Merge branch 'master' into lars

2017-01-25 16:19:07 +01:00
parent 91fae80326 c23b8bd8e5
commit 9046b397a1
7 changed files with 28 additions and 23 deletions
--- a/website/queries/emailconfirm.php
+++ b/website/queries/emailconfirm.php
@@ -25,7 +25,9 @@ function sendConfirmEmail(int $userID) {
    WHERE
        `userID` = :userID
    ");
+
    $stmt->bindParam(":userID", $userID);
+    $stmt->execute();
    $user = $stmt->fetch();

    $email = $user["email"];
@@ -34,10 +36,7 @@ function sendConfirmEmail(int $userID) {
    $confirmLink = "https://myhyvesbookplus.nl/emailconfirm.php?u=$userID&h=$hash";

    $subject = "Bevestig uw emailadres";
-    $body = "Hallo $fname,\r\n\r\n 
-             Klik op de onderstaande link om uw emailadres te bevestigen.\r\n\r\n
-             $confirmLink\r\n\r\n
-             Groeten MyHyvesbook+";
+    $body = "Hallo $fname,\r\n\r\nKlik op de onderstaande link om uw emailadres te bevestigen.\r\n\r\n$confirmLink\r\n\r\nGroeten MyHyvesbook+";
    $header = "From: MyHyvesbook+ <noreply@myhyvesbookplus.nl>";
    mail($email, $subject, $body, $header);
 }
--- a/website/queries/login.php
+++ b/website/queries/login.php
@@ -34,6 +34,11 @@ function validateLogin($username, $password){
                echo "<script>
                         window.onload=bannedAlert();
                    </script>";
+            } else if ($role == "unconfirmed"){
+                sendConfirmEmail(getUser()["userID"]);
+                echo "<script>
+                         window.onload=emailNotConfirmed();
+                    </script>";
            } else {
                $_SESSION["userID"] = $userID;
                header("location: profile.php");
@@ -52,4 +57,5 @@ class loginException extends Exception
        parent::__construct($message, $code, $previous);
    }
 }
-?>
+?>
+
--- a/website/queries/settings.php
+++ b/website/queries/settings.php
@@ -1,4 +1,6 @@
 <?php
+include_once "../queries/emailconfirm.php";
+
 abstract class AlertMessage extends Exception {
    public function __construct($message = "", $code = 0, Exception $previous = null)
    {
@@ -152,7 +154,7 @@ function emailIsAvailableInDatabase($email) {
        `email`
    FROM
        `user`
-    WHERE 
+    WHERE
      `email` = :email
    ");

@@ -168,16 +170,18 @@ function doChangeEmail($email) {
    UPDATE
        `user`
    SET
-      `email` = :email
+      `email` = :email,
+      `role` = 'unconfirmed'
    WHERE
      `userID` = :userID
    ");
    $stmt->bindParam(":email", $email);
    $stmt->bindParam(":userID", $_SESSION["userID"]);
    $stmt->execute();
-//    return $stmt->rowCount();

    if ($stmt->rowCount()) {
+        sendConfirmEmail($_SESSION["userID"]);
+        session_destroy();
        throw new HappyAlert("Emailadres is veranderd.");
    } else {
        throw new AngryAlert();