Added Password Change and implemented user change in php class

This commit is contained in:
Krehan Tim 2018-11-09 15:16:36 +01:00
parent 28e7d78de1
commit 3fceb49e47
5 changed files with 88 additions and 7 deletions

View file

@ -10,6 +10,47 @@ function downloadObjectAsJson(exportObj, exportName){
$(document).ready(function(){ $(document).ready(function(){
$("#username-input").focus(function(){$(this).css("color", "black");}); $("#username-input").focus(function(){$(this).css("color", "black");});
$("#mail-input").focus(function(){$(this).css("color", "black");}); $("#mail-input").focus(function(){$(this).css("color", "black");});
// change password
$("#old-password-input").focus(function(){$(this).css("color", "black");});
$("#new-password-input").focus(function(){$(this).css("color", "black");});
$("#check-password-input").focus(function(){$(this).css("color", "black");});
$(".password-input").on("input", function(){
if(
(($("#old-password-input").val()).length>0) &&
(($("#new-password-input").val()).length>0) &&
(($("#check-password-input").val()).length>0) &&
($("#new-password-input").val()==$("#check-password-input").val())
){
$("#passwordSaveButton").prop("disabled", false);
$("#passwordSaveButton").removeClass("button-disabled");
}
else{
$("#passwordSaveButton").prop("disabled", true);
$("#passwordSaveButton").addClass("button-disabled");
}
});
$("#passwordSaveButton").click(function(){
$.post("/php/edit-user.php",
{
function: "change-pw",
current: $("#old-password-input").val(),
new: $("#new-password-input").val()
},
function(data){
if(data==0){
$("#old-password-input").val("");
$("#new-password-input").val("");
$("#check-password-input").val("");
infoPopUp("Passwort erfolgreich geändert!");
}
else {
infoPopUp("Altes Passwort Falsch!");
}
}
);
});
$("#export-recipe-button").click(function(){ $("#export-recipe-button").click(function(){
$.post("/php/edit-recipes.php", {function:"export"}, function(data){ $.post("/php/edit-recipes.php", {function:"export"}, function(data){
downloadObjectAsJson(JSON.parse(data), "recipes"); downloadObjectAsJson(JSON.parse(data), "recipes");

View file

@ -3,7 +3,8 @@
<h1>Settings</h1> <h1>Settings</h1>
<?php <?php
include $_SESSION["docroot"].'/php/classes.user.php'; include $_SESSION["docroot"].'/php/classes.user.php';
$user = new user($_COOKIE["token"]); $user = new user;
$user->get_info($_COOKIE["token"]);
?> ?>
<div class="settings"> <div class="settings">
<h2>User</h2> <h2>User</h2>
@ -17,11 +18,11 @@
</div> </div>
<div class="userpassword-pane pane"> <div class="userpassword-pane pane">
<div class="userpassword"> <div class="userpassword">
<span><font class="attribute">Altes Passwort</font><input class="change-attribute-input" type="text" name="username" placeholder="********"></span> <span><font class="attribute">Altes Passwort</font><input class="change-attribute-input password-input" id="old-password-input" type="password" name="username" placeholder="********"></span>
<span><font class="attribute">Neues Passwort</font><input class="change-attribute-input" type="text" name="username" placeholder="********"></span> <span><font class="attribute">Neues Passwort</font><input class="change-attribute-input password-input" id="new-password-input" type="password" name="username" placeholder="********"></span>
<span><font class="attribute">Passwort bestätigen</font><input class="change-attribute-input" type="text" name="username" placeholder="********"></span> <span><font class="attribute">Passwort bestätigen</font><input class="change-attribute-input password-input" id="check-password-input" type="password" name="username" placeholder="********"></span>
</div> </div>
<button class="button" id="passwordSaveButton">Speichern</button> <button class="button button-disabled" id="passwordSaveButton" disabled>Speichern</button>
</div> </div>
<div class="import-export-pane"> <div class="import-export-pane">
<h2>Import / Export</h2> <h2>Import / Export</h2>

View file

@ -23,6 +23,7 @@
<link rel="shortcut icon" type="image/png" href="/pic/fav.ico"/> <link rel="shortcut icon" type="image/png" href="/pic/fav.ico"/>
<link rel="stylesheet" href="/style/master.css"> <link rel="stylesheet" href="/style/master.css">
<script src="/bin/jquery.js"></script> <script src="/bin/jquery.js"></script>
<script src="/bin/index.js" charset="utf-8"></script>
<title>Einkaufsliste</title> <title>Einkaufsliste</title>
</head> </head>
<body> <body>
@ -80,5 +81,6 @@
echo "</div>"; echo "</div>";
if($site && ($site!="login")){include $_SESSION["docroot"].'/cont/nav.php';} if($site && ($site!="login")){include $_SESSION["docroot"].'/cont/nav.php';}
?> ?>
<div id="info-popup"><font id="info-popup-text"></font></div>
</body> </body>
</html> </html>

View file

@ -1,15 +1,36 @@
<?php <?php
Class user { Class user {
public $uid, $username, $email, $last_login; public $uid, $username, $email, $last_login;
function user($session_id) { private $salt;
function get_info($session_id) {
include $_SESSION["docroot"].'/php/connect.php'; include $_SESSION["docroot"].'/php/connect.php';
$query = "SELECT uid, username, email, last_login FROM `users` WHERE `uid` = (SELECT user FROM `sessions` WHERE `session_id` = \"$session_id\")"; $query = "SELECT uid, username, email, last_login, salt FROM `users` WHERE `uid` = (SELECT user FROM `sessions` WHERE `session_id` = \"$session_id\")";
$result = $mysqli->query($query); $result = $mysqli->query($query);
$user = $result->fetch_assoc(); $user = $result->fetch_assoc();
$this->uid = $user["uid"]; $this->uid = $user["uid"];
$this->username = $user["username"]; $this->username = $user["username"];
$this->email = $user["email"]; $this->email = $user["email"];
$this->last_login = $user["last_login"]; $this->last_login = $user["last_login"];
$this->salt = $user["salt"];
$mysqli->close();
}
function change_password($current, $new){
include $_SESSION["docroot"].'/php/hash.php';
include $_SESSION["docroot"].'/php/connect.php';
$current_pwhash = hash_password($current, $this->salt);
$query = "SELECT `uid` FROM `users` WHERE `uid` = $this->uid AND `password` = '$current_pwhash'";
$result = $mysqli->query($query);
if($result->num_rows===1){
$new_pwdhash = hash_password($new, $this->salt);
$mysqli->query("UPDATE `users` SET `password` = '$new_pwdhash' WHERE `users`.`uid` = $this->uid;");
$mysqli->close();
print_r("0");
}
else{
print_r("1");
}
} }
} }
?> ?>

16
php/edit-user.php Normal file
View file

@ -0,0 +1,16 @@
<?php
session_start();
include $_SESSION["docroot"].'/php/classes.user.php';
$user = new user;
$user->get_info($_COOKIE["token"]);
switch ($_POST["function"]) {
case 'change-pw':
$user->change_password($_POST["current"], $_POST["new"]);
break;
default:
// code...
break;
}
?>