diff --git a/website/public/settings.php b/website/public/settings.php index e21ce9b..97c47e4 100644 --- a/website/public/settings.php +++ b/website/public/settings.php @@ -19,10 +19,10 @@ include("../views/main.php"); if ($_SERVER["REQUEST_METHOD"] == "POST") { switch ($_POST["form"]) { case "profile": - updateSettings(); + $result = updateSettings(); break; case "password": - updatePassword(); + $result = updatePassword(); break; case "email": break; diff --git a/website/public/styles/settings.css b/website/public/styles/settings.css index f1648c8..933e7fd 100644 --- a/website/public/styles/settings.css +++ b/website/public/styles/settings.css @@ -5,6 +5,17 @@ .settings-password { margin-right: 15px; } +.settings-message { + color: white; +} +.settings-message-angry { + background-color: firebrick; +} + +.settings-message-happy { + background-color: forestgreen; + +} .settings li { diff --git a/website/queries/settings.php b/website/queries/settings.php index ee37688..1d47d32 100644 --- a/website/queries/settings.php +++ b/website/queries/settings.php @@ -24,7 +24,8 @@ function getSettings() { function getPasswordHash() { $stmt = $GLOBALS["db"]->prepare(" SELECT - `password` + `password`, + `username` FROM `user` WHERE @@ -57,19 +58,40 @@ function updateSettings() { $stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->execute(); + + return array ( + "type" => "settings-message-happy", + "message" => "Instellingen zijn opgeslagen." + ); } function updatePassword() { - if (password_verify($_POST["password-old"], getPasswordHash()["password"])) { - if ($_POST["password-new"] == $_POST["password-confirm"]) { - changePassword(); + $user = getPasswordHash(); + if (password_verify($_POST["password-old"].strtolower($user["username"]), $user["password"])) { + if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) { + if (changePassword($user)) { + return array ("type" => "settings-message-happy", + "message" => "Wachtwoord gewijzigd."); + } else { + return array ( + "type" => "settings-message-angry", + "message" => "Er is iets mis gegaan."); + } + } else { + return array ( + "type" => "settings-message-angry", + "message" => "Wachtwoorden komen niet oveeen." + ); } } else { - print("Did not match"); + return array( + "type" => "settings-message-angry", + "message" => "Oud wachtwoord niet correct." + ); } } -function changePassword() { +function changePassword($user) { $stmt =$GLOBALS["db"]->prepare(" UPDATE `user` @@ -79,8 +101,9 @@ function changePassword() { `userID` = :userID "); - $hashed_password = password_hash($_POST["password-new"], PASSWORD_DEFAULT); + $hashed_password = password_hash($_POST["password-new"].strtolower($user["username"]), PASSWORD_DEFAULT); $stmt->bindParam(":new_password", $hashed_password); $stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->execute(); + return $stmt->rowCount(); } \ No newline at end of file diff --git a/website/views/settings-view.php b/website/views/settings-view.php index ffc7c74..a4fc139 100644 --- a/website/views/settings-view.php +++ b/website/views/settings-view.php @@ -4,6 +4,13 @@ $settings = getSettings();
+ + ${result["message"]} +
"; + } + ?>
Profiel Instellingen