MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'joey-testing' into 'master'

Browse Source 
Fixed W3Validation and url GETs

See merge request !195
This commit was merged in pull request #199.
This commit is contained in:
Lars van Hijfte
2017-02-03 10:13:43 +01:00
parent de96ae8263 1a3efe9669
commit 820ffb4a62
12 changed files with 43 additions and 239 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
website/views/facebookRegisterModal.php
View File

@@ -1,7 +1,6 @@
<!-- The Modal -->
<div id="fbModal" class="modal">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post"
name="fbModal">
@@ -66,17 +65,16 @@
</div>
<?php } ?>
</div>
*<span class="error"> <?php echo $fbEmailErr;?></span>
<span class="error"> <?php echo $fbEmailErr;?></span>
<div class="modal-footer">
<button type="submit"
value="fbRegister"
name="submit"
id="frm1_submit">
name="submit">
Registreer account
</button>
</div>
</div>
<!-- Facebook information-->
<input type="hidden"
name="fbName"
value="<?php echo $fbName ?>">

68
website/views/fbRegister.php Normal file
View File

@@ -0,0 +1,68 @@
<?php
try{
$fbUsername = str_replace(' ', '', test_input(($_POST["fbUsername"])));
checkInputChoice($fbUsername, "fbUsername");
} catch(usernameException $e){
$fbCorrect = false;
$fbUsernameErr = $e->getMessage();
}
try{
$fbPassword = str_replace(' ', '', test_input(($_POST["fbPassword"])));
checkInputChoice($fbPassword, "longerEight");
matchfbPassword();
} catch(passwordException $e){
$fbCorrect = false;
$fbPasswordErr = $e->getMessage();
} catch(fbConfirmPasswordException $e){
$fbCorrect = false;
$fbConfirmpasswordErr = $e->getMessage();
}
try{
$fbName = test_input(($_POST["fbName"]));
checkInputChoice($fbName, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$fbCorrect = false;
}
try {
$fbSurname = test_input(($_POST["fbSurname"]));
checkInputChoice($fbSurname, "lettersAndSpaces");
}
catch(lettersAndSpacesException $e){
$fbCorrect = false;
}
try {
$fbDay_date = test_input(($_POST["fbDay_date"]));
$fbMonth_date = test_input(($_POST["fbMonth_date"]));
$fbYear_date = test_input(($_POST["fbYear_date"]));
$fbBday = $fbYear_date . "-" . $fbMonth_date . "-" . $fbDay_date;
checkInputChoice($fbBday, "bday");
} catch (bdayException $e) {
$fbBdayErr = $e->getMessage();
$fbCorrect = false;
}
try{
$fbEmail = test_input(($_POST["fbEmail"]));
checkInputChoice($fbEmail, "fbEmail");
} catch(emailException $e){
$fbCorrect = false;
$fbEmailErr = $e->getMessage();
}
$fbUserID = test_input(($_POST["fbUserID"]));
try {
fbRegisterCheck($fbCorrect);
} catch(registerException $e){
echo "<script>
window.onload = function() {
$('#fbModal').show();
}
</script>";
$fbRegisterErr = $e->getMessage();
}

4
website/views/forgotPasswordModal.php
View File

@@ -4,7 +4,6 @@
<!-- The Modal -->
<div id="myModal" class="modal">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post"
name="forgotPassword">
@@ -26,8 +25,7 @@
<div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
<button type="submit"
value="reset"
name="submit"
id="frm1_submit">
name="submit">
Reset password
</button>
</div>

38
website/views/homeLoginRegister.php
View File

@@ -11,16 +11,16 @@ if(isset($_SESSION["userID"])){
// Facebook variables
$appID = "353857824997532";
$appSecret = "db47e91ffbfd355fdd11b4b65eade851";
$fbUsername = $fbPassword = $fbConfirmpassword = "";
$fbUsername = $fbPassword = $fbConfirmpassword = $fbName = $fbSurname = $fbBday = $fbEmail = $fbUserID = "";
$fbUsernameErr = $fbPasswordErr = $fbConfirmpasswordErr = $fbEmailErr = $fbBdayErr = "";
$fbCorrect = true;
$fbName = $fbSurname = $fbBday = $fbEmail = $fbUserID = "";
// Register variables
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
$correct = true;
// Bday dates
$day_date = $month_date = $year_date = "";
$fbDay_date = $fbMonth_date = $fbYear_date = "";
@@ -28,22 +28,14 @@ $fbDay_date = $fbMonth_date = $fbYear_date = "";
$user = $psw = $remember ="";
$loginErr = $resetErr = $fbRegisterErr ="";
//if ($_SERVER["REQUEST_METHOD"] == "GET") {
// try {
// $user = ($_POST["user"]);
// validateLogin($_POST["user"], $_POST["psw"], "https://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]");
// } catch(loginException $e) {
// $loginErr = $e->getMessage();
// }
//}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$url = $_POST["url"];
// Checks for which button is pressed
switch ($_POST["submit"]) {
case "login":
try {
$user = ($_POST["user"]);
validateLogin($_POST["user"], $_POST["psw"], $_POST["url"]);
validateLogin($_POST["user"], $_POST["psw"], $url);
} catch(loginException $e) {
$loginErr = $e->getMessage();
}
@@ -62,18 +54,22 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
}
break;
case "register":
include("register.php");
include("../views/register.php");
break;
case "fbRegister":
include("fbRegister.php");
include("../views/fbRegister.php");
break;
}
}
// Get facebook information with facebook PHP SDK.
$fb = new Facebook\Facebook([
'app_id' => $appID,
'app_secret' => $appSecret,
'default_graph_version' => 'v2.2',
]);
// Redirect back to login.php after logging/canceling with facebook.
$redirect = "https://myhyvesbookplus.nl/login.php";
$helper = $fb->getRedirectLoginHelper();
@@ -88,6 +84,7 @@ try {
exit;
}
// If theres no facebook account logged in, ask for permission.
if(!isset($acces_token)){
$permission=["email", "user_birthday"];
$loginurl=$helper->getLoginUrl($redirect,$permission);
@@ -96,13 +93,14 @@ if(!isset($acces_token)){
$response = $fb->get('/me?fields=email,name,birthday');
$usernode = $response->getGraphUser();
// Get facebook information
$nameSplit = explode(" ", $usernode->getName());
$fbName = $nameSplit[0];
$fbSurname = $nameSplit[1];
$fbUserID = $usernode->getID();
$fbEmail = $usernode->getProperty("email");
// $image = 'https://graph.facebook.com/' . $usernode->getId() . '/picture?width=200';
// If there is an account, check if the account is banned or frozen.
if (fbLogin($fbUserID) == 1) {
$fbID = getfbUserID($fbUserID)["userID"];
$fbRole = getfbUserID($fbUserID)["role"];
@@ -110,16 +108,20 @@ if(!isset($acces_token)){
echo "<script>
window.onload=bannedAlert();
</script>";
} else if($fbRole == "frozen"){
$_SESSION["userID"] = $fbID;
echo "<script>
window.onload=frozenAlert();
window.location.href= 'profile.php';
</script>";
window.onload=frozenAlert();
window.location.href= 'profile.php';
</script>";
} else {
$_SESSION["userID"] = $fbID;
header("location: profile.php");
}
// Registration with faceobook if theres no account.
} else {
echo "<script>
window.onload = function() {

13
website/views/login-view.php
View File

@@ -13,12 +13,16 @@
<h1>Welkom bij MyHyvesbook+</h1>
<!-- Login content -->
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return=$correct
method="post"
name="login">
<!-- Url parameter -->
<input type="hidden"
name="url"
value="<?= $_GET["url"] ?>"/>
value="<?php
if(isset($_GET["url"])) {
echo $_GET["url"];
} ?>"/>
<!-- Login name -->
<div class="login_containerlogin">
@@ -50,8 +54,7 @@
<div class="login_containerlogin">
<button type="submit"
value="login"
name="submit"
id="frm1_submit">
name="submit">
Inloggen
</button>
</div>
@@ -72,5 +75,7 @@
<?php
if(!isset($acces_token)) {
echo '<div class="login_containerlogin"><a class="fbButton" href="' . $loginurl . '"><i class="fa fa-facebook-square"></i> login met Facebook!</a></div>';
} else {
echo '<div class="login_containerlogin"><a class="fbButton" href="' . "https://myhyvesbookplus.nl/login.php" . '"><i class="fa fa-facebook-square"></i> loguit Facebook sessie</a></div>';
}
?>

91
website/views/register.php Normal file
View File

@@ -0,0 +1,91 @@
<?php
try {
$name = test_input(($_POST["name"]));
checkInputChoice($name, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$correct = false;
$nameErr = $e->getMessage();
}
try {
$surname = test_input(($_POST["surname"]));
checkInputChoice($surname, "lettersAndSpaces");
}
catch(lettersAndSpacesException $e){
$correct = false;
$surnameErr = $e->getMessage();
}
try{
$day_date = test_input(($_POST["day_date"]));
$month_date = test_input(($_POST["month_date"]));
$year_date = test_input(($_POST["year_date"]));
$bday = $year_date . "-" . $month_date . "-" . $day_date;
checkInputChoice($bday, "bday");
} catch(bdayException $e){
$correct = false;
$bdayErr = $e->getMessage();
}
try{
$username = str_replace(' ', '', test_input(($_POST["username"])));
checkInputChoice($username, "username");
} catch(usernameException $e){
$correct = false;
$usernameErr = $e->getMessage();
}
try{
$password = str_replace(' ', '', test_input(($_POST["password"])));
checkInputChoice($password, "longerEight");
matchPassword();
} catch(passwordException $e){
$correct = false;
$passwordErr = $e->getMessage();
} catch(confirmPasswordException $e){
$correct = false;
$confirmPasswordErr = $e->getMessage();
}
try{
$location = test_input(($_POST["location"]));
checkInputChoice($location, "");
} catch(lettersAndSpacesException $e){
$correct = false;
$locationErr = $e->getMessage();
}
try{
$email = test_input(($_POST["email"]));
checkInputChoice($email, "email");
$confirmEmail = test_input(($_POST["confirmEmail"]));
matchEmail();
} catch(emailException $e){
$correct = false;
$emailErr = $e->getMessage();
} catch(confirmEmailException $e){
$correct = false;
$confirmEmailErr = $e->getMessage();
}
try{
$captcha = $_POST['g-recaptcha-response'];
checkCaptcha($captcha);
} catch(captchaException $e){
$correct = false;
$captchaErr = $e->getMessage();
}
try {
getIp();
registerCheck($correct);
sendConfirmEmail(getUserID()["userID"]);
} catch(registerException $e){
echo "<script>
window.onload = function() {
$('#registerModal').show();
}
</script>";
$genericErr = $e->getMessage();
}

13
website/views/registerModal.php
View File

@@ -4,7 +4,6 @@
<!-- The Modal -->
<div id="registerModal" class="modal">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post"
name="forgotPassword">
@@ -15,14 +14,11 @@
<h3>Registreer uw account</h3>
</div>
<div class="modal-body">
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
return= $correct
method="post">
<div class="login_containerregister"><label>U krijgt een bevestigingsemail na het registreren</label></div>
<!-- Error message -->
<div class="login_containerfault"><?php echo $genericErr;?></span></div>
<div class="login_containerfault"><span><?php echo $genericErr;?></span></div>
<!-- Register name -->
<div class="login_containerregister">
@@ -82,7 +78,6 @@
placeholder="Voer uw wachtwoord in"
name="password"
value="<?php echo $password ?>"
id="password"
required>
*<span class="error"> <?php echo $passwordErr;?></span>
<ul>
@@ -96,7 +91,6 @@
placeholder="Herhaal wachtwoord"
name="confirmpassword"
value="<?php echo $confirmpassword ?>"
id="confirmpassword"
title="Herhaal wachtwoord"
required>
*<span class="error"> <?php echo $confirmpasswordErr;?></span>
@@ -120,7 +114,6 @@
placeholder="Voer uw email in"
name="email"
value="<?php echo $email ?>"
id="email"
title="Voer een geldige email in"
required>
*<span class="error"> <?php echo $emailErr;?></span>
@@ -133,7 +126,6 @@
placeholder="Herhaal uw email"
name="confirmEmail"
value="<?php echo $confirmEmail ?>"
id="email"
title="Herhaal uw email"
required>
*<span class="error"> <?php echo $confirmEmailErr;?></span>
@@ -152,8 +144,7 @@
<!-- Register button -->
<button type="submit"
value="register"
name="submit"
id="frm1_submit">
name="submit">
Registreer
</button>
</div>