Added password change
This commit is contained in:
Marijn Jansen
@@ -13,22 +13,26 @@
|
||||
</head>
|
||||
<body>
|
||||
<?php
|
||||
/*
|
||||
* This view adds the main layout over the screen.
|
||||
* Header and menu.
|
||||
*/
|
||||
|
||||
include("../views/main.php");
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
switch ($_POST["form"]) {
|
||||
case "profile":
|
||||
updateSettings();
|
||||
}?>
|
||||
break;
|
||||
case "password":
|
||||
updatePassword();
|
||||
break;
|
||||
case "email":
|
||||
break;
|
||||
case "picture":
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
<?php
|
||||
/* Add your view files here. */
|
||||
include("../views/settings-view.php");
|
||||
|
||||
/* This adds the footer. */
|
||||
include("../views/footer.php");
|
||||
|
||||
?>
|
||||
|
||||
@@ -9,5 +9,3 @@ else {
|
||||
"$dbconf->mysql_username", "$dbconf->mysql_password")
|
||||
or die('Error connecting to mysql server');
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@@ -21,6 +21,20 @@ function getSettings() {
|
||||
return $stmt->fetch();
|
||||
}
|
||||
|
||||
function getPasswordHash() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
SELECT
|
||||
`password`
|
||||
FROM
|
||||
`user`
|
||||
WHERE
|
||||
`userID` = :userID
|
||||
");
|
||||
$stmt->bindParam(":userID", $_SESSION["userID"]);
|
||||
$stmt->execute();
|
||||
return $stmt->fetch();
|
||||
}
|
||||
|
||||
function updateSettings() {
|
||||
$stmt = $GLOBALS["db"]->prepare("
|
||||
UPDATE
|
||||
@@ -44,3 +58,29 @@ function updateSettings() {
|
||||
|
||||
$stmt->execute();
|
||||
}
|
||||
|
||||
function updatePassword() {
|
||||
if (password_verify($_POST["password-old"], getPasswordHash()["password"])) {
|
||||
if ($_POST["password-new"] == $_POST["password-confirm"]) {
|
||||
changePassword();
|
||||
}
|
||||
} else {
|
||||
print("Did not match");
|
||||
}
|
||||
}
|
||||
|
||||
function changePassword() {
|
||||
$stmt =$GLOBALS["db"]->prepare("
|
||||
UPDATE
|
||||
`user`
|
||||
SET
|
||||
`password` = :new_password
|
||||
WHERE
|
||||
`userID` = :userID
|
||||
");
|
||||
|
||||
$hashed_password = password_hash($_POST["password-new"], PASSWORD_DEFAULT);
|
||||
$stmt->bindParam(":new_password", $hashed_password);
|
||||
$stmt->bindParam(":userID", $_SESSION["userID"]);
|
||||
$stmt->execute();
|
||||
}
|
||||
@@ -54,9 +54,10 @@ $settings = getSettings();
|
||||
</li>
|
||||
<li>
|
||||
<label></label>
|
||||
<input type="submit"
|
||||
value="Opslaan"
|
||||
>
|
||||
<button type="submit"
|
||||
value="profile"
|
||||
name="form"
|
||||
>Opslaan</button>
|
||||
</li>
|
||||
</ul>
|
||||
</form>
|
||||
@@ -108,9 +109,10 @@ $settings = getSettings();
|
||||
>
|
||||
</li>
|
||||
<li>
|
||||
<input type="submit"
|
||||
value="Verander wachtwoord"
|
||||
>
|
||||
<button type="submit"
|
||||
name="form"
|
||||
value="password"
|
||||
>Verander wachtwoord</button>
|
||||
</li>
|
||||
</ul>
|
||||
</form>
|
||||
@@ -143,9 +145,10 @@ $settings = getSettings();
|
||||
>
|
||||
</li>
|
||||
<li>
|
||||
<input type="submit"
|
||||
value="Verander Email"
|
||||
>
|
||||
<button type="submit"
|
||||
name="form"
|
||||
value="email"
|
||||
>Verander Email</button>
|
||||
</li>
|
||||
</ul>
|
||||
</form>
|
||||
|
||||
Reference in New Issue
Block a user