From d27538a1648a65d8580ab9b56495b4ac0df40004 Mon Sep 17 00:00:00 2001
From: Marijn Jansen <marijn@jansen.onl>
Date: Thu, 19 Jan 2017 13:44:47 +0100
Subject: [PATCH] Email change implemented!

---
 website/public/settings.php  |  2 +-
 website/queries/settings.php | 61 +++++++++++++++++++++++++++++++++---
 2 files changed, 58 insertions(+), 5 deletions(-)

diff --git a/website/public/settings.php b/website/public/settings.php
index c3645f1..d5bc162 100644
--- a/website/public/settings.php
+++ b/website/public/settings.php
@@ -26,7 +26,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
             $result = updatePassword();
             break;
         case "email":
-            $result = $notImplemented;
+            $result = changeEmail();
             break;
         case "picture":
             $result = $notImplemented;
diff --git a/website/queries/settings.php b/website/queries/settings.php
index e3d4936..7c92583 100644
--- a/website/queries/settings.php
+++ b/website/queries/settings.php
@@ -106,18 +106,18 @@ function updatePassword() {
             if (changePassword()) {
                 return new settingsMessage("happy", "Wachtwoord gewijzigd.");
             } else {
-                return new settingsMessage("settings-message-angry", "Er is iets mis gegaan.");
+                return new settingsMessage("angry", "Er is iets mis gegaan.");
             }
         } else {
-            return new settingsMessage("settings-message-angry", "Wachtwoorden komen niet oveeen.");
+            return new settingsMessage("angry", "Wachtwoorden komen niet oveen.");
         }
     } else {
-        return new settingsMessage("settings-message-angry", "Oud wachtwoord niet correct.");
+        return new settingsMessage("angry", "Oud wachtwoord niet correct.");
     }
 }
 
 function changePassword() {
-    $stmt =$GLOBALS["db"]->prepare("
+    $stmt = $GLOBALS["db"]->prepare("
     UPDATE
       `user`
     SET
@@ -131,4 +131,57 @@ function changePassword() {
     $stmt->bindParam(":userID", $_SESSION["userID"]);
     $stmt->execute();
     return $stmt->rowCount();
+}
+
+function changeEmail() {
+
+    if ($_POST["email"] == $_POST["email-confirm"]) {
+        $email = strtolower($_POST["email"]);
+        if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
+            //check if email exists
+            if (emailIsAvailableInDatabase($email)) {
+                if (doChangeEmail($email)) {
+                    return new settingsMessage("happy", "Emailadres is veranderd.");
+                } else {
+                    return new settingsMessage("angry", "Er is iets mis gegaan.");
+                }
+            } else {
+                return new settingsMessage("angry", "Emailadres bestaat al.");
+            }
+        } else {
+            return new settingsMessage("angry", "Geef een geldig emailadres.");
+        }
+    } else {
+        return new settingsMessage("angry", "Emailadressen komen niet overeen.");
+    }
+}
+
+function emailIsAvailableInDatabase($email) {
+    $stmt = $GLOBALS["db"]->prepare("
+    SELECT
+        `email`
+    FROM
+        `user`
+    WHERE 
+      `email` = :email
+    ");
+
+    $stmt->bindParam(":email", $email);
+    $stmt->execute();
+    return !$stmt->rowCount();
+}
+
+function doChangeEmail($email) {
+    $stmt = $GLOBALS["db"]->prepare("
+    UPDATE
+        `user`
+    SET
+      `email` = :email
+    WHERE
+      `userID` = :userID
+    ");
+    $stmt->bindParam(":email", $email);
+    $stmt->bindParam(":userID", $_SESSION["userID"]);
+    $stmt->execute();
+    return $stmt->rowCount();
 }
\ No newline at end of file