MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'marijn-settings'

Browse Source
This commit is contained in:
Marijn Jansen
2017-01-20 15:42:00 +01:00
parent 696f4ebc1e 587d0e6ac3
commit 7e3648d36c
3 changed files with 32 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
website/public/settings.php
View File

@@ -22,12 +22,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
$result = updateSettings(); $result = updateSettings();
break; break;
case "password": case "password":
$result = updatePassword(); $result = changePassword();
break; break;
case "email": case "email":
$result = changeEmail(); $result = changeEmail();
break; break;
case "picture": case "picture":
updateProfilePicture();
$result = $notImplemented; $result = $notImplemented;
break; break;
} }

36
website/queries/settings.php
View File

@@ -87,11 +87,11 @@ function updateSettings() {
`userID` = :userID `userID` = :userID
"); ");
$stmt->bindParam(":fname", $_POST["fname"]); $stmt->bindParam(":fname", test_input($_POST["fname"]));
$stmt->bindParam(":lname", $_POST["lname"]); $stmt->bindParam(":lname", test_input($_POST["lname"]));
$stmt->bindParam(":location", $_POST["location"]); $stmt->bindParam(":location", test_input($_POST["location"]));
$stmt->bindParam(":bday", $_POST["bday"]); $stmt->bindParam(":bday", $_POST["bday"]);
$stmt->bindParam(":bio", $_POST["bio"]); $stmt->bindParam(":bio", test_input($_POST["bio"]));
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
@@ -99,11 +99,11 @@ function updateSettings() {
return new settingsMessage("happy", "Instellingen zijn opgeslagen."); return new settingsMessage("happy", "Instellingen zijn opgeslagen.");
} }
function updatePassword() { function changePassword() {
$user = getPasswordHash(); $user = getPasswordHash();
if (password_verify($_POST["password-old"], $user["password"])) { if (password_verify($_POST["password-old"], $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) { if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword()) { if (doChangePassword()) {
return new settingsMessage("happy", "Wachtwoord gewijzigd."); return new settingsMessage("happy", "Wachtwoord gewijzigd.");
} else { } else {
return new settingsMessage("angry", "Er is iets mis gegaan."); return new settingsMessage("angry", "Er is iets mis gegaan.");
@@ -116,7 +116,7 @@ function updatePassword() {
} }
} }
function changePassword() { function doChangePassword() {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
UPDATE UPDATE
`user` `user`
@@ -184,4 +184,26 @@ function doChangeEmail($email) {
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
return $stmt->rowCount(); return $stmt->rowCount();
}
function updateProfilePicture() {
$profilePictureDir = "/var/www/html/public/";
$relativePath = "uploads/" . $_SESSION["userID"] . "_" . basename($_FILES["pp"]["name"]);
move_uploaded_file($_FILES['pp']['tmp_name'], $profilePictureDir . $relativePath);
setProfilePictureToDatabase("../" . $relativePath);
}
function setProfilePictureToDatabase($url) {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`profilepicture` = :profilepicture
WHERE
`userID` = :userID
");
$stmt->bindParam(":profilepicture", $url);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
} }

2
website/views/settings-view.php
View File

@@ -68,7 +68,7 @@ $settings = getSettings();
</li> </li>
</ul> </ul>
</form> </form>
<form class="settings-profilepictue platform" method="post"> <form class="settings-profilepictue platform" method="post" enctype="multipart/form-data">
<h5>Verander profielfoto</h5> <h5>Verander profielfoto</h5>
<ul> <ul>
<li> <li>