commit d03aa28b43944e4ca84cef3867b3a95694f7af70
parent 67588dd20794bfed3035677e0cd64efd2a9bbe03
Author: Gerco van Woudenbergh <[email protected]>
Date: Wed, 7 Jun 2023 18:01:04 +0200
login klopt nu, verbeterde templating toepassing in index
Diffstat:
9 files changed, 268 insertions(+), 81 deletions(-)
diff --git a/Model/Add_user.php b/Model/Add_user.php
@@ -0,0 +1,99 @@
+<?php
+class Add_user{
+ function read_post() :array{
+ $errors = array(); // initialize an empty array to store errors
+
+ // Check if first_name is set and not empty
+ if (isset($_POST['first_name']) && !empty($_POST['first_name'])) {
+ $first_name = $_POST['first_name'];
+ } else {
+ $errors["first_name"] = "first_name is required";
+ }
+
+ // Check if last_name is set and not empty
+ if (isset($_POST['last_name']) && !empty($_POST['last_name'])) {
+ $last_name = $_POST['last_name'];
+ } else {
+ $errors["last_name"] = "last_name is required";
+ }
+
+ // Check if email is set and not empty
+ if (isset($_POST['email']) && !empty($_POST['email'])) {
+ $email = $_POST['email'];
+ } else {
+ $errors["email"] = "E-mail is required";
+ }
+
+ // Check if password is set and not empty
+ if (isset($_POST['password']) && !empty($_POST['password'])) {
+ $password = $_POST['password'];
+ } else {
+ $errors["password"] = "password is required";
+ }
+
+ // Check if permissions is set
+ if (isset($_POST['permissions'])) {
+ $permissions = $_POST['permissions'];
+ } else {
+ $errors["password"] = "Permissions are required";
+ }
+
+ if (count($errors) > 0) {
+ // Print out the errors
+ return $errors;
+ } else {
+ create_user($fname, $lname, $email, $password, $permissions);
+ return ["msg" => "succes! user with email: {$email} was added to the db"];
+ }
+ }
+ function create_permission_radials():string{
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
+ //select the available permissions from the database
+ $all_p = $db->all(Permissions::class);
+ $radials = "";
+ foreach($all_p as $db_permission){
+ $radials .= "<div class=\"mb-3 form-check\">
+ <input type=\"checkbox\" class=\"form-check-input\" name=\"permissions[]\" value=" . $db_permission->id . "\">
+ <label class=\"form-check-label\" for=" . $db_permission->name . ">" . $db_permission->name . "</label>
+ </div> ";
+ }
+ return $radials;
+ }
+
+ function create_user(string $first_name, string $last_name, string $email, string $password, array $permissions){
+ $u = $db->get(User::class);
+ //check if email already exists
+ if($u->where("email", $email)){
+ $msg = "this email address is taken: " . $email;
+ }else{
+ $u = $db->get(User::class);
+ //set new user data
+ $u->email = $email;
+ $u->first_name = $first_name;
+ $u->last_name = $last_name;
+ //hash the pwd
+ $hashed_pwd = password_hash($password, PASSWORD_DEFAULT);
+ $u->password = $hashed_pwd;
+
+ //add user with the add function
+ if(!$u->add()){
+ throw new ErrorException("Could not add user to database");
+ };
+ $u = $db->get(User::class);
+ $u->where("email", $email);
+ //create a database object with table permission for each permission
+ //set the data and execute the add function
+ foreach($permissions as $permission){
+ $p = $db->get(Permission_user::class);
+ $p->user_id = $u->user_id;
+ $p->permission_id = (int) $permission;
+ if(!$p->add())
+ {
+ throw new ErrorException("Could not add user_permissions to database");
+ }
+ }
+ }
+ }
+}
+?>
+
+\ No newline at end of file
diff --git a/Model/Login_handler.php b/Model/Login_handler.php
@@ -1,20 +1,28 @@
<?php
class Login_handler
{
- function login(string $email, string $pwd) : bool
+ function login():bool{
+ if ($_SERVER["REQUEST_METHOD"] == "POST") {
+ // fetch data from the form pass to login_handler function
+ if(isset($_POST['email']) || !isset($_POST['password'])){
+ return ($this->authenticate($_POST['email'], $_POST['password']));
+ }
+ }
+ }
+ function authenticate(string $email, string $pwd) : bool
//this function return true when user is autheticated uses set_globals to set $_SESSION variables
{
//create a SQLDatabase class
- $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
//create a Database object class, with the table User
- $u = $db->get(Model\User::class);
+ $u = $db->get(User::class);
//check if the email exists in db
if(!$u->where('email', $email)){
//email does not exist
return false;
}else{
- if(password_verify($pwd, $u->pwd)){
+ if(password_verify($pwd, $u->password)){
//authenticated -> set $_SESSION variables
$this->set_globals($u, $db);
return true;
@@ -32,11 +40,11 @@ class Login_handler
//start session and set
session_start();
$_SESSION['email'] = $u->email;
- $_SESSION['first_name'] = $u->fname;
- $_SESSION['last_name'] = $u->lname;
+ $_SESSION['first_name'] = $u->first_name;
+ $_SESSION['last_name'] = $u->last_name;
//get permissions form db and set sessions_permissions
- $p = $db->all_where(Model\Permission_user::class, array('email' => $u->email));
+ $p = $db->all_where(Permission_user::class, array('email' => $u->email));
foreach($p as $permission){
$user_permissions[] = $permission->id;
}
diff --git a/Model/Permissions.php b/Model/Permissions.php
@@ -0,0 +1,14 @@
+<?php
+class Permissions extends Lollipop\DatabaseObject
+{
+ static function get_table(): string
+ {
+ return "permission";
+ }
+
+ static function get_primary(): string
+ {
+ return "id";
+ }
+}
+?>
+\ No newline at end of file
diff --git a/Model/User.php b/Model/User.php
@@ -0,0 +1,15 @@
+<?php
+class User extends Lollipop\DatabaseObject
+{
+ static function get_table(): string
+ {
+ return "user";
+ }
+
+ static function get_primary(): string
+ {
+ return "user_id";
+ }
+}
+
+?>
+\ No newline at end of file
diff --git a/index.php b/index.php
@@ -4,16 +4,45 @@ require_once "utils/autoloader.php";
$router = new Lollipop\Router();
-$router->addRoute(["GET"], "/", "views/login.php");
-$router->addRoute(["POST"], "/login", "logic/login.php");
-$router->addRoute(["POST"], "/", function($vars){
- $data = [];
- foreach ($_POST as $key => $value) {
- $data[$key] = $value;
- }
- $t = new Lollipop\Template();
- $t->template("views/login.php", $data);
+$router->addRoute(["GET"], "/", function($vars){
+ $templater = new Lollipop\Template();
+ echo $templater->template("views/login.html", ["msg" => ""]);
});
+$router->addRoute(["POST"], "/login", function($vars){
+ $templater = new Lollipop\Template();
+ $login = new Login_handler();
+ if( $login->login()){
+ echo $templater->template("view/panda.html", ["msg" => ""]);
+ }else{
+ echo $templater->template("views/login.html", ["msg" => "<p style=\"color:red;\">Incorrect username or password.</p>"]);
+ }
+});
+
+$router->addRoute(["GET"], "/user/add", function($vars){
+ $add_user = new Add_user();
+ $templater = new Lollipop\Template();
+ $template = [];
+
+ if(sizeof($vars) > 0){
+ //do something with vars
+ //get username from uri
+ }
+
+ $template["msg"] = "";
+ $template["radials"] = $add_user->create_permission_radials();
+ echo $templater->template("views/add_user.html", $template);
+});
+
+$router->addRoute(["POST"], "/user/add", function($vars){
+ $add_user = new Add_user();
+ $templater = new Lollipop\Template();
+ $template = [];
+
+ array_push($template, $add_user->read_post());
+ $template["radials"] = $add_user->create_permission_radials();
+ echo $templater->template("views/add_user.html", $template);
+});
+
$router->addRoute(["GET"], "/dashboard", "views/panda.html");
$router->addRoute(["GET"], "/api/:data", function($vars) {
$key = new Key;
diff --git a/views/add_user.html b/views/add_user.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html lang="eng">
+ <head>
+ <title>Add user</title>
+ <!-- Bootstrap CSS -->
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+ <link rel="stylesheet" type="text/css" href="/css/homepage.css">
+ </head>
+ <body>
+ <div class="container">
+ <h1>Add user</h1>
+
+ <form action="add" method="post">
+ <div class="mb-3">
+ <label for="first_name" class="form-label"><b>Voornaam:</b></label>
+ <input type="text" class="form-control" name="first_name" id="first_name" placeholder="{{first_name}}first_name">
+ </div>
+ <div class="mb-3">
+ <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
+ <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
+ </div>
+ <div class="mb-3">
+ <label for="email" class="form-label"><b>Email:</b></label>
+ <input type="text" class="form-control" name="email" id="email" placeholder="Email">
+ </div>
+ <div class="mb-3">
+ <label for="password" class="form-label"><b>Wachtwoord:</b></label>
+ <input type="password" class="form-control" name="password" id="password" placeholder="******">
+ </div>
+ <p>Please select the user permissions:</p>
+ {{radials}}
+ <button type="submit" class="btn btn-primary" name="submit">Add user</button>
+ </form>
+ {{msg}}
+ </div>
+ </body>
+</html>
diff --git a/views/dashboard.php b/views/dashboard.php
@@ -1,6 +0,0 @@
-<html>
- <head>
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
- </head>
-
-</html>
diff --git a/views/login.html b/views/login.html
@@ -0,0 +1,46 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>Login Page</title>
+ <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css"
+ integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
+</head>
+<body>
+ <div class="container mx-auto text-center">
+ <div class="row">
+ <div class="col-md-12 title">
+ <h1>Welcome to Lollipop</h1>
+ <h4>Please log in</h4>
+ </div>
+ </div>
+ </div>
+ <div class="container mt-5">
+ <div class="row justify-content-center">
+ <div class="col-md-6">
+ <div class="card">
+ <div class="card-header">Login</div>
+ <div class="card-body">
+ <form method="POST" action="/login">
+ <div class="form-group">
+ <label for="email">Email:</label>
+ <input type="email" class="form-control" id="email" name="email"
+ placeholder="Enter email">
+ </div>
+ <div class="form-group">
+ <label for="password">Password:</label>
+ <input type="password" class="form-control" id="password" name="password"
+ placeholder="Enter password">
+ </div>
+ <button type="submit" name='login_btn' class="btn btn-primary">Login</button>
+ </form>
+ </div>
+ <div class="row justify-content-center">
+ {{msg}}
+ </div>
+ </div>
+ </div>
+ </div>
+ </div>
+</body>
+
+</html>
+\ No newline at end of file
diff --git a/views/login.php b/views/login.php
@@ -1,58 +0,0 @@
-<!DOCTYPE html>
-<?php
- if (!isset($_SESSION['CREATED'])) {
- $_SESSION['CREATED'] = time();
- } else if (time() - $_SESSION['CREATED'] > 1800) {
- // session started more than 30 minutes ago
- session_regenerate_id(true); // change session ID for the current session and invalidate old session ID
- $_SESSION['CREATED'] = time(); // update creation time
- }
-?>
-<html>
-<head>
- <title>Login Page</title>
- <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css"
- integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
-</head>
-<body>
- <div class="container mx-auto text-center">
- <div class="row">
- <div class="col-md-12 title">
- <h1>Welcome to Lollipop</h1>
- <h4>Please log in</h4>
- </div>
- </div>
- </div>
- <div class="container mt-5">
- <div class="row justify-content-center">
- <div class="col-md-6">
- <div class="card">
- <div class="card-header">Login</div>
- <div class="card-body">
- <form method="POST" action="/">
- <div class="form-group">
- <label for="email">Email:</label>
- <input type="email" class="form-control" id="email" name="email"
- placeholder="Enter email">
- </div>
- <div class="form-group">
- <label for="password">Password:</label>
- <input type="password" class="form-control" id="password" name="password"
- placeholder="Enter password">
- </div>
- <button type="submit" name='login_btn' class="btn btn-primary">Login</button>
- </form>
- </div>
- <div class="row justify-content-center">
- <?php
- //display login $msg
-// echo $msg;
- ?>
- </div>
- </div>
- </div>
- </div>
- </div>
-</body>
-
-</html>
-\ No newline at end of file
