diff --git a/.gitignore b/.gitignore index b1a2ad1..49adb33 100644 --- a/.gitignore +++ b/.gitignore @@ -117,7 +117,7 @@ Temporary Items # *.pdf ## Generated if empty string is given at "Please type another file name for output:" -projectplan.pdf +projectplan/projectplan.pdf ## Bibliography auxiliary files (bibtex/biblatex/biber): *.bbl diff --git a/website/public/settings.php b/website/public/settings.php index b018569..97c47e4 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -13,22 +13,26 @@ + switch ($_POST["form"]) { + case "profile": + $result = updateSettings(); + break; + case "password": + $result = updatePassword(); + break; + case "email": + break; + case "picture": + break; + } +} - diff --git a/website/public/styles/settings.css b/website/public/styles/settings.css index f1648c8..933e7fd 100644 --- a/website/public/styles/settings.css +++ b/website/public/styles/settings.css @@ -5,6 +5,17 @@ .settings-password { margin-right: 15px; } +.settings-message { + color: white; +} +.settings-message-angry { + background-color: firebrick; +} + +.settings-message-happy { + background-color: forestgreen; + +} .settings li { diff --git a/website/queries/connect.php b/website/queries/connect.php index ef3e1ba..ddb3c9b 100644 --- a/website/queries/connect.php +++ b/website/queries/connect.php @@ -8,6 +8,4 @@ else { $GLOBALS["db"] = new PDO("mysql:host=$dbconf->mysql_host;dbname=$dbconf->mysql_database;charset=utf8", "$dbconf->mysql_username", "$dbconf->mysql_password") or die('Error connecting to mysql server'); -} - -?> +} \ No newline at end of file diff --git a/website/queries/settings.php b/website/queries/settings.php index bd9e542..c59ff7f 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -21,6 +21,21 @@ function getSettings() { return $stmt->fetch(); } +function getPasswordHash() { + $stmt = $GLOBALS["db"]->prepare(" + SELECT + `password`, + `username` + FROM + `user` + WHERE + `userID` = :userID + "); + $stmt->bindParam(":userID", $_SESSION["userID"]); + $stmt->execute(); + return $stmt->fetch(); +} + function updateSettings() { $stmt = $GLOBALS["db"]->prepare(" UPDATE @@ -43,4 +58,52 @@ function updateSettings() { $stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->execute(); + + return array ( + "type" => "settings-message-happy", + "message" => "Instellingen zijn opgeslagen." + ); } + +function updatePassword() { + $user = getPasswordHash(); + if (password_verify($_POST["password-old"].strtolower($user["username"]), $user["password"])) { + if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) { + if (changePassword($user)) { + return array ("type" => "settings-message-happy", + "message" => "Wachtwoord gewijzigd."); + } else { + return array ( + "type" => "settings-message-angry", + "message" => "Er is iets mis gegaan."); + } + } else { + return array ( + "type" => "settings-message-angry", + "message" => "Wachtwoorden komen niet oveeen." + ); + } + } else { + return array( + "type" => "settings-message-angry", + "message" => "Oud wachtwoord niet correct." + ); + } +} + +function changePassword($user) { + $stmt =$GLOBALS["db"]->prepare(" + UPDATE + `user` + SET + `password` = :new_password + WHERE + `userID` = :userID + "); + + $hashed_password = password_hash($_POST["password-new"].strtolower($user["username"]), PASSWORD_DEFAULT); + $stmt->bindParam(":new_password", $hashed_password); + $stmt->bindParam(":userID", $_SESSION["userID"]); + $stmt->execute(); + return $stmt->rowCount(); +} \ No newline at end of file diff --git a/website/views/settings-view.php b/website/views/settings-view.php index 49ad1f9..a4fc139 100644 --- a/website/views/settings-view.php +++ b/website/views/settings-view.php @@ -4,6 +4,13 @@ $settings = getSettings();
+ + ${result["message"]} +
"; + } + ?>
Profiel Instellingen
@@ -108,9 +116,10 @@ $settings = getSettings(); >
  • - +
    • @@ -143,9 +152,10 @@ $settings = getSettings(); >
  • - +