet ingevuld!";
-
-        } else {
-            registerAccount();
-            header("location: login.php");
-
-        }
+        checkInputChoice("username", "username");
+        checkInputChoice("password", "longerEigth");
+        checkInputChoice("confirmpassword", "");
+        matchPassword();
+        checkInputChoice("location", "lettersAndSpace");
+        checkInputChoice("email", "email");
+        registerCheck();
     }
-
-    function test_input($data) {
-        $data = trim($data);
-        $data = stripslashes($data);
-        $data = htmlspecialchars($data);
-        return $data;
-    }
-
 /* This view adds register view */
 include("../views/register-view.php");
 ?>
diff --git a/website/queries/checkInput.php b/website/queries/checkInput.php
new file mode 100644
index 0000000..d48e4e0
--- /dev/null
+++ b/website/queries/checkInput.php
@@ -0,0 +1,95 @@
+<?php
+function checkInputChoice($variable, $option){
+    if (empty($_POST[$variable])) {
+        $GLOBALS[$variable . "Err"] = "Verplicht!";
+        $GLOBALS["correct"] = false;
+
+    } else {
+        $GLOBALS[$variable] = test_input($_POST[$variable]);
+        switch ($option) {
+          case "lettersAndSpace":
+            checkonly($variable);
+            break;
+
+          case "username";
+            username($variable);
+            break;
+
+          case "longerEigth";
+            longerEigth($variable);
+            break;
+
+          case "email";
+            validateEmail($variable);
+            break;
+            
+          default:
+            break;
+
+        }
+    }
+}
+
+function checkOnly($variable){
+    if (!preg_match("/^[a-zA-Z ]*$/",$GLOBALS[$variable])) {
+        $GLOBALS[$variable . "Err"] = "Alleen letters en spaties zijn toegestaan!";
+        $correct = false;
+    }
+}
+
+function username($variable){
+    if (strlen($GLOBALS[$variable]) < 6) {
+        $GLOBALS[$variable . "Err"] = "Gebruikersnaam moet minstens 6 karakters bevatten";
+        $correct = false;
+    } else if (getExistingUsername() == 1) {
+        $GLOBALS[$variable . "Err"] = "Gebruikersnaam bestaat al";
+        $correct = false;
+    }
+}
+
+function longerEigth($variable){
+    if (strlen($GLOBALS[$variable]) < 8) {
+        $GLOBALS[$variable . "Err"] = "Moet minstens 8 karakters bevatten";
+        $correct = false;
+    }
+}
+
+function validateEmail($variable){
+    if (!filter_var($GLOBALS[$variable], FILTER_VALIDATE_EMAIL)) {
+        $GLOBALS[$variable . "Err"] = "Geldige email invullen!";
+        $correct = false;
+
+    } else if (getExistingEmail() == 1){
+        $GLOBALS[$variable . "Err"] = "Email bestaat al";
+        $correct = false;
+
+    }
+}
+
+function matchPassword(){
+    if ($_POST["password"] != $_POST["confirmpassword"]) {
+        $GLOBALS["confirmpasswordErr"] = "Wachtwoorden matchen niet";
+        $GLOBALS["correct"]  = false;
+
+    }
+}
+
+// Checks if everything is filled in correctly
+function registerCheck(){
+    if ($GLOBALS["correct"] == false){
+        $GLOBALS["genericErr"] = "Bepaalde velden zijn verkeerd of niet ingevuld!";
+
+    } else {
+        registerAccount();
+        header("location: login.php");
+
+    }
+}
+
+function test_input($data) {
+    $data = trim($data);
+    $data = stripslashes($data);
+    $data = htmlspecialchars($data);
+    return $data;
+}
+?>
diff --git a/website/views/login-view.php b/website/views/login-view.php
index 9214a89..33fa7e9 100644
--- a/website/views/login-view.php
+++ b/website/views/login-view.php
@@ -46,6 +46,6 @@
     </form>
     <!-- Button for going to the register screen -->
     <div class="login_containerlogin">
-      <a href="https://myhyvesbookplus.nl/~joey/public/register.php" class="button">Registreer een account</a>
+      <a href="https://myhyvesbookplus.nl/register.php" class="button">Registreer een account</a>
     </div>
 </div>
diff --git a/website/views/register-view.php b/website/views/register-view.php
index f2b9257..b95dd81 100644
--- a/website/views/register-view.php
+++ b/website/views/register-view.php
@@ -108,7 +108,7 @@
         <!-- Register email -->
         <div class="login_containerregister">
             <label><b>Email</b></label>
-            <input type="email"
+            <input type="text"
                    placeholder="Voer uw email in"
                    name="email"
                    value="<?php echo $email ?>"
@@ -130,6 +130,6 @@
 
     <!-- Button for going back to login screen -->
     <div class="login_containerlogin">
-        <a href="https://myhyvesbookplus.nl/~joey/public/login.php" class="button">Login met een account</a>
+        <a href="https://myhyvesbookplus.nl/login.php" class="button">Login met een account</a>
     </div>
 </div>