MyHyvesBookPlus/WebDB
1
0
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

Hendrik testing #64

Merged
11342374 merged 35 commits from hendrik-testing into master 2017-01-18 16:08:50 +01:00
Conversation 2 Commits 35 Files Changed 27 +312 -137
14 changed files with 312 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit cd954a8c4c - Show all commits

2
.gitignore vendored
View File

@@ -117,7 +117,7 @@ Temporary Items
# *.pdf # *.pdf
## Generated if empty string is given at "Please type another file name for output:" ## Generated if empty string is given at "Please type another file name for output:"
projectplan.pdf projectplan/projectplan.pdf
## Bibliography auxiliary files (bibtex/biblatex/biber): ## Bibliography auxiliary files (bibtex/biblatex/biber):
*.bbl *.bbl

BIN
projectplan/projectplan.pdf
View File

Binary file not shown.

80
projectplan/projectplan.tex
View File

@@ -14,6 +14,9 @@
\documentclass{uva-inf-article} \documentclass{uva-inf-article}
\usepackage[dutch]{babel} \usepackage[dutch]{babel}
\usepackage{enumitem} \usepackage{enumitem}
\usepackage{pgfgantt}
\usepackage{pdflscape}
\usepackage{geometry}
%------------------------------------------------------------------------------- %-------------------------------------------------------------------------------
% GEGEVENS VOOR IN DE TITEL % GEGEVENS VOOR IN DE TITEL
@@ -173,6 +176,83 @@ Voor deze opdracht hebben we met 5 mensen 4 weken de tijd.
%Zet de planning indien gewenst in een apart document %Zet de planning indien gewenst in een apart document
%\input{planning} %\input{planning}
\newgeometry{top=20mm, bottom=20mm, left=10mm, right=10mm}
\begin{landscape}
\section{Planning}
\begin{ganttchart}[
vgrid,
hgrid,
x unit=1cm,
y unit title=.6cm,
y unit chart=.7cm,
group left peak width=.2,
group right peak width=.2
]{1}{21}
\gantttitle{MyHyvesBook+}{21} \ganttnewline
\gantttitle{Week 1}{5}
\gantttitle{Week 2}{5}
\gantttitle{Week 3}{5}
\gantttitle{Week 4}{5} \ganttnewline
\gantttitlelist{9,...,13}{1}
\gantttitlelist{16,...,20}{1}
\gantttitlelist{23,...,27}{1}
\gantttitlelist{30,31,1,2,3}{1} \ganttnewline
\ganttbar{Inleiden}{1}{1} \ganttnewline
\ganttlinkedgroup{Frontend}{2}{5} \ganttnewline
\ganttbar{html/views}{2}{5} \ganttnewline
\ganttbar{css/styles}{2}{5} \ganttnewline
\ganttbar{javascript}{2}{5} \ganttnewline
\ganttmilestone{Week 1}{5} \ganttnewline
\ganttlink[link mid=.833]{elem2}{elem5}
\ganttlink[link mid=.75]{elem3}{elem5}
\ganttlink[link mid=.5]{elem4}{elem5}
\ganttlinkedgroup{Backend}{6}{10} \ganttnewline
\ganttbar{Database/PhpMyAdmin}{6}{6} \ganttnewline
\ganttbar{SQL-queries/MySql}{7}{10} \ganttnewline
\ganttbar{Forms/php}{6}{10} \ganttnewline
\ganttbar{Livechat/AJAX, PHP}{6}{10} \ganttnewline
\ganttmilestone{Week 2}{10} \ganttnewline
\ganttlink[link mid=.5]{elem7}{elem8}
\ganttlink[link mid=.833]{elem8}{elem11}
\ganttlink[link mid=.75]{elem9}{elem11}
\ganttlink[link mid=.5]{elem10}{elem11}
\ganttbar{Beveiliging/testen}{6}{15} \ganttnewline
\ganttgroup{Gebruiksvriendleijk}{11}{15} \ganttnewline
\ganttbar{Mobileformaat}{11}{15} \ganttnewline
\ganttbar{Restyle}{11}{15} \ganttnewline
\ganttbar{Extra's}{11}{15} \ganttnewline
\ganttbar{Code opschonen}{14}{15} \ganttnewline
\ganttmilestone{Week 3}{15} \ganttnewline
\ganttlink[link mid=.75]{elem11}{elem13}
\ganttlink[link mid=.917]{elem12}{elem18}
\ganttlink[link mid=.875]{elem14}{elem18}
\ganttlink[link mid=.833]{elem15}{elem18}
\ganttlink[link mid=.75]{elem16}{elem18}
\ganttlink[link mid=.5]{elem17}{elem18}
\ganttlinkedgroup{Afronding}{16}{20} \ganttnewline
\ganttbar{Rapport}{16}{20} \ganttnewline
\ganttbar{Documentatie}{16}{20} \ganttnewline
\ganttbar{Demo}{18}{20} \ganttnewline
\ganttmilestone{Finshed!}{20}
\ganttlink[link mid=.833]{elem20}{elem23}
\ganttlink[link mid=.75]{elem21}{elem23}
\ganttlink[link mid=.5]{elem22}{elem23}
\end{ganttchart}
\end{landscape}
%------------------------------------------------------------------------------- %-------------------------------------------------------------------------------
% BIJLAGEN EN EINDE % BIJLAGEN EN EINDE

47
website/public/login.php
View File

@@ -1,7 +1,9 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<?php <?php
include("../views/login_head.php"); include("../views/login_head.php");
include_once("../queries/connect.php");
include_once("../queries/login.php");
?> ?>
<body> <body>
<?php <?php
@@ -11,7 +13,6 @@ include("../views/login_head.php");
$uname = $psw =""; $uname = $psw ="";
$loginErr =""; $loginErr ="";
// Trying to login // Trying to login
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
// Empty username or password field // Empty username or password field
@@ -20,49 +21,23 @@ include("../views/login_head.php");
} }
else { else {
$uname=$_POST["uname"]; $uname=strtolower($_POST["uname"]);
$psw=$_POST["psw"]; $psw=$_POST["psw"];
$hash=hashPassword()["password"];
// Protection against MySQL injections $userid=hashPassword()["userID"];
$uname = stripslashes($uname);
$psw = stripslashes($psw);
$uname = mysql_real_escape_string($uname);
$psw = mysql_real_escape_string($psw);
// Database information
$servername = "agile136.science.uva.nl";
$username = "mhbp";
$password = "qdtboXhCHJyL2szC";
// Creates connection
$conn = new mysqli($servername, $username, $password);
// Selects database
$db = mysql_select_db("company", $connection);
// Query for listing all accounts that meets the requirement of the login information
$query = mysql_query("select * from login where password='$psw' AND username='$uname'", $connection);
// Checks if there's an account
$count = mysql_num_rows($query);
// If there's an account, go to the profile page // If there's an account, go to the profile page
if($count == 1) { if(password_verify($psw.$uname, $hash)) {
$_SESSION[$uname] = $uname; $_SESSION["userID"] = $userid;
$_SESSION[$userID] = $userID; header("location: /profile.php");
header("location: myhyvesbookplus.nl/profile.php"); } else {
}else {
$loginErr = "Inloggegevens zijn niet correct"; $loginErr = "Inloggegevens zijn niet correct";
} }
// Closing Connection
mysql_close($connection);
} }
} }
/* This view adds login view */ /* This view adds login view */
include("../views/login-view.php"); include("../views/login-view.php");
?> ?>

77
website/public/register.php
View File

@@ -3,6 +3,7 @@
<?php <?php
include("../views/login_head.php"); include("../views/login_head.php");
include_once("../queries/connect.php"); include_once("../queries/connect.php");
include_once("../queries/register.php");
?> ?>
<body> <body>
@@ -10,8 +11,8 @@
session_start(); session_start();
// define variables and set to empty values // define variables and set to empty values
$name = $surname = $bday = $username = $password = $confirmpassword = $streetname = $housenumber = $email = ""; $name = $surname = $bday = $username = $password = $confirmpassword = $location = $housenumber = $email = "";
$genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $streetnameErr = $housenumberErr = $emailErr = ""; $genericErr = $nameErr = $surnameErr = $bdayErr = $usernameErr = $passwordErr = $confirmpasswordErr = $locationErr = $housenumberErr = $emailErr = "";
$correct = true; $correct = true;
// Saves information of filling in the form // Saves information of filling in the form
@@ -35,8 +36,8 @@
$password = $_POST["password"]; $password = $_POST["password"];
} }
if (isset($_POST["streetname"])) { if (isset($_POST["location"])) {
$streetname = $_POST["streetname"]; $location = $_POST["location"];
} }
if (isset($_POST["housenumber"])) { if (isset($_POST["housenumber"])) {
@@ -87,6 +88,10 @@
$usernameErr = "Gebruikersnaam moet minstens 6 karakters bevatten"; $usernameErr = "Gebruikersnaam moet minstens 6 karakters bevatten";
$correct = false; $correct = false;
} else if (getExistingUsername() == 1){
$usernameErr = "Gebruikersnaam bestaat al";
$correct = false;
} }
} }
@@ -108,30 +113,24 @@
} }
if ($_POST["password"]!= $_POST["confirmpassword"]) { if ($_POST["password"] != $_POST["confirmpassword"]) {
$confirmpasswordErr = "Wachtwoorden matchen niet"; $confirmpasswordErr = "Wachtwoorden matchen niet";
$correct = false; $correct = false;
} }
if (empty($_POST["streetname"])) { if (empty($_POST["location"])) {
$streetnameErr = "Straatnaam is verplicht!"; $locationErr = "Straatnaam is verplicht!";
$correct = false; $correct = false;
} else { } else {
if (!preg_match("/^[a-zA-Z ]*$/",$streetname)) { if (!preg_match("/^[a-zA-Z ]*$/",$location)) {
$streetnameErr = "Alleen letters en spaties zijn toegestaan!"; $locationErr = "Alleen letters en spaties zijn toegestaan!";
$correct = false; $correct = false;
} }
} }
if (empty($_POST["housenumber"])) {
$housenumberErr = "Huisnummer is verplicht!";
$correct = false;
}
if (empty($_POST["email"])) { if (empty($_POST["email"])) {
$emailErr = "Email is verplicht!"; $emailErr = "Email is verplicht!";
$correct = false; $correct = false;
@@ -140,6 +139,11 @@
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Geldige email invullen!"; $emailErr = "Geldige email invullen!";
$correct = false; $correct = false;
} else if (getExistingEmail() == 1){
$emailErr = "Email bestaat al";
$correct = false;
} }
} }
@@ -148,48 +152,9 @@
$genericErr = "Bepaalde velden zijn verkeerd of niet ingevuld!"; $genericErr = "Bepaalde velden zijn verkeerd of niet ingevuld!";
} else { } else {
$servername = "agile136.science.uva.nl"; registerAccount();
$username = "mhbp"; header("location: login.php");
$password = "qdtboXhCHJyL2szC";
// Creates connection
$conn = new mysqli($servername, $username, $password);
// Checks connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// Query for inserting all the data in the database
$sql = "INSERT INTO
VALUES ($name, $surname, $bday, $username, $password,
$confirmpassword, $streetname, $housenumber, $email)";
// Checks if able to insert into database
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
<?php
/* Execute a prepared statement by binding PHP variables */
$calories = 150;
$colour = 'red';
$sth = $dbh->prepare('SELECT name, colour, calories
FROM fruit
WHERE calories < :calories AND colour = :colour');
$sth->bindParam(':calories', $calories, PDO::PARAM_INT);
$sth->bindParam(':colour', $colour, PDO::PARAM_STR, 12);
$sth->execute();
?>
// Closing connection
mysql_close($connection);
} }
} }

23
website/public/settings.php
View File

@@ -3,7 +3,6 @@
<head> <head>
<?php <?php
include("../views/head.php"); include("../views/head.php");
$_SESSION["userID"] = 2;
include_once("../queries/connect.php"); include_once("../queries/connect.php");
include_once("../queries/settings.php"); include_once("../queries/settings.php");
?> ?>
@@ -13,22 +12,26 @@
</head> </head>
<body> <body>
<?php <?php
/*
* This view adds the main layout over the screen.
* Header and menu.
*/
include("../views/main.php"); include("../views/main.php");
if ($_SERVER["REQUEST_METHOD"] == "POST") { if ($_SERVER["REQUEST_METHOD"] == "POST") {
updateSettings(); switch ($_POST["form"]) {
}?> case "profile":
$result = updateSettings();
break;
case "password":
$result = updatePassword();
break;
case "email":
break;
case "picture":
break;
}
}
<?php
/* Add your view files here. */
include("../views/settings-view.php"); include("../views/settings-view.php");
/* This adds the footer. */
include("../views/footer.php"); include("../views/footer.php");
?> ?>

3
website/public/styles/index.css
View File

@@ -59,8 +59,9 @@ div[data-title]:hover:after{
body { body {
height: 900px; height: 900px;
background-image: url(https://images2.pixlis.com/background-image-plaid-checkered-seamless-tileable-235ftm.png); background-image: url(https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTEnqKdVtLbxjKuNsCSCxFRhTOpp3Gm0gsU8bMgA_MeUYyzrUFy);
background-size: contain; background-size: contain;
background-repeat: repeat-x;
background-attachment: fixed; background-attachment: fixed;
/*background-color: #B78996;*/ /*background-color: #B78996;*/

11
website/public/styles/settings.css
View File

@@ -5,6 +5,17 @@
.settings-password { .settings-password {
margin-right: 15px; margin-right: 15px;
} }
.settings-message {
color: white;
}
.settings-message-angry {
background-color: firebrick;
}
.settings-message-happy {
background-color: forestgreen;
}
.settings li { .settings li {

4
website/queries/connect.php
View File

@@ -8,6 +8,4 @@ else {
$GLOBALS["db"] = new PDO("mysql:host=$dbconf->mysql_host;dbname=$dbconf->mysql_database;charset=utf8", $GLOBALS["db"] = new PDO("mysql:host=$dbconf->mysql_host;dbname=$dbconf->mysql_database;charset=utf8",
"$dbconf->mysql_username", "$dbconf->mysql_password") "$dbconf->mysql_username", "$dbconf->mysql_password")
or die('Error connecting to mysql server'); or die('Error connecting to mysql server');
} }
?>

19
website/queries/login.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
function hashPassword() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
`userID`
FROM
`user`
WHERE
`username` LIKE :username
");
$stmt->bindParam(":username", $_POST["uname"]);
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
?>

62
website/queries/register.php Normal file
View File

@@ -0,0 +1,62 @@
<?php
function getExistingUsername() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`username`
FROM
`user`
WHERE
`username` LIKE :username
");
$stmt->bindParam(":username", $_POST["username"]);
$stmt->execute();
return $stmt->rowCount();
}
function getExistingEmail() {
$stmt = $GLOBALS["db"]->prepare("
SELECT * FROM `user` WHERE `email` = :email
");
$stmt->bindParam(":email", $_POST["email"]);
$stmt->execute();
return $stmt->rowCount();
}
function registerAccount() {
$stmt = $GLOBALS["db"]->prepare("
INSERT INTO
`user`(fname,
lname,
birthdate,
username,
password,
location,
email)
VALUES(
:fname,
:lname,
:bday,
:username,
:password,
:location,
:email
)");
$hash=password_hash($_POST["password"].(strtolower($_POST["username"])), PASSWORD_DEFAULT);
$stmt->bindParam(":fname", $_POST["name"]);
$stmt->bindParam(":lname", $_POST["surname"]);
$stmt->bindParam(":bday", $_POST["bday"]);
$stmt->bindParam(":username", $_POST["username"]);
$stmt->bindParam(":password", $hash);
$stmt->bindParam(":location", $_POST["location"]);
$stmt->bindParam(":email", $_POST["email"]);
$stmt->execute();
$stmt->rowCount();
}
?>

67
website/queries/settings.php
View File

@@ -10,9 +10,9 @@ function getSettings() {
`birthdate`, `birthdate`,
`bio`, `bio`,
`profilepicture` `profilepicture`
FROM FROM
`user` `user`
WHERE WHERE
`userID` = :userID `userID` = :userID
"); ");
@@ -21,6 +21,21 @@ function getSettings() {
return $stmt->fetch(); return $stmt->fetch();
} }
function getPasswordHash() {
$stmt = $GLOBALS["db"]->prepare("
SELECT
`password`,
`username`
FROM
`user`
WHERE
`userID` = :userID
");
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->fetch();
}
function updateSettings() { function updateSettings() {
$stmt = $GLOBALS["db"]->prepare(" $stmt = $GLOBALS["db"]->prepare("
UPDATE UPDATE
@@ -43,4 +58,52 @@ function updateSettings() {
$stmt->bindParam(":userID", $_SESSION["userID"]); $stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute(); $stmt->execute();
return array (
"type" => "settings-message-happy",
"message" => "Instellingen zijn opgeslagen."
);
}
function updatePassword() {
$user = getPasswordHash();
if (password_verify($_POST["password-old"].strtolower($user["username"]), $user["password"])) {
if ($_POST["password-new"] == $_POST["password-confirm"] && (strlen($_POST["password-new"]) >= 8)) {
if (changePassword($user)) {
return array ("type" => "settings-message-happy",
"message" => "Wachtwoord gewijzigd.");
} else {
return array (
"type" => "settings-message-angry",
"message" => "Er is iets mis gegaan.");
}
} else {
return array (
"type" => "settings-message-angry",
"message" => "Wachtwoorden komen niet oveeen."
);
}
} else {
return array(
"type" => "settings-message-angry",
"message" => "Oud wachtwoord niet correct."
);
}
}
function changePassword($user) {
$stmt =$GLOBALS["db"]->prepare("
UPDATE
`user`
SET
`password` = :new_password
WHERE
`userID` = :userID
");
$hashed_password = password_hash($_POST["password-new"].strtolower($user["username"]), PASSWORD_DEFAULT);
$stmt->bindParam(":new_password", $hashed_password);
$stmt->bindParam(":userID", $_SESSION["userID"]);
$stmt->execute();
return $stmt->rowCount();
} }

24
website/views/register-view.php
View File

@@ -94,28 +94,16 @@
<span class="error">* <?php echo $confirmpasswordErr;?></span> <span class="error">* <?php echo $confirmpasswordErr;?></span>
</div> </div>
<!-- Register streetname --> <!-- Register location -->
<div class="login_containerregister"> <div class="login_containerregister">
<label><b>Straatnaam</b></label> <label><b>Woonplaats</b></label>
<input type="text" <input type="text"
placeholder="Voer uw straatnaam in" placeholder="Voer uw woonplaats in"
name="streetname" name="location"
value="<?php echo $streetname ?>" value="<?php echo $location ?>"
pattern="[A-Za-z]{1,}" pattern="[A-Za-z]{1,}"
title="Mag alleen letters bevatten"> title="Mag alleen letters bevatten">
<span class="error">* <?php echo $streetnameErr;?></span> <span class="error">* <?php echo $locationErr;?></span>
</div>
<!-- Register housenumber -->
<div class="login_containerregister">
<label><b>Huisnummer</b></label>
<input type="text"
placeholder="Voer uw straatnummer in"
name="housenumber"
value="<?php echo $housenumber ?>"
pattern="[1-9][0-9]{0,}"
title="Mag alleen nummers bevatten">
<span class="error">* <?php echo $housenumberErr;?></span>
</div> </div>
<!-- Register email --> <!-- Register email -->

30
website/views/settings-view.php
View File

@@ -4,6 +4,13 @@ $settings = getSettings();
<div class="content"> <div class="content">
<div class="settings"> <div class="settings">
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
echo "<div class='platform settings-message ${result["type"]}'>
${result["message"]}
</div>";
}
?>
<form class="settings-profile platform" method="post"> <form class="settings-profile platform" method="post">
<h5>Profiel Instellingen</h5> <h5>Profiel Instellingen</h5>
<ul> <ul>
@@ -40,7 +47,7 @@ $settings = getSettings();
<input type="date" <input type="date"
name="bday" name="bday"
id="bday" id="bday"
placeholder="01/01/1900" placeholder="yyyy-mm-dd"
value="<?= $settings["birthdate"]?>" value="<?= $settings["birthdate"]?>"
> >
</li> </li>
@@ -54,9 +61,10 @@ $settings = getSettings();
</li> </li>
<li> <li>
<label></label> <label></label>
<input type="submit" <button type="submit"
value="Opslaan" value="profile"
> name="form"
>Opslaan</button>
</li> </li>
</ul> </ul>
</form> </form>
@@ -108,9 +116,10 @@ $settings = getSettings();
> >
</li> </li>
<li> <li>
<input type="submit" <button type="submit"
value="Verander wachtwoord" name="form"
> value="password"
>Verander wachtwoord</button>
</li> </li>
</ul> </ul>
</form> </form>
@@ -143,9 +152,10 @@ $settings = getSettings();
> >
</li> </li>
<li> <li>
<input type="submit" <button type="submit"
value="Verander Email" name="form"
> value="email"
>Verander Email</button>
</li> </li>
</ul> </ul>
</form> </form>