MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Hendrik post #126

Merged
11342374 merged 53 commits from hendrik-post into master 2017-01-25 16:20:49 +01:00
Conversation 2 Commits 53 Files Changed 35 +284 -128
8 changed files with 284 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit ec56dbe578 - Show all commits

1
website/public/API/loadMessages.php
View File

@@ -9,6 +9,7 @@ require_once("../../queries/friendship.php");
if (isset($_POST["lastID"]) && $_POST["lastID"] != "") {
echo getNewChatMessages(test_input($_POST["lastID"]), test_input($_POST["destination"]));
setLastVisited(test_input($_POST["destination"]));
} else {
echo getOldChatMessages(test_input($_POST["destination"]));
setLastVisited(test_input($_POST["destination"]));

93
website/public/register.php
View File

@@ -10,33 +10,90 @@
<?php
session_start();
if(isset($_SESSION["userID"])){
header("location: profile.php");
header("location: login.php");
}
// define variables and set to empty values
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = "";
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $captcha = $ip = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $captchaErr = "";
$correct = true;
// Trying to register an account
if ($_SERVER["REQUEST_METHOD"] == "POST") {
checkInputChoice("name", "lettersAndSpace");
checkInputChoice("surname", "lettersAndSpace");
if (empty($_POST["bday"])) {
$bdayErr = "Geboortedatum is verplicht!";
try {
$name = test_input(($_POST["name"]));
checkInputChoice($name, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$correct = false;
} else {
$bday = test_input($_POST["bday"]);
$nameErr = $e->getMessage();
}
checkInputChoice("username", "username");
checkInputChoice("password", "longerEight");
checkInputChoice("confirmpassword", "");
matchPassword();
checkInputChoice("location", "lettersAndSpace");
checkInputChoice("email", "email");
registerCheck();
try {
$surname = test_input(($_POST["surname"]));
checkInputChoice($surname, "lettersAndSpaces");
}
catch(lettersAndSpacesException $e){
$correct = false;
$surnameErr = $e->getMessage();
}
try{
$bday = test_input(($_POST["bday"]));
checkInputChoice($bday, "bday");
} catch(bdayException $e){
$correct = false;
$bdayErr = $e->getMessage();
}
try{
$username = test_input(($_POST["username"]));
checkInputChoice($username, "username");
} catch(usernameException $e){
$correct = false;
$usernameErr = $e->getMessage();
}
try{
$password = test_input(($_POST["password"]));
checkInputChoice($password, "longerEight");
matchPassword();
} catch(passwordException $e){
$correct = false;
$passwordErr = $e->getMessage();
} catch(confirmPasswordException $e){
$correct = false;
$confirmPasswordErr = $e->getMessage();
}
try{
$location = test_input(($_POST["location"]));
checkInputChoice($location, "lettersAndSpaces");
} catch(lettersAndSpacesException $e){
$correct = false;
$locationErr = $e->getMessage();
}
try{
$email = test_input(($_POST["email"]));
checkInputChoice($email, "email");
} catch(emailException $e){
$correct = false;
$emailErr = $e->getMessage();
}
try{
$captcha = $_POST['g-recaptcha-response'];
checkCaptcha($captcha);
} catch(captchaException $e){
$correct = false;
$captchaErr = $e->getMessage();
}
try {
getIp();
registerCheck($correct);
} catch(registerException $e){
$genericErr = $e->getMessage();
}
}
/* This view adds register view */
include("../views/register-view.php");

64
website/public/styles/index.css
View File

@@ -4,17 +4,16 @@ a.button {
color: black;
cursor: pointer;
height: 50%;
margin: 8px 0;
padding: 14px 20px;
width: 25%;
padding: 8px 20px;
width: 50%;
font-family: Arial;
font-size: 16px;
font-size: 20px;
}
/* Body */
body {
height: 100%;
background-color: #C8CABD;
background-color: #FBC02D;
/*background-image: url(http://play.pokemonshowdown.com/fx/client-bg-shaymin.jpg);
background-size: cover;
background-attachment: fixed;*/
@@ -24,31 +23,14 @@ body {
font-family: Arial, sans-serif;
}
/* The Close Button */
.close {
/* Position it in the top right corner outside of the modal */
color: white;
font-size: 100px;
font-weight: bold;
position: absolute;
right: 25px;
top: 0;
}
/* Close button on hover */
.close:hover,
.close:focus {
color: red;
cursor: pointer;
}
/* inlogform */
form {
/*background-color: #a87a87;*/
border-radius: 12px;
height: 70%;
height: 75%;
margin: auto;
width: 70%;
width: 80%;
overflow-y:auto;
}
@@ -72,24 +54,20 @@ input[type=text], input[type=password], input[type=email], input[type="date"] {
border-color: #C8CABD;
display: inline-block;
height: 60%;
font-size: 16px;
padding: 8px 20px;
margin: 4px 0;
width: 70%;
width: 55%;
}
/*
input[type=text], input[type=password], input[type=email], input[type="date"] {
border: 0px;
border-bottom: 4px solid lightgray;
border-radius: 0px;
}*/
button[type=submit] {
background-color: #C8CABD;
color: black ;
color: black;
cursor: pointer;
font-family: Arial;
font-size: 16px;
width: 50%;
font-size: 22px;
height: 30px;
width: 120px;
}
.error {
@@ -106,12 +84,12 @@ label {
display: inline-block;
position: relative;
background-color: #C8CABD;
height: 30px;
width: 90px;
padding: 3px 3px 3px 0px;
height: 25px;
width: 120px;
padding: 3px 3px 3px 3px;
text-align: center;
border-radius: 0px 10px 10px 0px;
font-size: 24px;
border-radius: 0px 5px 5px 0px;
font-size: 22px;
}
.left-arrow:after {
@@ -121,9 +99,9 @@ label {
right: 100%;
top: 0;
bottom: 0;
border-top: 15px solid transparent;
border-top: 12px solid transparent;
border-right: 20px solid #C8CABD;
border-bottom: 15px solid transparent;
border-bottom: 12px solid transparent;
border-left: 0px solid transparent;
}
@@ -135,7 +113,7 @@ label {
/* padding voor login_containers */
.login_containerlogin {
padding:25px;
padding:16px;
text-align: center;
}
@@ -163,7 +141,7 @@ label {
margin: 34px auto;
overflow-y: auto;
padding: 20px;
width: 50%;
width: 45%;
}
/*.platform {

206
website/queries/checkInput.php
View File

@@ -1,97 +1,138 @@
<?php
/**
* Function for checking inputfields
* @param variable $variable Give name of the inputfield.
* @param string $option Give the name of the option.
* @param String $variable Give name of the inputfield.
* @param String $option Give the name of the option.
* @return sets correct to false and gives value to error message if it doesn't pass the checks.
*/
function checkInputChoice($variable, $option){
if (empty($_POST[$variable])) {
$GLOBALS[$variable . "Err"] = "Verplicht!";
$GLOBALS["correct"] = false;
switch ($option) {
case "lettersAndSpaces";
checkName($variable);
break;
} else {
$GLOBALS[$variable] = test_input($_POST[$variable]);
switch ($option) {
case "lettersAndSpace":
checkonly($variable);
break;
case "bday";
validateBday($variable);
break;
case "username";
username($variable);
break;
case "username";
username($variable);
break;
case "longerEight";
longerEight($variable);
break;
case "longerEight";
longerEight($variable);
break;
case "email";
validateEmail($variable);
break;
case "email";
validateEmail($variable);
break;
default:
break;
default:
break;
}
}
}
/* Checks for only letters and spaces. */
function checkOnly($variable){
if (!preg_match("/^[a-zA-Z ]*$/",$GLOBALS[$variable])) {
$GLOBALS[$variable . "Err"] = "Alleen letters en spaties zijn toegestaan!";
$correct = false;
function checkName($variable){
if (empty($variable)) {
throw new lettersAndSpacesException("Verplicht!");
} else if (!preg_match("/^[a-zA-Z ]*$/", $variable)) {
throw new lettersAndSpacesException("Alleen letters en spaties zijn toegestaan!");
}
}
/* Checks for bday */
function validateBday($variable){
if (empty($variable)) {
throw new bdayException("Verplicht!");
} else {
if (!(validateDate($variable, "Y/m/d"))) {
throw new bdayException("Geen geldige datum");
} else {
$dateNow = date("Y/m/d");
if ($dateNow < $variable) {
throw new bdayException("Geen geldige datum");
}
}
}
}
// Checks for date
function validateDate($date, $format)
{
$d = DateTime::createFromFormat($format, $date);
return $d && $d->format($format) == $date;
}
/* checks if username exist and if its longer than 6 characters. */
function username($variable){
if (strlen($GLOBALS[$variable]) < 6) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam moet minstens 6 karakters bevatten";
$correct = false;
if (empty($variable)) {
throw new usernameException("Verplicht!");
} else if (strlen($variable) < 6) {
throw new usernameException("Moet minstens 6 karakters bevatten");
} else if (getExistingUsername() == 1) {
$GLOBALS[$variable . "Err"] = "Gebruikersnaam bestaat al";
$correct = false;
throw new usernameException("Gebruikersnaam bestaal al");
}
}
/* checks if an input is longer that 8 characters. */
function longerEight($variable){
if (strlen($GLOBALS[$variable]) < 8) {
$GLOBALS[$variable . "Err"] = "Moet minstens 8 karakters bevatten";
$correct = false;
if (empty($variable)) {
throw new passwordException("Verplicht!");
} else if (strlen($variable) < 8) {
throw new passwordException("Moet minstens 8 karakters bevatten");
}
}
/* checks if an input is a valid email. */
function validateEmail($variable){
if (!filter_var($GLOBALS[$variable], FILTER_VALIDATE_EMAIL)) {
$GLOBALS[$variable . "Err"] = "Geldige email invullen!";
$correct = false;
if (empty($variable)) {
throw new emailException("Verplicht!");
} else if (!filter_var($variable, FILTER_VALIDATE_EMAIL)) {
throw new emailException("Geldige email invullen");
} else if (getExistingEmail() == 1){
$GLOBALS[$variable . "Err"] = "Email bestaat al";
$correct = false;
throw new emailException("Email bestaal al!");
}
}
/* checks if two passwords matches. */
function matchPassword(){
if ($_POST["password"] != $_POST["confirmpassword"]) {
$GLOBALS["confirmpasswordErr"] = "Wachtwoorden matchen niet";
$GLOBALS["correct"] = false;
throw new confirmPasswordException("Wachtwoorden matchen niet!");
}
}
// Checks if everything is filled in correctly
function registerCheck(){
if ($GLOBALS["correct"] == false){
$GLOBALS["genericErr"] = "Bepaalde velden zijn verkeerd of niet ingevuld!";
/* Checks if captcha is correctly filled in */
function checkCaptcha($captcha){
if(!$captcha){
throw new captchaException("Captcha needs to be filled in!");
} else {
$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6Lc72xIUAAAAAPizuF3nUbklCPljVCVzgYespz8o&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']));
if($response->success==false) {
throw new captchaException("You are a spammer!");
}
}
}
/* Get ip adres */
function getIp(){
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$GLOBALS["ip"] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$GLOBALS["ip"] = $_SERVER['REMOTE_ADDR'];
}
}
/* Checks if everything is filled in correctly */
function registerCheck($status){
if ($status == false){
throw new registerException("Bepaalde velden zijn verkeerd of niet ingevuld");
} else {
registerAccount();
header("location: login.php");
}
}
@@ -102,4 +143,69 @@ function test_input($data) {
$data = htmlspecialchars($data);
return $data;
}
class lettersAndSpacesException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class bdayException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class usernameException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class passwordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class confirmPasswordException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class emailException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class captchaException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
class registerException extends Exception
{
public function __construct($message = "", $code = 0, Exception $previous = null)
{
parent::__construct($message, $code, $previous);
}
}
?>

24
website/queries/user.php
View File

@@ -105,18 +105,24 @@ function selectAllUserGroups($userID) {
function selectAllUserPosts($userID) {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`postID`,
`author`,
`title`,
`content`,
`creationdate`
`postID`,
`author`,
`title`,
CASE LENGTH(`content`) >= 150
WHEN TRUE THEN
CONCAT(LEFT(`content`, 150), '...')
WHEN FALSE THEN
`content`
END
AS `content`,
`creationdate`
FROM
`post`
`post`
WHERE
`author` = :userID AND
`groupID` IS NULL
`author` = :userID AND
`groupID` IS NULL
ORDER BY
`creationdate` DESC
`creationdate` DESC
");
$stmt->bindParam(':userID', $userID, PDO::PARAM_INT);

1
website/views/chat-view.php
View File

@@ -16,6 +16,7 @@
// Set default values of a friend.
$username = $friend["username"];
$name = $friend["name"];
$userID = $friend["userID"];
$pf = "img/avatar-standard.png";

1
website/views/login_head.php
View File

@@ -9,4 +9,5 @@
href="styles/index.css">
<script src="/js/jqeury.js"></script>
<script src="/js/registerAndLogin.js"></script>
<script src='https://www.google.com/recaptcha/api.js'></script>
</head>

22
website/views/register-view.php
View File

@@ -41,11 +41,12 @@
<!-- Register birthday -->
<div class="login_containerregister">
<label><b>Geboortedatum</b></label>
<input type="date"
<input type="text"
name="bday"
value="<?php echo $bday ?>"
id="bday"
placeholder="01/01/1900"
placeholder="1996/01/01"
data-fv-date-max=""
>
*<span class="error"> <?php echo $bdayErr;?></span>
</div>
@@ -117,18 +118,23 @@
*<span class="error"> <?php echo $emailErr;?></span>
</div>
<!-- Button for registering -->
<div class="login_containerregister">
<div class="g-recaptcha" data-sitekey="6Lc72xIUAAAAADumlWetgENm7NGd9Npyo0c_tYYQ"></div>
<span class="error"> <?php echo $captchaErr;?></span>
</div>
<!-- Button for registering -->
<div class="login_containerlogin">
<!-- Button for going back to login screen -->
<a href="https://myhyvesbookplus.nl/login.php" class="left-arrow">Login</a>
<button type="submit"
value="Registreer uw account"
name="Submit"
id="frm1_submit">
Registreer
</button>
</div>
</div>
</form>
<div class="login_containerlogin">
<!-- Button for going back to login screen -->
<a href="https://myhyvesbookplus.nl/login.php" class="left-arrow">Login</a>
</div>
</div>