MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'joey-testing' into 'master'

Browse Source 
redesigned code

See merge request !115
This commit was merged in pull request #119.
This commit is contained in:
Marijn Jansen
2017-01-25 11:20:15 +01:00
parent d19639d1c3 981e34c950
commit 93ddefa42f
8 changed files with 55 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
website/public/js/registerAndLogin.js
View File

@@ -4,5 +4,8 @@ function checkLoggedIn() {
} else { } else {
window.location.href = "profile.php"; window.location.href = "profile.php";
} }
document.getElementById("demo").innerHTML = x; }
function bannedAlert(){
alert("Your account is banned");
} }

23
website/public/login.php
View File

@@ -22,26 +22,11 @@
// Trying to login // Trying to login
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Empty username or password field try{
if (empty($_POST["uname"]) || empty($_POST["psw"])) {
$loginErr = "Gebruikersnaam of wachtwoord is niet ingevuld";
}
else {
$uname = strtolower(test_input($_POST["uname"])); $uname = strtolower(test_input($_POST["uname"]));
$psw = test_input($_POST["psw"]); validateLogin($_POST["uname"], $_POST["psw"]);
$hash = getUser()["password"]; } catch(loginException $e) {
$userid = getUser()["userID"]; $loginErr = $e->getMessage();
// If there's an account, go to the profile page
if(password_verify($psw, $hash)) {
$_SESSION["userID"] = $userid;
header("location: profile.php");
} else {
$loginErr = "Inloggegevens zijn niet correct";
}
} }
} }

4
website/public/register.php
View File

@@ -45,7 +45,7 @@
} }
try{ try{
$username = test_input(($_POST["username"])); $username = str_replace(' ', '', test_input(($_POST["username"])));
checkInputChoice($username, "username"); checkInputChoice($username, "username");
} catch(usernameException $e){ } catch(usernameException $e){
$correct = false; $correct = false;
@@ -53,7 +53,7 @@
} }
try{ try{
$password = test_input(($_POST["password"])); $password = str_replace(' ', '', test_input(($_POST["password"])));
checkInputChoice($password, "longerEight"); checkInputChoice($password, "longerEight");
matchPassword(); matchPassword();
} catch(passwordException $e){ } catch(passwordException $e){

2
website/public/styles/index.css
View File

@@ -1,6 +1,6 @@
a.button { a.button {
background-color: #C8CABD; background-color: #C8CABD;
border-radius: 10px; border-radius: 5px;
color: black; color: black;
cursor: pointer; cursor: pointer;
height: 50%; height: 50%;

1
website/queries/checkInput.php
View File

@@ -38,6 +38,7 @@ function checkName($variable){
if (empty($variable)) { if (empty($variable)) {
throw new lettersAndSpacesException("Verplicht!"); throw new lettersAndSpacesException("Verplicht!");
} else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) { } else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!"); throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
} }
} }

40
website/queries/login.php
View File

@@ -4,7 +4,8 @@ function getUser() {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
SELECT SELECT
`password`, `password`,
`userID` `userID`,
`role`
FROM FROM
`user` `user`
WHERE WHERE
@@ -15,3 +16,40 @@ function getUser() {
$stmt->execute(); $stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC); return $stmt->fetch(PDO::FETCH_ASSOC);
} }
function validateLogin($username, $password){
// Empty username or password field
if (empty($username) || empty($password)) {
throw new loginException("Gebruikersnaam of wachtwoord is niet ingevuld");
}
else {
$psw = test_input($password);
$hash = getUser()["password"];
$userID = getUser()["userID"];
$role = getUser()["role"];
// If there's an account, go to the profile page
if(password_verify($psw, $hash)) {
if ($role == "banned"){
echo "<script>
window.onload=bannedAlert();
</script>";
} else {
$_SESSION["userID"] = $userID;
header("location: profile.php");
}
} else {
throw new loginException("Inloggevens zijn niet correct");
}
}
}
class loginException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?>

4
website/views/login_head.php
View File

@@ -7,7 +7,7 @@
<link rel="stylesheet" <link rel="stylesheet"
type="text/css" type="text/css"
href="styles/index.css"> href="styles/index.css">
<script src="/js/jqeury.js"></script> <script src="js/jqeury.js"></script>
<script src="/js/registerAndLogin.js"></script> <script src="js/registerAndLogin.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script> <script src='https://www.google.com/recaptcha/api.js'></script>
</head> </head>

2
website/views/register-view.php
View File

@@ -96,7 +96,7 @@
<!-- Register location --> <!-- Register location -->
<div class="login_containerregister"> <div class="login_containerregister">
<label><b>Woonplaats</b></label> <label><b>Locatie</b></label>
<input type="text" <input type="text"
placeholder="Voer uw woonplaats in" placeholder="Voer uw woonplaats in"
name="location" name="location"