From 609f350cd344812617a94a18847aa2590fd94044 Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Fri, 27 Jan 2017 12:27:40 +0100 Subject: [PATCH 1/5] Made different files for login and register --- website/public/login.php | 102 +-------- website/public/register(stash).php | 115 +++++++++++ website/public/register.php | 187 ++++++++--------- website/public/styles/index.css | 31 +-- website/queries/login.php | 5 +- website/views/bdayInput.php | 37 ++++ website/views/forgotPasswordModal.php | 35 ++++ website/views/login-view.php | 286 ++++---------------------- website/views/register-view.php | 8 - website/views/registerModal.php | 155 ++++++++++++++ 10 files changed, 482 insertions(+), 479 deletions(-) create mode 100644 website/public/register(stash).php create mode 100644 website/views/bdayInput.php create mode 100644 website/views/forgotPasswordModal.php create mode 100644 website/views/registerModal.php diff --git a/website/public/login.php b/website/public/login.php index 81fee57..9fd7fb0 100644 --- a/website/public/login.php +++ b/website/public/login.php @@ -28,7 +28,7 @@ $year_date = "jaar"; // Define variables and set to empty values - $user = $psw =""; + $user = $psw = $remember =""; $loginErr = $resetErr =""; if ($_SERVER["REQUEST_METHOD"] == "POST") { @@ -55,107 +55,9 @@ } break; case "register": - try { - $name = test_input(($_POST["name"])); - checkInputChoice($name, "lettersAndSpaces"); - } catch(lettersAndSpacesException $e){ - $correct = false; - $nameErr = $e->getMessage(); - } - - try { - $surname = test_input(($_POST["surname"])); - checkInputChoice($surname, "lettersAndSpaces"); - } - catch(lettersAndSpacesException $e){ - $correct = false; - $surnameErr = $e->getMessage(); - } - - try{ - $day_date = test_input(($_POST["day_date"])); - $month_date = test_input(($_POST["month_date"])); - $year_date = test_input(($_POST["year_date"])); - $bday = $year_date . "-" . $month_date . "-" . $day_date; - checkInputChoice($bday, "bday"); - } catch(bdayException $e){ - $correct = false; - $bdayErr = $e->getMessage(); - } - - try{ - $username = str_replace(' ', '', test_input(($_POST["username"]))); - checkInputChoice($username, "username"); - } catch(usernameException $e){ - $correct = false; - $usernameErr = $e->getMessage(); - } - - try{ - $password = str_replace(' ', '', test_input(($_POST["password"]))); - checkInputChoice($password, "longerEight"); - matchPassword(); - } catch(passwordException $e){ - $correct = false; - $passwordErr = $e->getMessage(); - } catch(confirmPasswordException $e){ - $correct = false; - $confirmPasswordErr = $e->getMessage(); - } - - try{ - $location = test_input(($_POST["location"])); - checkInputChoice($location, "lettersAndSpaces"); - } catch(lettersAndSpacesException $e){ - $correct = false; - $locationErr = $e->getMessage(); - } - - try{ - $email = test_input(($_POST["email"])); - checkInputChoice($email, "email"); - $confirmEmail = test_input(($_POST["confirmEmail"])); - matchEmail(); - } catch(emailException $e){ - $correct = false; - $emailErr = $e->getMessage(); - } catch(confirmEmailException $e){ - $correct = false; - $confirmEmailErr = $e->getMessage(); - } - - try{ - $captcha = $_POST['g-recaptcha-response']; - checkCaptcha($captcha); - } catch(captchaException $e){ - $correct = false; - $captchaErr = $e->getMessage(); - } - - try { - getIp(); - registerCheck($correct); - sendConfirmEmailUsername($username); - } catch(registerException $e){ - echo ""; - $genericErr = $e->getMessage(); - } + include("register.php"); } } -// // Trying to login -// if ($_SERVER["REQUEST_METHOD"] == "POST") { -// try{ -// $uname = ($_POST["uname"]); -// validateLogin($_POST["uname"], $_POST["psw"]); -// } catch(loginException $e) { -// $loginErr = $e->getMessage(); -// } -// } - /* This view adds login view */ include("../views/login-view.php"); ?> diff --git a/website/public/register(stash).php b/website/public/register(stash).php new file mode 100644 index 0000000..0077e62 --- /dev/null +++ b/website/public/register(stash).php @@ -0,0 +1,115 @@ + + + + +getMessage(); + } + + try { + $surname = test_input(($_POST["surname"])); + checkInputChoice($surname, "lettersAndSpaces"); + } + catch(lettersAndSpacesException $e){ + $correct = false; + $surnameErr = $e->getMessage(); + } + + try{ + $day_date = test_input(($_POST["day_date"])); + $month_date = test_input(($_POST["month_date"])); + $year_date = test_input(($_POST["year_date"])); + $bday = $year_date . "-" . $month_date . "-" . $day_date; + checkInputChoice($bday, "bday"); + } catch(bdayException $e){ + $correct = false; + $bdayErr = $e->getMessage(); + } + + try{ + $username = str_replace(' ', '', test_input(($_POST["username"]))); + checkInputChoice($username, "username"); + } catch(usernameException $e){ + $correct = false; + $usernameErr = $e->getMessage(); + } + + try{ + $password = str_replace(' ', '', test_input(($_POST["password"]))); + checkInputChoice($password, "longerEight"); + matchPassword(); + } catch(passwordException $e){ + $correct = false; + $passwordErr = $e->getMessage(); + } catch(confirmPasswordException $e){ + $correct = false; + $confirmPasswordErr = $e->getMessage(); + } + + try{ + $location = test_input(($_POST["location"])); + checkInputChoice($location, "lettersAndSpaces"); + } catch(lettersAndSpacesException $e){ + $correct = false; + $locationErr = $e->getMessage(); + } + + try{ + $email = test_input(($_POST["email"])); + checkInputChoice($email, "email"); + $confirmEmail = test_input(($_POST["confirmEmail"])); + matchEmail(); + } catch(emailException $e){ + $correct = false; + $emailErr = $e->getMessage(); + } catch(confirmEmailException $e){ + $correct = false; + $confirmEmailErr = $e->getMessage(); + } + + try{ + $captcha = $_POST['g-recaptcha-response']; + checkCaptcha($captcha); + } catch(captchaException $e){ + $correct = false; + $captchaErr = $e->getMessage(); + } + + try { + getIp(); + registerCheck($correct); + sendConfirmEmailUsername($username); + } catch(registerException $e){ + $genericErr = $e->getMessage(); + } + } +/* This view adds register view */ +include("../views/register-view.php"); +?> + + diff --git a/website/public/register.php b/website/public/register.php index 0077e62..ee19930 100644 --- a/website/public/register.php +++ b/website/public/register.php @@ -1,115 +1,90 @@ - - - -getMessage(); +} - // Trying to register an account - if ($_SERVER["REQUEST_METHOD"] == "POST") { - try { - $name = test_input(($_POST["name"])); - checkInputChoice($name, "lettersAndSpaces"); - } catch(lettersAndSpacesException $e){ - $correct = false; - $nameErr = $e->getMessage(); - } +try { + $surname = test_input(($_POST["surname"])); + checkInputChoice($surname, "lettersAndSpaces"); +} +catch(lettersAndSpacesException $e){ + $correct = false; + $surnameErr = $e->getMessage(); +} - try { - $surname = test_input(($_POST["surname"])); - checkInputChoice($surname, "lettersAndSpaces"); - } - catch(lettersAndSpacesException $e){ - $correct = false; - $surnameErr = $e->getMessage(); - } +try{ + $day_date = test_input(($_POST["day_date"])); + $month_date = test_input(($_POST["month_date"])); + $year_date = test_input(($_POST["year_date"])); + $bday = $year_date . "-" . $month_date . "-" . $day_date; + checkInputChoice($bday, "bday"); +} catch(bdayException $e){ + $correct = false; + $bdayErr = $e->getMessage(); +} - try{ - $day_date = test_input(($_POST["day_date"])); - $month_date = test_input(($_POST["month_date"])); - $year_date = test_input(($_POST["year_date"])); - $bday = $year_date . "-" . $month_date . "-" . $day_date; - checkInputChoice($bday, "bday"); - } catch(bdayException $e){ - $correct = false; - $bdayErr = $e->getMessage(); - } +try{ + $username = str_replace(' ', '', test_input(($_POST["username"]))); + checkInputChoice($username, "username"); +} catch(usernameException $e){ + $correct = false; + $usernameErr = $e->getMessage(); +} - try{ - $username = str_replace(' ', '', test_input(($_POST["username"]))); - checkInputChoice($username, "username"); - } catch(usernameException $e){ - $correct = false; - $usernameErr = $e->getMessage(); - } +try{ + $password = str_replace(' ', '', test_input(($_POST["password"]))); + checkInputChoice($password, "longerEight"); + matchPassword(); +} catch(passwordException $e){ + $correct = false; + $passwordErr = $e->getMessage(); +} catch(confirmPasswordException $e){ + $correct = false; + $confirmPasswordErr = $e->getMessage(); +} - try{ - $password = str_replace(' ', '', test_input(($_POST["password"]))); - checkInputChoice($password, "longerEight"); - matchPassword(); - } catch(passwordException $e){ - $correct = false; - $passwordErr = $e->getMessage(); - } catch(confirmPasswordException $e){ - $correct = false; - $confirmPasswordErr = $e->getMessage(); - } +try{ + $location = test_input(($_POST["location"])); + checkInputChoice($location, "lettersAndSpaces"); +} catch(lettersAndSpacesException $e){ + $correct = false; + $locationErr = $e->getMessage(); +} - try{ - $location = test_input(($_POST["location"])); - checkInputChoice($location, "lettersAndSpaces"); - } catch(lettersAndSpacesException $e){ - $correct = false; - $locationErr = $e->getMessage(); - } +try{ + $email = test_input(($_POST["email"])); + checkInputChoice($email, "email"); + $confirmEmail = test_input(($_POST["confirmEmail"])); + matchEmail(); +} catch(emailException $e){ + $correct = false; + $emailErr = $e->getMessage(); +} catch(confirmEmailException $e){ + $correct = false; + $confirmEmailErr = $e->getMessage(); +} - try{ - $email = test_input(($_POST["email"])); - checkInputChoice($email, "email"); - $confirmEmail = test_input(($_POST["confirmEmail"])); - matchEmail(); - } catch(emailException $e){ - $correct = false; - $emailErr = $e->getMessage(); - } catch(confirmEmailException $e){ - $correct = false; - $confirmEmailErr = $e->getMessage(); - } +try{ + $captcha = $_POST['g-recaptcha-response']; + checkCaptcha($captcha); +} catch(captchaException $e){ + $correct = false; + $captchaErr = $e->getMessage(); +} - try{ - $captcha = $_POST['g-recaptcha-response']; - checkCaptcha($captcha); - } catch(captchaException $e){ - $correct = false; - $captchaErr = $e->getMessage(); - } - - try { - getIp(); - registerCheck($correct); - sendConfirmEmailUsername($username); - } catch(registerException $e){ - $genericErr = $e->getMessage(); - } - } -/* This view adds register view */ -include("../views/register-view.php"); -?> - - +try { + getIp(); + registerCheck($correct); + sendConfirmEmailUsername($username); +} catch(registerException $e){ + echo ""; + $genericErr = $e->getMessage(); +} \ No newline at end of file diff --git a/website/public/styles/index.css b/website/public/styles/index.css index 85cc670..f5d40a7 100644 --- a/website/public/styles/index.css +++ b/website/public/styles/index.css @@ -28,10 +28,10 @@ body { form { /*background-color: #a87a87;*/ border-radius: 12px; - height: 80%; + height: 85%; margin: auto; width: 600px; - overflow-y:auto; + overflow-y: auto; overflow-x: hidden; } @@ -46,13 +46,13 @@ h1 { /* registreer titel*/ h2 { - padding: 16px; + padding: 8px; text-align: left; font-size: 2.0em; } h3 { - padding: 16px; + padding: 8px; text-align: center; font-size: 1.5em; } @@ -63,7 +63,7 @@ input[type=text], input[type=password], input[type=email], input[type="date"] { display: inline-block; height: 60%; font-size: 16px; - padding: 8px 20px; + padding: 8px 10px; margin: 4px 0; width: 55%; } @@ -79,7 +79,7 @@ button { cursor: pointer; height: 50%; padding: 8px 20px; - margin: 10px; + margin: 5px; font-family: Arial; font-size: 22px; box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); @@ -90,6 +90,7 @@ button { font-family: Arial; font-size: 15px; color: red; + text-align: left; } label { @@ -98,19 +99,19 @@ label { /* padding voor registreer container */ .login_containerregister { - padding: 16px; + padding: 8px; text-align: left; } /* padding voor login_containers */ .login_containerlogin { - padding:16px; + padding:8px; text-align: center; } /* padding voor foutmelding login */ .login_containerfault { - padding: 16px; + padding: 4px; text-align: center; color: red; } @@ -129,7 +130,7 @@ label { background-attachment: fixed;*/ box-shadow: 0 1px 3px rgba(0,0,0,0.12), 0 1px 2px rgba(0,0,0,0.24); height: 400px; - margin: 34px auto; + margin: 16px auto; overflow-y: auto; padding: 20px; width: 600px; @@ -149,12 +150,12 @@ ul { display: none; /* Hidden by default */ position: fixed; /* Stay in place */ z-index: 1; /* Sit on top */ - padding-top: 100px; /* Location of the box */ + padding-top: 30px; /* Location of the box */ left: 0; top: 0; width: 100%; /* Full width */ height: 100%; /* Full height */ - overflow: auto; /* Enable scroll if needed */ + overflow: hidden; /* Enable scroll if needed */ background-color: rgb(0,0,0); /* Fallback color */ background-color: rgba(0,0,0,0.4); /* Black w/ opacity */ } @@ -166,7 +167,7 @@ ul { margin: auto; padding: 0; border: 1px solid #888; - width: 589px; + width: 600px; box-shadow: 0 4px 8px 0 rgba(0,0,0,0.2),0 6px 20px 0 rgba(0,0,0,0.19); -webkit-animation-name: animatetop; -webkit-animation-duration: 0.4s; @@ -189,7 +190,7 @@ ul { .close { color: white; float: right; - font-size: 28px; + font-size: 36px; font-weight: bold; } @@ -201,7 +202,7 @@ ul { } .modal-header { - padding: 2px 16px; + padding: 4px 16px; background-color: #FBC02D; color: black; } diff --git a/website/queries/login.php b/website/queries/login.php index 6af9e1e..b686659 100644 --- a/website/queries/login.php +++ b/website/queries/login.php @@ -13,7 +13,7 @@ function getUser() { `email` LIKE :username "); - $stmt->bindParam(":username", test_input($_POST["user"])); + $stmt->bindValue(":username", test_input($_POST["user"])); $stmt->execute(); return $stmt->fetch(PDO::FETCH_ASSOC); } @@ -42,6 +42,9 @@ function validateLogin($username, $password){ "; } else { $_SESSION["userID"] = $userID; + if($_POST[rememberMe] == 1){ + ini_set("session.gc_maxlifetime", "10"); + } header("location: profile.php"); } } else { diff --git a/website/views/bdayInput.php b/website/views/bdayInput.php new file mode 100644 index 0000000..f3ddecc --- /dev/null +++ b/website/views/bdayInput.php @@ -0,0 +1,37 @@ + + + diff --git a/website/views/forgotPasswordModal.php b/website/views/forgotPasswordModal.php new file mode 100644 index 0000000..a84ae68 --- /dev/null +++ b/website/views/forgotPasswordModal.php @@ -0,0 +1,35 @@ + + + + + \ No newline at end of file diff --git a/website/views/login-view.php b/website/views/login-view.php index b9052b3..fa7f8fd 100644 --- a/website/views/login-view.php +++ b/website/views/login-view.php @@ -32,6 +32,11 @@ > +
+ +
+
+
@@ -49,269 +54,52 @@
- Registreer een account + - - + - - - - - - - -
+ +// When the user clicks anywhere outside of the modal, close it + window.onclick = function (event) { + if (event.target == modal) { + modal.style.display = "none"; + } + if (event.target == registerModal) { + registerModal.style.display = "none"; + } + } + \ No newline at end of file diff --git a/website/views/register-view.php b/website/views/register-view.php index 9577216..acb5f4b 100644 --- a/website/views/register-view.php +++ b/website/views/register-view.php @@ -41,14 +41,6 @@
- - - - - - - - + * + +
+ +
+ + + * +
+ + +
+ + + * +
+ + +
+ + + * + +
+ + + +
+ + + * + +
+ +
+ + + * +
+ + +
+ + + * +
+ + +
+ + + * +
+ + +
+ + + * +
+ +
+
+ +
+ + +
+ + +
+ + + + \ No newline at end of file From ce6a75163047b4209846129d748f620565a1cbbb Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 27 Jan 2017 12:30:28 +0100 Subject: [PATCH 2/5] Niet slecht inverted --- website/views/post-view.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/website/views/post-view.php b/website/views/post-view.php index 4e0ddb1..e3ceb9b 100644 --- a/website/views/post-view.php +++ b/website/views/post-view.php @@ -30,9 +30,9 @@ echo(" From 5e9629eddd5ccdf983c384602951a25f468b3081 Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Fri, 27 Jan 2017 14:03:11 +0100 Subject: [PATCH 3/5] Fixed bugs --- website/public/js/registerAndLogin.js | 6 +- website/public/register.php | 155 +++++++++++++------------- website/public/styles/index.css | 4 + website/queries/checkInput.php | 4 +- website/queries/login.php | 6 +- website/queries/register.php | 20 ++-- website/views/bdayInput.php | 24 ++-- website/views/forgotPasswordModal.php | 1 + website/views/login-view.php | 15 ++- website/views/registerModal.php | 5 +- 10 files changed, 127 insertions(+), 113 deletions(-) diff --git a/website/public/js/registerAndLogin.js b/website/public/js/registerAndLogin.js index b2fda05..87522cf 100644 --- a/website/public/js/registerAndLogin.js +++ b/website/public/js/registerAndLogin.js @@ -1,5 +1,5 @@ function checkLoggedIn() { - if (confirm("You are already logged in!\nDo you want to logout?\nPress ok to logout.") == true) { + if (confirm("U bent al ingelogd!!\nWilt u uitloggen?\nKlik ok om uit te loggen.") == true) { window.location.href = "logout.php"; } else { window.location.href = "profile.php"; @@ -7,9 +7,9 @@ function checkLoggedIn() { } function bannedAlert(){ - alert("Your account is banned"); + alert("Uw account is geband!"); } function emailNotConfirmed(){ - alert("Your account has not been verified yet!\nAnother email has been sent to you") + alert("Uw account is nog niet bevestigd!\nEr is een nieuwe email gestuurd om uw account te bevestigen"); } diff --git a/website/public/register.php b/website/public/register.php index ee19930..6bebd7e 100644 --- a/website/public/register.php +++ b/website/public/register.php @@ -1,90 +1,91 @@ getMessage(); -} -try { - $surname = test_input(($_POST["surname"])); - checkInputChoice($surname, "lettersAndSpaces"); -} -catch(lettersAndSpacesException $e){ - $correct = false; - $surnameErr = $e->getMessage(); -} + try { + $name = test_input(($_POST["name"])); + checkInputChoice($name, "lettersAndSpaces"); + } catch(lettersAndSpacesException $e){ + $correct = false; + $nameErr = $e->getMessage(); + } -try{ - $day_date = test_input(($_POST["day_date"])); - $month_date = test_input(($_POST["month_date"])); - $year_date = test_input(($_POST["year_date"])); - $bday = $year_date . "-" . $month_date . "-" . $day_date; - checkInputChoice($bday, "bday"); -} catch(bdayException $e){ - $correct = false; - $bdayErr = $e->getMessage(); -} + try { + $surname = test_input(($_POST["surname"])); + checkInputChoice($surname, "lettersAndSpaces"); + } + catch(lettersAndSpacesException $e){ + $correct = false; + $surnameErr = $e->getMessage(); + } -try{ - $username = str_replace(' ', '', test_input(($_POST["username"]))); - checkInputChoice($username, "username"); -} catch(usernameException $e){ - $correct = false; - $usernameErr = $e->getMessage(); -} + try{ + $day_date = test_input(($_POST["day_date"])); + $month_date = test_input(($_POST["month_date"])); + $year_date = test_input(($_POST["year_date"])); + $bday = $year_date . "-" . $month_date . "-" . $day_date; + checkInputChoice($bday, "bday"); + } catch(bdayException $e){ + $correct = false; + $bdayErr = $e->getMessage(); + } -try{ - $password = str_replace(' ', '', test_input(($_POST["password"]))); - checkInputChoice($password, "longerEight"); - matchPassword(); -} catch(passwordException $e){ - $correct = false; - $passwordErr = $e->getMessage(); -} catch(confirmPasswordException $e){ - $correct = false; - $confirmPasswordErr = $e->getMessage(); -} + try{ + $username = str_replace(' ', '', test_input(($_POST["username"]))); + checkInputChoice($username, "username"); + } catch(usernameException $e){ + $correct = false; + $usernameErr = $e->getMessage(); + } -try{ - $location = test_input(($_POST["location"])); - checkInputChoice($location, "lettersAndSpaces"); -} catch(lettersAndSpacesException $e){ - $correct = false; - $locationErr = $e->getMessage(); -} + try{ + $password = str_replace(' ', '', test_input(($_POST["password"]))); + checkInputChoice($password, "longerEight"); + matchPassword(); + } catch(passwordException $e){ + $correct = false; + $passwordErr = $e->getMessage(); + } catch(confirmPasswordException $e){ + $correct = false; + $confirmPasswordErr = $e->getMessage(); + } -try{ - $email = test_input(($_POST["email"])); - checkInputChoice($email, "email"); - $confirmEmail = test_input(($_POST["confirmEmail"])); - matchEmail(); -} catch(emailException $e){ - $correct = false; - $emailErr = $e->getMessage(); -} catch(confirmEmailException $e){ - $correct = false; - $confirmEmailErr = $e->getMessage(); -} + try{ + $location = test_input(($_POST["location"])); + checkInputChoice($location, "lettersAndSpaces"); + } catch(lettersAndSpacesException $e){ + $correct = false; + $locationErr = $e->getMessage(); + } -try{ - $captcha = $_POST['g-recaptcha-response']; - checkCaptcha($captcha); -} catch(captchaException $e){ - $correct = false; - $captchaErr = $e->getMessage(); -} + try{ + $email = test_input(($_POST["email"])); + checkInputChoice($email, "email"); + $confirmEmail = test_input(($_POST["confirmEmail"])); + matchEmail(); + } catch(emailException $e){ + $correct = false; + $emailErr = $e->getMessage(); + } catch(confirmEmailException $e){ + $correct = false; + $confirmEmailErr = $e->getMessage(); + } -try { - getIp(); - registerCheck($correct); - sendConfirmEmailUsername($username); -} catch(registerException $e){ - echo ""; - $genericErr = $e->getMessage(); -} \ No newline at end of file + $genericErr = $e->getMessage(); + } diff --git a/website/public/styles/index.css b/website/public/styles/index.css index f5d40a7..6f7caf0 100644 --- a/website/public/styles/index.css +++ b/website/public/styles/index.css @@ -68,6 +68,10 @@ input[type=text], input[type=password], input[type=email], input[type="date"] { width: 55%; } +.middle{ + text-align: center; +} + .center{ text-align: center; } diff --git a/website/queries/checkInput.php b/website/queries/checkInput.php index fbf64a7..52b830f 100644 --- a/website/queries/checkInput.php +++ b/website/queries/checkInput.php @@ -124,11 +124,11 @@ function matchPassword(){ /* Checks if captcha is correctly filled in */ function checkCaptcha($captcha){ if(!$captcha){ - throw new captchaException("Captcha needs to be filled in!"); + throw new captchaException("Captcha moet ingevuld worde!"); } else { $response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Lc72xIUAAAAAPizuF3nUbklCPljVCVzgYespz8o&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR'])); if($response->success==false) { - throw new captchaException("You are a spammer!"); + throw new captchaException("Je bent een spammer!"); } } } diff --git a/website/queries/login.php b/website/queries/login.php index b686659..384a3d5 100644 --- a/website/queries/login.php +++ b/website/queries/login.php @@ -42,9 +42,9 @@ function validateLogin($username, $password){ "; } else { $_SESSION["userID"] = $userID; - if($_POST[rememberMe] == 1){ - ini_set("session.gc_maxlifetime", "10"); - } +// if($_POST[rememberMe] == 1){ +// ini_set("session.gc_maxlifetime", "10"); +// } header("location: profile.php"); } } else { diff --git a/website/queries/register.php b/website/queries/register.php index be9d415..bc44acf 100644 --- a/website/queries/register.php +++ b/website/queries/register.php @@ -10,7 +10,7 @@ function getExistingUsername() { `username` LIKE :username "); - $stmt->bindParam(":username", test_input($_POST["username"])); + $stmt->bindValue(":username", test_input($_POST["username"])); $stmt->execute(); return $stmt->rowCount(); @@ -26,7 +26,7 @@ function getExistingEmail() { `email` LIKE :email "); - $stmt->bindParam(":email", test_input($_POST["email"])); + $stmt->bindValue(":email", test_input($_POST["email"])); $stmt->execute(); return $stmt->rowCount(); @@ -42,7 +42,7 @@ function getResetEmail() { `email` LIKE :email "); - $stmt->bindParam(":email", test_input($_POST["forgotEmail"])); + $stmt->bindValue(":email", test_input($_POST["forgotEmail"])); $stmt->execute(); return $stmt->rowCount(); @@ -70,13 +70,13 @@ function registerAccount() { $hash=password_hash($_POST["password"], PASSWORD_DEFAULT); - $stmt->bindParam(":fname", test_input($_POST["name"])); - $stmt->bindParam(":lname", test_input($_POST["surname"])); - $stmt->bindParam(":bday", test_input($_POST["bday"])); - $stmt->bindParam(":username", test_input($_POST["username"])); - $stmt->bindParam(":password", test_input($hash)); - $stmt->bindParam(":location", test_input($_POST["location"])); - $stmt->bindParam(":email", test_input(strtolower($_POST["email"]))); + $stmt->bindValue(":fname", test_input($_POST["name"])); + $stmt->bindValue(":lname", test_input($_POST["surname"])); + $stmt->bindValue(":bday", test_input($_POST["bday"])); + $stmt->bindValue(":username", test_input($_POST["username"])); + $stmt->bindValue(":password", test_input($hash)); + $stmt->bindValue(":location", test_input($_POST["location"])); + $stmt->bindValue(":email", test_input(strtolower($_POST["email"]))); $stmt->execute(); $stmt->rowCount(); diff --git a/website/views/bdayInput.php b/website/views/bdayInput.php index f3ddecc..f4e440f 100644 --- a/website/views/bdayInput.php +++ b/website/views/bdayInput.php @@ -11,18 +11,18 @@ diff --git a/website/views/login-view.php b/website/views/login-view.php index fa7f8fd..8edc777 100644 --- a/website/views/login-view.php +++ b/website/views/login-view.php @@ -15,6 +15,7 @@ - - @@ -49,6 +46,11 @@ Inloggen + + @@ -78,7 +80,10 @@ var registerSpan = document.getElementsByClassName("close")[1]; // When the user clicks the button, open the modal btn.onclick = function () { +// modal.style.display = "block"; modal.style.display = "block"; + window.onload=emailSent(); + } registerBtn.onclick = function () { diff --git a/website/views/registerModal.php b/website/views/registerModal.php index f55c33a..b430ab8 100644 --- a/website/views/registerModal.php +++ b/website/views/registerModal.php @@ -19,6 +19,8 @@ return= $correct method="post"> + + @@ -135,7 +137,8 @@ From e9eeeaf11045b6c98a7f52929c4cb906cf125db9 Mon Sep 17 00:00:00 2001 From: Joey Lai Date: Fri, 27 Jan 2017 14:17:56 +0100 Subject: [PATCH 4/5] fixed idk --- website/queries/requestpassword.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/queries/requestpassword.php b/website/queries/requestpassword.php index c0ff462..bae825a 100644 --- a/website/queries/requestpassword.php +++ b/website/queries/requestpassword.php @@ -50,5 +50,5 @@ function setHashToDatabase(int $userID, string $hash) { $stmt->bindParam(":hash", $hash); $stmt->bindParam(":userID", $userID); $stmt->execute(); - return $stmt->rowCount(); + $stmt->rowCount(); } \ No newline at end of file From 7e2c20e2447a10fd449bc718e4b735bf5b589559 Mon Sep 17 00:00:00 2001 From: Marijn Jansen Date: Fri, 27 Jan 2017 15:40:07 +0100 Subject: [PATCH 5/5] Added showEmail and showBday to the settings page --- website/queries/settings.php | 49 ++++++++++++++++++++++++++++----- website/views/settings-view.php | 26 +++++++++++++++++ 2 files changed, 68 insertions(+), 7 deletions(-) diff --git a/website/queries/settings.php b/website/queries/settings.php index 0bf8791..05e7fbf 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -1,6 +1,10 @@ fetch(); } +/** + * Gets the passwordHas form the database + * @return mixed passwordhash + */ function getPasswordHash() { $stmt = $GLOBALS["db"]->prepare(" SELECT @@ -73,6 +91,10 @@ function getPasswordHash() { return $stmt->fetch(); } +/** + * Changes the setting from post. + * @throws HappyAlert + */ function updateSettings() { $stmt = $GLOBALS["db"]->prepare(" UPDATE @@ -82,7 +104,9 @@ function updateSettings() { `lname` = :lname, `location` = :location, `birthdate` = :bday, - `bio` = :bio + `bio` = :bio, + `showEmail` = :showEmail, + `showBday` = :showBday WHERE `userID` = :userID "); @@ -92,15 +116,22 @@ function updateSettings() { $stmt->bindValue(":location", test_input($_POST["location"])); $stmt->bindValue(":bday", test_input($_POST["bday"])); $stmt->bindValue(":bio", test_input($_POST["bio"])); + $stmt->bindValue(":showEmail", test_input($_POST["showEmail"])); + $stmt->bindValue(":showBday", test_input($_POST["showBday"])); + $stmt->bindValue(":userID", $_SESSION["userID"]); $stmt->execute(); throw new HappyAlert("Instellingen zijn opgeslagen."); } +/** + * Change + * @throws AngryAlert + */ function changePassword() { $user = getPasswordHash(); - if (password_verify($_POST["password-old"], $user["password"])) { - if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) { + if (password_verify($_POST["password-old"], test_input($user["password"]))) { + if (test_input($_POST["password-new"]) == test_input($_POST["password-confirm"]) && (strlen(test_input($_POST["password-new"])) >= 8)) { doChangePassword(); } else { throw new AngryAlert("Wachtwoorden komen niet overeen."); @@ -110,6 +141,10 @@ function changePassword() { } } +/** + * @throws AngryAlert + * @throws HappyAlert + */ function doChangePassword() { $stmt = $GLOBALS["db"]->prepare(" UPDATE @@ -134,8 +169,8 @@ function doChangePassword() { function changeEmail() { - if ($_POST["email"] == $_POST["email-confirm"]) { - $email = strtolower($_POST["email"]); + if (test_input($_POST["email"]) == test_input($_POST["email-confirm"])) { + $email = strtolower(test_input($_POST["email"])); if (filter_var($email, FILTER_VALIDATE_EMAIL)) { //check if email exists emailIsAvailableInDatabase($email); @@ -193,7 +228,6 @@ function updateAvatar() { $tmpImg = $_FILES["pp"]["tmp_name"]; checkAvatarSize($tmpImg); - removeOldAvatar(); if (getimagesize($tmpImg)["mime"] == "image/gif") { if ($_FILES["pp"]["size"] > 4000000) { throw new AngryAlert("Bestand is te groot, maximaal 4MB toegestaan."); @@ -205,6 +239,7 @@ function updateAvatar() { $scaledImg = scaleAvatar($tmpImg); imagepng($scaledImg, $profilePictureDir . $relativePath); } + removeOldAvatar(); setAvatarToDatabase("../" . $relativePath); throw new HappyAlert("Profielfoto veranderd."); } diff --git a/website/views/settings-view.php b/website/views/settings-view.php index 66513fc..b6a3b4c 100644 --- a/website/views/settings-view.php +++ b/website/views/settings-view.php @@ -51,6 +51,32 @@ $settings = getSettings(); value="" > +
  • + + + > Ja + + > Nee +
    • +
  • + + + > Ja + + > Nee +