Added comments to javascript code #215
@@ -1,71 +0,0 @@
|
||||
<?php
|
||||
$fb = new Facebook\Facebook([
|
||||
'app_id' => $appID, // Replace {app-id} with your app id
|
||||
'app_secret' => $appSecret,
|
||||
'default_graph_version' => 'v2.2',
|
||||
]);
|
||||
|
||||
$helper = $fb->getRedirectLoginHelper();
|
||||
|
||||
try {
|
||||
$accessToken = $helper->getAccessToken();
|
||||
} catch(Facebook\Exceptions\FacebookResponseException $e) {
|
||||
// When Graph returns an error
|
||||
echo 'Graph returned an error: ' . $e->getMessage();
|
||||
exit;
|
||||
} catch(Facebook\Exceptions\FacebookSDKException $e) {
|
||||
// When validation fails or other local issues
|
||||
echo 'Facebook SDK returned an error: ' . $e->getMessage();
|
||||
exit;
|
||||
}
|
||||
|
||||
if (! isset($accessToken)) {
|
||||
if ($helper->getError()) {
|
||||
header('HTTP/1.0 401 Unauthorized');
|
||||
echo "Error: " . $helper->getError() . "\n";
|
||||
echo "Error Code: " . $helper->getErrorCode() . "\n";
|
||||
echo "Error Reason: " . $helper->getErrorReason() . "\n";
|
||||
echo "Error Description: " . $helper->getErrorDescription() . "\n";
|
||||
} else {
|
||||
header('HTTP/1.0 400 Bad Request');
|
||||
echo 'Bad request';
|
||||
}
|
||||
exit;
|
||||
}
|
||||
|
||||
// Logged in
|
||||
echo '<h3>Access Token</h3>';
|
||||
var_dump($accessToken->getValue());
|
||||
|
||||
// The OAuth 2.0 client handler helps us manage access tokens
|
||||
$oAuth2Client = $fb->getOAuth2Client();
|
||||
|
||||
// Get the access token metadata from /debug_token
|
||||
$tokenMetadata = $oAuth2Client->debugToken($accessToken);
|
||||
echo '<h3>Metadata</h3>';
|
||||
var_dump($tokenMetadata);
|
||||
|
||||
// Validation (these will throw FacebookSDKException's when they fail)
|
||||
$tokenMetadata->validateAppId($appID); // Replace {app-id} with your app id
|
||||
// If you know the user ID this access token belongs to, you can validate it here
|
||||
//$tokenMetadata->validateUserId('123');
|
||||
$tokenMetadata->validateExpiration();
|
||||
|
||||
if (! $accessToken->isLongLived()) {
|
||||
// Exchanges a short-lived access token for a long-lived one
|
||||
try {
|
||||
$accessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
|
||||
} catch (Facebook\Exceptions\FacebookSDKException $e) {
|
||||
echo "<p>Error getting long-lived access token: " . $helper->getMessage() . "</p>\n\n";
|
||||
exit;
|
||||
}
|
||||
|
||||
echo '<h3>Long-lived</h3>';
|
||||
var_dump($accessToken->getValue());
|
||||
}
|
||||
|
||||
$_SESSION['fb_access_token'] = (string) $accessToken;
|
||||
|
||||
// User is logged in with a long-lived access token.
|
||||
// You can redirect them to a members-only page.
|
||||
//header('Location: https://example.com/members.php');
|
||||
@@ -1,116 +0,0 @@
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
<?php
|
||||
include("../views/login_head.php");
|
||||
require_once("../queries/connect.php");
|
||||
include_once("../queries/register.php");
|
||||
include_once("../queries/checkInput.php");
|
||||
include_once("../queries/emailconfirm.php");
|
||||
?>
|
||||
<body>
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if(isset($_SESSION["userID"])){
|
||||
header("location: login.php");
|
||||
}
|
||||
// define variables and set to empty values
|
||||
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
|
||||
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
|
||||
$correct = true;
|
||||
$day_date = "dag";
|
||||
$month_date = "maand";
|
||||
$year_date = "jaar";
|
||||
|
||||
// Trying to register an account
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
try {
|
||||
$name = test_input(($_POST["name"]));
|
||||
checkInputChoice($name, "lettersAndSpaces");
|
||||
} catch(lettersAndSpacesException $e){
|
||||
$correct = false;
|
||||
$nameErr = $e->getMessage();
|
||||
}
|
||||
|
||||
try {
|
||||
$surname = test_input(($_POST["surname"]));
|
||||
checkInputChoice($surname, "lettersAndSpaces");
|
||||
}
|
||||
catch(lettersAndSpacesException $e){
|
||||
$correct = false;
|
||||
$surnameErr = $e->getMessage();
|
||||
}
|
||||
|
||||
try{
|
||||
$day_date = test_input(($_POST["day_date"]));
|
||||
$month_date = test_input(($_POST["month_date"]));
|
||||
$year_date = test_input(($_POST["year_date"]));
|
||||
$bday = $year_date . "-" . $month_date . "-" . $day_date;
|
||||
checkInputChoice($bday, "bday");
|
||||
} catch(bdayException $e){
|
||||
$correct = false;
|
||||
$bdayErr = $e->getMessage();
|
||||
}
|
||||
|
||||
try{
|
||||
$username = str_replace(' ', '', test_input(($_POST["username"])));
|
||||
checkInputChoice($username, "username");
|
||||
} catch(usernameException $e){
|
||||
$correct = false;
|
||||
$usernameErr = $e->getMessage();
|
||||
}
|
||||
|
||||
try{
|
||||
$password = str_replace(' ', '', test_input(($_POST["password"])));
|
||||
checkInputChoice($password, "longerEight");
|
||||
matchPassword();
|
||||
} catch(passwordException $e){
|
||||
$correct = false;
|
||||
$passwordErr = $e->getMessage();
|
||||
} catch(confirmPasswordException $e){
|
||||
$correct = false;
|
||||
$confirmPasswordErr = $e->getMessage();
|
||||
}
|
||||
|
||||
try{
|
||||
$location = test_input(($_POST["location"]));
|
||||
checkInputChoice($location, "lettersAndSpaces");
|
||||
} catch(lettersAndSpacesException $e){
|
||||
$correct = false;
|
||||
$locationErr = $e->getMessage();
|
||||
}
|
||||
|
||||
try{
|
||||
$email = test_input(($_POST["email"]));
|
||||
checkInputChoice($email, "email");
|
||||
$confirmEmail = test_input(($_POST["confirmEmail"]));
|
||||
matchEmail();
|
||||
} catch(emailException $e){
|
||||
$correct = false;
|
||||
$emailErr = $e->getMessage();
|
||||
} catch(confirmEmailException $e){
|
||||
$correct = false;
|
||||
$confirmEmailErr = $e->getMessage();
|
||||
}
|
||||
|
||||
try{
|
||||
$captcha = $_POST['g-recaptcha-response'];
|
||||
checkCaptcha($captcha);
|
||||
} catch(captchaException $e){
|
||||
$correct = false;
|
||||
$captchaErr = $e->getMessage();
|
||||
}
|
||||
|
||||
try {
|
||||
getIp();
|
||||
registerCheck($correct);
|
||||
sendConfirmEmailUsername($username);
|
||||
} catch(registerException $e){
|
||||
$genericErr = $e->getMessage();
|
||||
}
|
||||
}
|
||||
/* This view adds register view */
|
||||
include("../views/register-view.php");
|
||||
?>
|
||||
</body>
|
||||
</html>
|
||||
@@ -198,12 +198,6 @@ ul {
|
||||
animation-duration: 0.4s
|
||||
}
|
||||
|
||||
/* Add Animation */
|
||||
@-webkit-keyframes animatetop {
|
||||
from {top:-300px; opacity:0}
|
||||
to {top:0; opacity:1}
|
||||
}
|
||||
|
||||
@keyframes animatetop {
|
||||
from {top:-300px; opacity:0}
|
||||
to {top:0; opacity:1}
|
||||
|
||||
@@ -68,7 +68,7 @@ function validateBday($variable){
|
||||
}
|
||||
}
|
||||
|
||||
// Checks for date
|
||||
/* Checks for date */
|
||||
function validateDate($date, $format)
|
||||
{
|
||||
$d = DateTime::createFromFormat($format, $date);
|
||||
@@ -124,7 +124,7 @@ function validateEmail($variable){
|
||||
throw new emailException("Mag maximaal 50 karakters!");
|
||||
}
|
||||
}
|
||||
//255
|
||||
|
||||
/* checks if an input is a valid email. */
|
||||
function validateFBEmail($variable){
|
||||
if (empty($variable)) {
|
||||
@@ -138,6 +138,7 @@ function validateFBEmail($variable){
|
||||
}
|
||||
}
|
||||
|
||||
/* checks if email is the same */
|
||||
function matchEmail(){
|
||||
if (strtolower($_POST["email"]) != strtolower($_POST["confirmEmail"])){
|
||||
throw new confirmEmailException("Emails matchen niet!");
|
||||
@@ -153,7 +154,6 @@ function resetEmail($variable){
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* checks if two passwords matches. */
|
||||
function matchPassword(){
|
||||
if ($_POST["password"] != $_POST["confirmpassword"]) {
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
//Find matching password with the inputted username/emailadress.
|
||||
function getUser() {
|
||||
$stmt = prepareQuery("
|
||||
SELECT
|
||||
@@ -34,6 +35,7 @@ function getUserID() {
|
||||
}
|
||||
|
||||
function validateLogin($username, $password, $url){
|
||||
echo $url;
|
||||
// Empty username or password field
|
||||
if (empty($username) || empty($password)) {
|
||||
throw new loginException("Inloggegevens zijn niet ingevuld");
|
||||
@@ -44,7 +46,7 @@ function validateLogin($username, $password, $url){
|
||||
$userID = getUser()["userID"];
|
||||
$role = getUser()["role"];
|
||||
|
||||
// If there's an account, go to the profile page
|
||||
// If there's an account, check if the account is banned, frozen or unconfirmed.
|
||||
if(password_verify($psw, $hash)) {
|
||||
if ($role == "banned"){
|
||||
echo "<script>
|
||||
@@ -75,8 +77,9 @@ function validateLogin($username, $password, $url){
|
||||
$_SESSION["userID"] = $userID;
|
||||
if(!isset($url) or $url == "") {
|
||||
header("location: profile.php");
|
||||
echo "succes";
|
||||
} else{
|
||||
header("location: $url");
|
||||
header("location: ".$url);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
<!-- The Modal -->
|
||||
<div id="fbModal" class="modal">
|
||||
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
|
||||
return= $correct
|
||||
method="post"
|
||||
name="fbModal">
|
||||
|
||||
@@ -66,17 +65,16 @@
|
||||
</div>
|
||||
<?php } ?>
|
||||
</div>
|
||||
*<span class="error"> <?php echo $fbEmailErr;?></span>
|
||||
<span class="error"> <?php echo $fbEmailErr;?></span>
|
||||
<div class="modal-footer">
|
||||
<button type="submit"
|
||||
value="fbRegister"
|
||||
name="submit"
|
||||
id="frm1_submit">
|
||||
name="submit">
|
||||
Registreer account
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- Facebook information-->
|
||||
<input type="hidden"
|
||||
name="fbName"
|
||||
value="<?php echo $fbName ?>">
|
||||
|
||||
@@ -4,7 +4,6 @@
|
||||
<!-- The Modal -->
|
||||
<div id="myModal" class="modal">
|
||||
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
|
||||
return= $correct
|
||||
method="post"
|
||||
name="forgotPassword">
|
||||
|
||||
@@ -26,8 +25,7 @@
|
||||
<div class="login_containerfault"><span><?php echo $resetErr; ?></span></div>
|
||||
<button type="submit"
|
||||
value="reset"
|
||||
name="submit"
|
||||
id="frm1_submit">
|
||||
name="submit">
|
||||
Reset password
|
||||
</button>
|
||||
</div>
|
||||
|
||||
@@ -11,16 +11,16 @@ if(isset($_SESSION["userID"])){
|
||||
// Facebook variables
|
||||
$appID = "353857824997532";
|
||||
$appSecret = "db47e91ffbfd355fdd11b4b65eade851";
|
||||
$fbUsername = $fbPassword = $fbConfirmpassword = "";
|
||||
$fbUsername = $fbPassword = $fbConfirmpassword = $fbName = $fbSurname = $fbBday = $fbEmail = $fbUserID = "";
|
||||
$fbUsernameErr = $fbPasswordErr = $fbConfirmpasswordErr = $fbEmailErr = $fbBdayErr = "";
|
||||
$fbCorrect = true;
|
||||
$fbName = $fbSurname = $fbBday = $fbEmail = $fbUserID = "";
|
||||
|
||||
// Register variables
|
||||
$name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = $confirmEmail = $captcha = $ip = "";
|
||||
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = $confirmEmailErr = $captchaErr = "";
|
||||
$correct = true;
|
||||
|
||||
// Bday dates
|
||||
$day_date = $month_date = $year_date = "";
|
||||
$fbDay_date = $fbMonth_date = $fbYear_date = "";
|
||||
|
||||
@@ -28,22 +28,14 @@ $fbDay_date = $fbMonth_date = $fbYear_date = "";
|
||||
$user = $psw = $remember ="";
|
||||
$loginErr = $resetErr = $fbRegisterErr ="";
|
||||
|
||||
//if ($_SERVER["REQUEST_METHOD"] == "GET") {
|
||||
// try {
|
||||
// $user = ($_POST["user"]);
|
||||
// validateLogin($_POST["user"], $_POST["psw"], "https://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]");
|
||||
// } catch(loginException $e) {
|
||||
// $loginErr = $e->getMessage();
|
||||
// }
|
||||
//}
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$url = $_POST["url"];
|
||||
// Checks for which button is pressed
|
||||
switch ($_POST["submit"]) {
|
||||
case "login":
|
||||
try {
|
||||
$user = ($_POST["user"]);
|
||||
validateLogin($_POST["user"], $_POST["psw"], $_POST["url"]);
|
||||
validateLogin($_POST["user"], $_POST["psw"], $url);
|
||||
} catch(loginException $e) {
|
||||
$loginErr = $e->getMessage();
|
||||
}
|
||||
@@ -62,18 +54,22 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
}
|
||||
break;
|
||||
case "register":
|
||||
include("register.php");
|
||||
include("../views/register.php");
|
||||
break;
|
||||
case "fbRegister":
|
||||
include("fbRegister.php");
|
||||
include("../views/fbRegister.php");
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
// Get facebook information with facebook PHP SDK.
|
||||
$fb = new Facebook\Facebook([
|
||||
'app_id' => $appID,
|
||||
'app_secret' => $appSecret,
|
||||
'default_graph_version' => 'v2.2',
|
||||
]);
|
||||
|
||||
// Redirect back to login.php after logging/canceling with facebook.
|
||||
$redirect = "https://myhyvesbookplus.nl/login.php";
|
||||
$helper = $fb->getRedirectLoginHelper();
|
||||
|
||||
@@ -88,6 +84,7 @@ try {
|
||||
exit;
|
||||
}
|
||||
|
||||
// If theres no facebook account logged in, ask for permission.
|
||||
if(!isset($acces_token)){
|
||||
$permission=["email", "user_birthday"];
|
||||
$loginurl=$helper->getLoginUrl($redirect,$permission);
|
||||
@@ -96,13 +93,14 @@ if(!isset($acces_token)){
|
||||
$response = $fb->get('/me?fields=email,name,birthday');
|
||||
$usernode = $response->getGraphUser();
|
||||
|
||||
// Get facebook information
|
||||
$nameSplit = explode(" ", $usernode->getName());
|
||||
$fbName = $nameSplit[0];
|
||||
$fbSurname = $nameSplit[1];
|
||||
$fbUserID = $usernode->getID();
|
||||
$fbEmail = $usernode->getProperty("email");
|
||||
// $image = 'https://graph.facebook.com/' . $usernode->getId() . '/picture?width=200';
|
||||
|
||||
// If there is an account, check if the account is banned or frozen.
|
||||
if (fbLogin($fbUserID) == 1) {
|
||||
$fbID = getfbUserID($fbUserID)["userID"];
|
||||
$fbRole = getfbUserID($fbUserID)["role"];
|
||||
@@ -110,16 +108,20 @@ if(!isset($acces_token)){
|
||||
echo "<script>
|
||||
window.onload=bannedAlert();
|
||||
</script>";
|
||||
|
||||
} else if($fbRole == "frozen"){
|
||||
$_SESSION["userID"] = $fbID;
|
||||
echo "<script>
|
||||
window.onload=frozenAlert();
|
||||
window.location.href= 'profile.php';
|
||||
</script>";
|
||||
|
||||
} else {
|
||||
$_SESSION["userID"] = $fbID;
|
||||
header("location: profile.php");
|
||||
|
||||
}
|
||||
// Registration with faceobook if theres no account.
|
||||
} else {
|
||||
echo "<script>
|
||||
window.onload = function() {
|
||||
|
||||
@@ -13,12 +13,16 @@
|
||||
<h1>Welkom bij MyHyvesbook+</h1>
|
||||
<!-- Login content -->
|
||||
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
|
||||
return=$correct
|
||||
method="post"
|
||||
name="login">
|
||||
|
||||
<!-- Url parameter -->
|
||||
<input type="hidden"
|
||||
name="url"
|
||||
value="<?= $_GET["url"] ?>"/>
|
||||
value="<?php
|
||||
if(isset($_GET["url"])) {
|
||||
echo $_GET["url"];
|
||||
} ?>"/>
|
||||
|
||||
<!-- Login name -->
|
||||
<div class="login_containerlogin">
|
||||
@@ -50,8 +54,7 @@
|
||||
<div class="login_containerlogin">
|
||||
<button type="submit"
|
||||
value="login"
|
||||
name="submit"
|
||||
id="frm1_submit">
|
||||
name="submit">
|
||||
Inloggen
|
||||
</button>
|
||||
</div>
|
||||
@@ -72,5 +75,7 @@
|
||||
<?php
|
||||
if(!isset($acces_token)) {
|
||||
echo '<div class="login_containerlogin"><a class="fbButton" href="' . $loginurl . '"><i class="fa fa-facebook-square"></i> login met Facebook!</a></div>';
|
||||
} else {
|
||||
echo '<div class="login_containerlogin"><a class="fbButton" href="' . "https://myhyvesbookplus.nl/login.php" . '"><i class="fa fa-facebook-square"></i> loguit Facebook sessie</a></div>';
|
||||
}
|
||||
?>
|
||||
@@ -4,7 +4,6 @@
|
||||
<!-- The Modal -->
|
||||
<div id="registerModal" class="modal">
|
||||
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
|
||||
return= $correct
|
||||
method="post"
|
||||
name="forgotPassword">
|
||||
|
||||
@@ -15,14 +14,11 @@
|
||||
<h3>Registreer uw account</h3>
|
||||
</div>
|
||||
<div class="modal-body">
|
||||
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"
|
||||
return= $correct
|
||||
method="post">
|
||||
|
||||
<div class="login_containerregister"><label>U krijgt een bevestigingsemail na het registreren</label></div>
|
||||
|
||||
<!-- Error message -->
|
||||
<div class="login_containerfault"><?php echo $genericErr;?></span></div>
|
||||
<div class="login_containerfault"><span><?php echo $genericErr;?></span></div>
|
||||
|
||||
<!-- Register name -->
|
||||
<div class="login_containerregister">
|
||||
@@ -82,7 +78,6 @@
|
||||
placeholder="Voer uw wachtwoord in"
|
||||
name="password"
|
||||
value="<?php echo $password ?>"
|
||||
id="password"
|
||||
required>
|
||||
*<span class="error"> <?php echo $passwordErr;?></span>
|
||||
<ul>
|
||||
@@ -96,7 +91,6 @@
|
||||
placeholder="Herhaal wachtwoord"
|
||||
name="confirmpassword"
|
||||
value="<?php echo $confirmpassword ?>"
|
||||
id="confirmpassword"
|
||||
title="Herhaal wachtwoord"
|
||||
required>
|
||||
*<span class="error"> <?php echo $confirmpasswordErr;?></span>
|
||||
@@ -120,7 +114,6 @@
|
||||
placeholder="Voer uw email in"
|
||||
name="email"
|
||||
value="<?php echo $email ?>"
|
||||
id="email"
|
||||
title="Voer een geldige email in"
|
||||
required>
|
||||
*<span class="error"> <?php echo $emailErr;?></span>
|
||||
@@ -133,7 +126,6 @@
|
||||
placeholder="Herhaal uw email"
|
||||
name="confirmEmail"
|
||||
value="<?php echo $confirmEmail ?>"
|
||||
id="email"
|
||||
title="Herhaal uw email"
|
||||
required>
|
||||
*<span class="error"> <?php echo $confirmEmailErr;?></span>
|
||||
@@ -152,8 +144,7 @@
|
||||
<!-- Register button -->
|
||||
<button type="submit"
|
||||
value="register"
|
||||
name="submit"
|
||||
id="frm1_submit">
|
||||
name="submit">
|
||||
Registreer
|
||||
</button>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user