MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into lars-chat

Browse Source
This commit is contained in:
Lars van Hijfte
2017-01-18 15:10:17 +01:00
parent 95fd3c0040 0e194ca084
commit cd954a8c4c
14 changed files with 312 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
website/public/login.php
View File

@@ -1,7 +1,9 @@
<!DOCTYPE html>
<html>
<?php
include("../views/login_head.php");
include("../views/login_head.php");
include_once("../queries/connect.php");
include_once("../queries/login.php");
?>
<body>
<?php
@@ -11,7 +13,6 @@ include("../views/login_head.php");
$uname = $psw ="";
$loginErr ="";
// Trying to login
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Empty username or password field
@@ -20,49 +21,23 @@ include("../views/login_head.php");
}
else {
$uname=$_POST["uname"];
$uname=strtolower($_POST["uname"]);
$psw=$_POST["psw"];
// Protection against MySQL injections
$uname = stripslashes($uname);
$psw = stripslashes($psw);
$uname = mysql_real_escape_string($uname);
$psw = mysql_real_escape_string($psw);
// Database information
$servername = "agile136.science.uva.nl";
$username = "mhbp";
$password = "qdtboXhCHJyL2szC";
// Creates connection
$conn = new mysqli($servername, $username, $password);
// Selects database
$db = mysql_select_db("company", $connection);
// Query for listing all accounts that meets the requirement of the login information
$query = mysql_query("select * from login where password='$psw' AND username='$uname'", $connection);
// Checks if there's an account
$count = mysql_num_rows($query);
$hash=hashPassword()["password"];
$userid=hashPassword()["userID"];
// If there's an account, go to the profile page
if($count == 1) {
$_SESSION[$uname] = $uname;
$_SESSION[$userID] = $userID;
if(password_verify($psw.$uname, $hash)) {
$_SESSION["userID"] = $userid;
header("location: /profile.php");
header("location: myhyvesbookplus.nl/profile.php");
}else {
} else {
$loginErr = "Inloggegevens zijn niet correct";
}
// Closing Connection
mysql_close($connection);
}
}
/* This view adds login view */
include("../views/login-view.php");
?>

77
website/public/register.php
View File

@@ -3,6 +3,7 @@
<?php
include("../views/login_head.php");
include_once("../queries/connect.php");
include_once("../queries/register.php");
?>
<body>
@@ -10,8 +11,8 @@
session_start();
// define variables and set to empty values
$name = $surname = $bday = $username = $password = $confirmpassword = $streetname = $housenumber = $email = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $streetnameErr = $housenumberErr = $emailErr = "";
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = "";
$correct = true;
// Saves information of filling in the form
@@ -35,8 +36,8 @@
$password = $_POST["password"];
}
if (isset($_POST["streetname"])) {
$streetname = $_POST["streetname"];
if (isset($_POST["location"])) {
$location = $_POST["location"];
}
if (isset($_POST["housenumber"])) {
@@ -87,6 +88,10 @@
$usernameErr = "Gebruikersnaam moet minstens 6 karakters bevatten";
$correct = false;
} else if (getExistingUsername() == 1){
$usernameErr = "Gebruikersnaam bestaat al";
$correct = false;
}
}
@@ -108,30 +113,24 @@
}
if ($_POST["password"]!= $_POST["confirmpassword"]) {
if ($_POST["password"] != $_POST["confirmpassword"]) {
$confirmpasswordErr = "Wachtwoorden matchen niet";
$correct = false;
}
if (empty($_POST["streetname"])) {
$streetnameErr = "Straatnaam is verplicht!";
if (empty($_POST["location"])) {
$locationErr = "Straatnaam is verplicht!";
$correct = false;
} else {
if (!preg_match("/^[a-zA-Z ]*$/",$streetname)) {
$streetnameErr = "Alleen letters en spaties zijn toegestaan!";
if (!preg_match("/^[a-zA-Z ]*$/",$location)) {
$locationErr = "Alleen letters en spaties zijn toegestaan!";
$correct = false;
}
}
if (empty($_POST["housenumber"])) {
$housenumberErr = "Huisnummer is verplicht!";
$correct = false;
}
if (empty($_POST["email"])) {
$emailErr = "Email is verplicht!";
$correct = false;
@@ -140,6 +139,11 @@
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Geldige email invullen!";
$correct = false;
} else if (getExistingEmail() == 1){
$emailErr = "Email bestaat al";
$correct = false;
}
}
@@ -148,48 +152,9 @@
$genericErr = "Bepaalde velden zijn verkeerd of niet ingevuld!";
} else {
$servername = "agile136.science.uva.nl";
$username = "mhbp";
$password = "qdtboXhCHJyL2szC";
registerAccount();
header("location: login.php");
// Creates connection
$conn = new mysqli($servername, $username, $password);
// Checks connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// Query for inserting all the data in the database
$sql = "INSERT INTO
VALUES ($name, $surname, $bday, $username, $password,
$confirmpassword, $streetname, $housenumber, $email)";
// Checks if able to insert into database
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
<?php
/* Execute a prepared statement by binding PHP variables */
$calories = 150;
$colour = 'red';
$sth = $dbh->prepare('SELECT name, colour, calories
FROM fruit
WHERE calories < :calories AND colour = :colour');
$sth->bindParam(':calories', $calories, PDO::PARAM_INT);
$sth->bindParam(':colour', $colour, PDO::PARAM_STR, 12);
$sth->execute();
?>
// Closing connection
mysql_close($connection);
}
}

23
website/public/settings.php
View File

@@ -3,7 +3,6 @@
<head>
<?php
include("../views/head.php");
$_SESSION["userID"] = 2;
include_once("../queries/connect.php");
include_once("../queries/settings.php");
?>
@@ -13,22 +12,26 @@
</head>
<body>
<?php
/*
* This view adds the main layout over the screen.
* Header and menu.
*/
include("../views/main.php");
if ($_SERVER["REQUEST_METHOD"] == "POST") {
updateSettings();
}?>
switch ($_POST["form"]) {
case "profile":
$result = updateSettings();
break;
case "password":
$result = updatePassword();
break;
case "email":
break;
case "picture":
break;
}
}
<?php
/* Add your view files here. */
include("../views/settings-view.php");
/* This adds the footer. */
include("../views/footer.php");
?>

3
website/public/styles/index.css
View File

@@ -59,8 +59,9 @@ div[data-title]:hover:after{
body {
height: 900px;
background-image: url(https://images2.pixlis.com/background-image-plaid-checkered-seamless-tileable-235ftm.png);
background-image: url(https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTEnqKdVtLbxjKuNsCSCxFRhTOpp3Gm0gsU8bMgA_MeUYyzrUFy);
background-size: contain;
background-repeat: repeat-x;
background-attachment: fixed;
/*background-color: #B78996;*/

11
website/public/styles/settings.css
View File

@@ -5,6 +5,17 @@
.settings-password {
margin-right: 15px;
}
.settings-message {
color: white;
}
.settings-message-angry {
background-color: firebrick;
}
.settings-message-happy {
background-color: forestgreen;
}
.settings li {