Merge branch 'master' into kevin-prototype
This commit is contained in:
K. Nobel
@@ -1,7 +1,8 @@
|
||||
<?php
|
||||
session_start();
|
||||
require("../queries/friendship.php");
|
||||
require("../queries/user.php");
|
||||
|
||||
require("../../queries/friendship.php");
|
||||
require("../../queries/user.php");
|
||||
|
||||
if(empty($_POST["userID"]) OR empty($_POST["delete"]) AND empty($_POST["accept"]) AND empty($_POST["request"])) {
|
||||
echo "Not enough arguments.";
|
||||
@@ -27,4 +28,4 @@ if(!empty($_POST["request"]) AND $friendship_status == 0) {
|
||||
|
||||
$username = getUsername($_POST["userID"]);
|
||||
|
||||
header("Location: profile.php?username=$username");
|
||||
header("Location: ../profile.php?username=$username");
|
||||
49
website/public/emailconfirm.php
Normal file
49
website/public/emailconfirm.php
Normal file
@@ -0,0 +1,49 @@
|
||||
<?php
|
||||
include_once("../queries/connect.php");
|
||||
if (array_key_exists("u", $_GET) and array_key_exists("h", $_GET)) {
|
||||
$checkHash = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`email`,
|
||||
`role`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`userID` = :userID
|
||||
");
|
||||
$checkHash->bindParam(":userID", $_GET["u"]);
|
||||
$checkHash->execute();
|
||||
$result = $checkHash->fetch();
|
||||
$email = $result["email"];
|
||||
$role = $result["role"];
|
||||
if ($role == "unconfirmed") {
|
||||
doActivate($email);
|
||||
} else {
|
||||
echo "Ongeldige link.";
|
||||
}
|
||||
|
||||
} else {
|
||||
echo "Ongeldige link.";
|
||||
}
|
||||
|
||||
function doActivate(string $email) {
|
||||
if (password_verify($email, $_GET["h"])) {
|
||||
$confirmUser = $GLOBALS["db"]->prepare("
|
||||
UPDATE
|
||||
`user`
|
||||
SET
|
||||
`role` = :role
|
||||
WHERE
|
||||
`userID` = :userID
|
||||
");
|
||||
$confirmUser->bindValue(":role", "user");
|
||||
$confirmUser->bindParam(":userID", $_GET["u"]);
|
||||
$confirmUser->execute();
|
||||
if ($confirmUser->rowCount()) {
|
||||
echo "Email bevestigd <br />
|
||||
<a href='index.php'>U wordt automatisch doorgestuurd naar de login pagina over 5 seconden.</a> ";
|
||||
header("refresh:5;url=login.php");
|
||||
}
|
||||
} else {
|
||||
echo "Ongeldige link.";
|
||||
}
|
||||
}
|
||||
@@ -1,8 +1,18 @@
|
||||
function showFriendNotifications(notifications) {
|
||||
$("#friendrequestslist").html("");
|
||||
for (i in notifications) {
|
||||
var outgoing = "";
|
||||
if (notifications[i].friend_state == "3") {
|
||||
outgoing = "<button\
|
||||
name='accept' \
|
||||
class='accept-notification' \
|
||||
value='"+ notifications[i].userID +"'> \
|
||||
<i class='fa fa-check'></i> \
|
||||
</button>";
|
||||
}
|
||||
|
||||
$("#friendrequestslist").append(" \
|
||||
<li class='friend-item $extraItem'> \
|
||||
<li class='friend-item'> \
|
||||
<form action='profile.php' method='get'> \
|
||||
<button type='submit' \
|
||||
name='username' \
|
||||
@@ -13,6 +23,18 @@ function showFriendNotifications(notifications) {
|
||||
</div> \
|
||||
</button> \
|
||||
</form> \
|
||||
<div class='notification-options'>\
|
||||
<form action='API/edit_friendship.php' method='post'> \
|
||||
<input type='hidden' name='userID' value='"+ notifications[i].userID +"' /> \
|
||||
"+ outgoing +" \
|
||||
<button type='submit' \
|
||||
name='delete' \
|
||||
class='deny-notification' \
|
||||
value='"+ notifications[i].userID +"'> \
|
||||
<i class='fa fa-times'></i> \
|
||||
</button>\
|
||||
<form>\
|
||||
</div> \
|
||||
</li> \
|
||||
");
|
||||
}
|
||||
@@ -22,10 +44,10 @@ function showChatNotifications(notifications) {
|
||||
$("#unreadChatlist").html("");
|
||||
for (i in notifications) {
|
||||
$("#unreadChatlist").append(" \
|
||||
<li class='friend-item $extraItem'> \
|
||||
<li class='friend-item'> \
|
||||
<form action='chat.php' method='get'> \
|
||||
<button type='submit' \
|
||||
name='username' \
|
||||
name='chatID' \
|
||||
value='"+ notifications[i].userID +"'> \
|
||||
<div class='friend'> \
|
||||
<img alt='PF' class='profile-picture' src='"+ notifications[i].profilepicture +"'/> \
|
||||
|
||||
@@ -4,5 +4,12 @@ function checkLoggedIn() {
|
||||
} else {
|
||||
window.location.href = "profile.php";
|
||||
}
|
||||
document.getElementById("demo").innerHTML = x;
|
||||
}
|
||||
|
||||
function bannedAlert(){
|
||||
alert("Your account is banned");
|
||||
}
|
||||
|
||||
function emailNotConfirmed(){
|
||||
alert("Your account has not been verified yet!\nAnother email has been sent to you")
|
||||
}
|
||||
@@ -5,6 +5,7 @@
|
||||
require_once("../queries/connect.php");
|
||||
include_once("../queries/login.php");
|
||||
include_once("../queries/checkInput.php");
|
||||
include_once("../queries/emailconfirm.php");
|
||||
?>
|
||||
<body>
|
||||
<?php
|
||||
@@ -22,26 +23,11 @@
|
||||
|
||||
// Trying to login
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
// Empty username or password field
|
||||
if (empty($_POST["uname"]) || empty($_POST["psw"])) {
|
||||
$loginErr = "Gebruikersnaam of wachtwoord is niet ingevuld";
|
||||
|
||||
}
|
||||
else {
|
||||
$uname = strtolower(test_input($_POST["uname"]));
|
||||
$psw = test_input($_POST["psw"]);
|
||||
$hash = getUser()["password"];
|
||||
$userid = getUser()["userID"];
|
||||
|
||||
// If there's an account, go to the profile page
|
||||
if(password_verify($psw, $hash)) {
|
||||
$_SESSION["userID"] = $userid;
|
||||
header("location: profile.php");
|
||||
|
||||
} else {
|
||||
$loginErr = "Inloggegevens zijn niet correct";
|
||||
}
|
||||
|
||||
try{
|
||||
$uname = ($_POST["uname"]);
|
||||
validateLogin($_POST["uname"], $_POST["psw"]);
|
||||
} catch(loginException $e) {
|
||||
$loginErr = $e->getMessage();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,15 +1,4 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<?php
|
||||
include("../views/login_head.php");
|
||||
require_once("../queries/connect.php");
|
||||
include_once("../queries/login.php");
|
||||
?>
|
||||
<body>
|
||||
<?php
|
||||
session_start();
|
||||
unset($_SESSION["userID"]);
|
||||
header("Location: login.php");
|
||||
?>
|
||||
</body>
|
||||
</html>
|
||||
session_start();
|
||||
session_destroy();
|
||||
header("Location: login.php");
|
||||
@@ -15,7 +15,6 @@ include("../queries/nicetime.php");
|
||||
|
||||
if(empty($_GET["username"])) {
|
||||
$userID = $_SESSION["userID"];
|
||||
echo "USERNAME NOT GIVEN";
|
||||
} else {
|
||||
$userID = getUserID($_GET["username"]);
|
||||
}
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
require_once("../queries/connect.php");
|
||||
include_once("../queries/register.php");
|
||||
include_once("../queries/checkInput.php");
|
||||
include_once("../queries/emailconfirm.php");
|
||||
?>
|
||||
<body>
|
||||
<?php
|
||||
@@ -45,7 +46,7 @@
|
||||
}
|
||||
|
||||
try{
|
||||
$username = test_input(($_POST["username"]));
|
||||
$username = str_replace(' ', '', test_input(($_POST["username"])));
|
||||
checkInputChoice($username, "username");
|
||||
} catch(usernameException $e){
|
||||
$correct = false;
|
||||
@@ -53,7 +54,7 @@
|
||||
}
|
||||
|
||||
try{
|
||||
$password = test_input(($_POST["password"]));
|
||||
$password = str_replace(' ', '', test_input(($_POST["password"])));
|
||||
checkInputChoice($password, "longerEight");
|
||||
matchPassword();
|
||||
} catch(passwordException $e){
|
||||
@@ -91,6 +92,7 @@
|
||||
try {
|
||||
getIp();
|
||||
registerCheck($correct);
|
||||
sendConfirmEmailUsername($username);
|
||||
} catch(registerException $e){
|
||||
$genericErr = $e->getMessage();
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
a.button {
|
||||
background-color: #C8CABD;
|
||||
border-radius: 10px;
|
||||
border-radius: 5px;
|
||||
color: black;
|
||||
cursor: pointer;
|
||||
height: 50%;
|
||||
|
||||
@@ -63,4 +63,32 @@
|
||||
|
||||
#quick-links i:hover {
|
||||
color: #FBC02D;
|
||||
}
|
||||
|
||||
.notification-options {
|
||||
display: none;
|
||||
width: 100%;
|
||||
}
|
||||
|
||||
.notification-options form {
|
||||
width: 100%;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
.notification-options button {
|
||||
display: inline-block;
|
||||
padding: 5px 20px;
|
||||
width: auto;
|
||||
}
|
||||
|
||||
.accept-notification:hover {
|
||||
color: #4CAF50;
|
||||
}
|
||||
|
||||
.deny-notification:hover {
|
||||
color: firebrick;
|
||||
}
|
||||
|
||||
.friend-item:hover .notification-options {
|
||||
display: inline-block;
|
||||
}
|
||||
@@ -38,7 +38,8 @@ function checkName($variable){
|
||||
if (empty($variable)) {
|
||||
throw new lettersAndSpacesException("Verplicht!");
|
||||
} else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
|
||||
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
|
||||
|
||||
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
42
website/queries/emailconfirm.php
Normal file
42
website/queries/emailconfirm.php
Normal file
@@ -0,0 +1,42 @@
|
||||
<?php
|
||||
|
||||
function sendConfirmEmailUsername(string $username) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`userID`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`username` = :username
|
||||
");
|
||||
$stmt->bindParam(":username", $username);
|
||||
$stmt->execute();
|
||||
$userID = $stmt->fetch()["username"];
|
||||
sendConfirmEmail($userID);
|
||||
}
|
||||
|
||||
function sendConfirmEmail(int $userID) {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`email`,
|
||||
`fname`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`userID` = :userID
|
||||
");
|
||||
|
||||
$stmt->bindParam(":userID", $userID);
|
||||
$stmt->execute();
|
||||
$user = $stmt->fetch();
|
||||
|
||||
$email = $user["email"];
|
||||
$fname = $user["fname"];
|
||||
$hash = password_hash($email, PASSWORD_DEFAULT);
|
||||
$confirmLink = "https://myhyvesbookplus.nl/emailconfirm.php?u=$userID&h=$hash";
|
||||
|
||||
$subject = "Bevestig uw emailadres";
|
||||
$body = "Hallo $fname,\r\n\r\nKlik op de onderstaande link om uw emailadres te bevestigen.\r\n\r\n$confirmLink\r\n\r\nGroeten MyHyvesbook+";
|
||||
$header = "From: MyHyvesbook+ <noreply@myhyvesbookplus.nl>";
|
||||
mail($email, $subject, $body, $header);
|
||||
}
|
||||
@@ -39,6 +39,21 @@ function selectAllFriendRequests() {
|
||||
SELECT
|
||||
`userID`,
|
||||
`username`,
|
||||
CASE `status` IS NULL
|
||||
WHEN TRUE THEN 0
|
||||
WHEN FALSE THEN
|
||||
CASE `status` = 'confirmed'
|
||||
WHEN TRUE THEN
|
||||
1
|
||||
WHEN FALSE THEN
|
||||
CASE `user1ID` = :userID
|
||||
WHEN TRUE THEN
|
||||
2
|
||||
WHEN FALSE THEN
|
||||
3
|
||||
END
|
||||
END
|
||||
END AS `friend_state`,
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `name`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
|
||||
@@ -4,7 +4,8 @@ function getUser() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`password`,
|
||||
`userID`
|
||||
`userID`,
|
||||
`role`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
@@ -15,3 +16,46 @@ function getUser() {
|
||||
$stmt->execute();
|
||||
return $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
}
|
||||
|
||||
function validateLogin($username, $password){
|
||||
// Empty username or password field
|
||||
if (empty($username) || empty($password)) {
|
||||
throw new loginException("Gebruikersnaam of wachtwoord is niet ingevuld");
|
||||
}
|
||||
else {
|
||||
$psw = test_input($password);
|
||||
$hash = getUser()["password"];
|
||||
$userID = getUser()["userID"];
|
||||
$role = getUser()["role"];
|
||||
|
||||
// If there's an account, go to the profile page
|
||||
if(password_verify($psw, $hash)) {
|
||||
if ($role == "banned"){
|
||||
echo "<script>
|
||||
window.onload=bannedAlert();
|
||||
</script>";
|
||||
} else if ($role == "unconfirmed"){
|
||||
sendConfirmEmail(getUser()["userID"]);
|
||||
echo "<script>
|
||||
window.onload=emailNotConfirmed();
|
||||
</script>";
|
||||
} else {
|
||||
$_SESSION["userID"] = $userID;
|
||||
header("location: profile.php");
|
||||
}
|
||||
} else {
|
||||
throw new loginException("Inloggevens zijn niet correct");
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
class loginException extends Exception
|
||||
{
|
||||
public function __construct($message = "", $code = 0, Exception $previous = null)
|
||||
{
|
||||
parent::__construct($message, $code, $previous);
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
|
||||
@@ -80,6 +80,7 @@ function selectAllUnreadChat() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
LEFT(CONCAT(`user`.`fname`, ' ', `user`.`lname`), 15) as `name`,
|
||||
`user`.`userID`,
|
||||
IFNULL(
|
||||
`profilepicture`,
|
||||
'../img/notbad.jpg'
|
||||
|
||||
@@ -1,4 +1,6 @@
|
||||
<?php
|
||||
include_once "../queries/emailconfirm.php";
|
||||
|
||||
abstract class AlertMessage extends Exception {
|
||||
public function __construct($message = "", $code = 0, Exception $previous = null)
|
||||
{
|
||||
@@ -152,7 +154,7 @@ function emailIsAvailableInDatabase($email) {
|
||||
`email`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
WHERE
|
||||
`email` = :email
|
||||
");
|
||||
|
||||
@@ -168,16 +170,18 @@ function doChangeEmail($email) {
|
||||
UPDATE
|
||||
`user`
|
||||
SET
|
||||
`email` = :email
|
||||
`email` = :email,
|
||||
`role` = 'unconfirmed'
|
||||
WHERE
|
||||
`userID` = :userID
|
||||
");
|
||||
$stmt->bindParam(":email", $email);
|
||||
$stmt->bindParam(":userID", $_SESSION["userID"]);
|
||||
$stmt->execute();
|
||||
// return $stmt->rowCount();
|
||||
|
||||
if ($stmt->rowCount()) {
|
||||
sendConfirmEmail($_SESSION["userID"]);
|
||||
session_destroy();
|
||||
throw new HappyAlert("Emailadres is veranderd.");
|
||||
} else {
|
||||
throw new AngryAlert();
|
||||
|
||||
@@ -35,7 +35,12 @@
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
";
|
||||
";
|
||||
}
|
||||
|
||||
$chatID = $_GET["chatID"];
|
||||
if (isset($chatID) && $chatID != "") {
|
||||
echo "<script>$(document).ready(function(){switchUser('$chatID')});</script>";
|
||||
}
|
||||
?>
|
||||
</ul>
|
||||
|
||||
3
website/views/loadFriends.php
Normal file
3
website/views/loadFriends.php
Normal file
@@ -0,0 +1,3 @@
|
||||
<?php
|
||||
|
||||
echo json_encode(selectAllFriends($_SESSION["userID"])->fetchAll());
|
||||
@@ -7,7 +7,7 @@
|
||||
<link rel="stylesheet"
|
||||
type="text/css"
|
||||
href="styles/index.css">
|
||||
<script src="/js/jqeury.js"></script>
|
||||
<script src="/js/registerAndLogin.js"></script>
|
||||
<script src="js/jqeury.js"></script>
|
||||
<script src="js/registerAndLogin.js"></script>
|
||||
<script src='https://www.google.com/recaptcha/api.js'></script>
|
||||
</head>
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
<div class="friend-button-container">
|
||||
|
||||
</div>
|
||||
|
||||
<h1 class="profile-username"><?= $user["fname"]?> <?=$user["lname"]?></h1>
|
||||
<h5 class="profile-username"><?=$user["username"]?></h5>
|
||||
<p><?=$user["bio"]?></p>
|
||||
|
||||
@@ -96,7 +96,7 @@
|
||||
|
||||
<!-- Register location -->
|
||||
<div class="login_containerregister">
|
||||
<label><b>Woonplaats</b></label>
|
||||
<label><b>Locatie</b></label>
|
||||
<input type="text"
|
||||
placeholder="Voer uw woonplaats in"
|
||||
name="location"
|
||||
|
||||
Reference in New Issue
Block a user