MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into lars-chat

Browse Source
This commit is contained in:
Lars van Hijfte
2017-01-18 15:10:17 +01:00
parent 95fd3c0040 0e194ca084
commit cd954a8c4c
14 changed files with 312 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
website/queries/connect.php
View File

@@ -8,6 +8,4 @@ else {
$GLOBALS["db"] = new PDO("mysql:host=$dbconf->mysql_host;dbname=$dbconf->mysql_database;charset=utf8",
"$dbconf->mysql_username", "$dbconf->mysql_password")
or die('Error connecting to mysql server');
}
?>
}

19
website/queries/login.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
function hashPassword() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
`userID`
FROM
`user`
WHERE
`username` LIKE :username
");
$stmt->bindParam(":username", $_POST["uname"]);
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
?>

62
website/queries/register.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
function getExistingUsername() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`
FROM
`user`
WHERE
`username` LIKE :username
");
$stmt->bindParam(":username", $_POST["username"]);
$stmt->execute();
return $stmt->rowCount();
}
function getExistingEmail() {
$stmt = $GLOBALS["db"]->prepare("
SELECT * FROM `user` WHERE `email` = :email
");
$stmt->bindParam(":email", $_POST["email"]);
$stmt->execute();
return $stmt->rowCount();
}
function registerAccount() {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO
`user`(fname,
lname,
birthdate,
username,
password,
location,
email)
VALUES(
:fname,
:lname,
:bday,
:username,
:password,
:location,
:email
)");
$hash=password_hash($_POST["password"].(strtolower($_POST["username"])), PASSWORD_DEFAULT);
$stmt->bindParam(":fname", $_POST["name"]);
$stmt->bindParam(":lname", $_POST["surname"]);
$stmt->bindParam(":bday", $_POST["bday"]);
$stmt->bindParam(":username", $_POST["username"]);
$stmt->bindParam(":password", $hash);
$stmt->bindParam(":location", $_POST["location"]);
$stmt->bindParam(":email", $_POST["email"]);
$stmt->execute();
$stmt->rowCount();
}
?>

67
website/queries/settings.php
View File

@@ -10,9 +10,9 @@ function getSettings() {
`birthdate`,
`bio`,
`profilepicture`
FROM
FROM
`user`
WHERE
WHERE
`userID` = :userID
");
@@ -21,6 +21,21 @@ function getSettings() {
return $stmt->fetch();
}
function getPasswordHash() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
`username`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->fetch();
}
function updateSettings() {
$stmt = $GLOBALS["db"]->prepare("
UPDATE
@@ -43,4 +58,52 @@ function updateSettings() {
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return array (
"type" => "settings-message-happy",
"message" => "Instellingen zijn opgeslagen."
);
}
function updatePassword() {
$user = getPasswordHash();
if (password_verify($_POST["password-old"].strtolower($user["username"]), $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword($user)) {
return array ("type" => "settings-message-happy",
"message" => "Wachtwoord gewijzigd.");
} else {
return array (
"type" => "settings-message-angry",
"message" => "Er is iets mis gegaan.");
}
} else {
return array (
"type" => "settings-message-angry",
"message" => "Wachtwoorden komen niet oveeen."
);
}
} else {
return array(
"type" => "settings-message-angry",
"message" => "Oud wachtwoord niet correct."
);
}
}
function changePassword($user) {
$stmt =$GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`password` = :new_password
WHERE
`userID` = :userID
");
$hashed_password = password_hash($_POST["password-new"].strtolower($user["username"]), PASSWORD_DEFAULT);
$stmt->bindParam(":new_password", $hashed_password);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
}