diff options
author | Aqua-sama <aqua@iserlohn-fortress.net> | 2021-04-12 12:17:02 +0300 |
---|---|---|
committer | Aqua-sama <aqua@iserlohn-fortress.net> | 2021-04-12 12:17:02 +0300 |
commit | b698dd1786ce8858744f5cb5293bd97f90c9d207 (patch) | |
tree | 79eded9d6ae2830382a564e2563dd47967c6320e | |
parent | Use HTTP_HOST if SERVER_NAME is localhost (diff) | |
download | bugtracker-b698dd1786ce8858744f5cb5293bd97f90c9d207.tar.xz |
User: register and update
-rw-r--r-- | style.css | 11 | ||||
-rw-r--r-- | templates/panel.php | 20 | ||||
-rw-r--r-- | user/index.php | 67 | ||||
-rw-r--r-- | user/login.php | 2 | ||||
-rw-r--r-- | user/register.php | 29 | ||||
-rw-r--r-- | user/update.php | 37 |
6 files changed, 156 insertions, 10 deletions
@@ -3,6 +3,17 @@ background: red; } +#register_box { + padding: 16px; +} + +#register_box input[type="text"] { + width: 100%; +} +#register_box input[type="password"] { + width: 100%; +} + table, th, td { border: 1px solid black; border-collapse: collapse; diff --git a/templates/panel.php b/templates/panel.php index c7fc578..5c090c8 100644 --- a/templates/panel.php +++ b/templates/panel.php @@ -3,19 +3,23 @@ session_start(); if (isset($_SESSION['user_id']) && $_SESSION['user_id'] != "") { - echo "Welcome, $_SESSION[user_name] <a href='{$config['urls']['base']}/user/logout.php'>logout</a>"; - echo "<p>Create | View new issues | View active issues</p>"; + echo "<p>Welcome, $_SESSION[user_name] | "; + echo "<a href='{$config['urls']['base']}/user/index.php'>account</a> | "; + echo "<a href='{$config['urls']['base']}/user/logout.php'>logout</a></p>"; } else { -echo "<form action='{$config['urls']['base']}/user/login.php' method='post'>"; -echo " <input name='username' type='text' >"; -echo " <input name='password' type='password' >"; -echo " <input type='submit' value='login' >"; -echo "</form>"; +?> +<p><a href='<?php echo "{$config['urls']['base']}/user/index.php"; ?>'>sign up</a> or log in</p> +<p><form action='<?php echo "{$config['urls']['base']}/user/login.php"; ?>' method='post'> + <input name='username' placeholder='username' type='text' required > + <input name='password' placeholder='password' type='password' required > + <input type='submit' value='login' > +</form> +<?php } ?> </div> -<form action="index.php" method="get"> +<form action='<?php echo "{$config['urls']['base']}/index.php"; ?>' method='get'> <input name="term" type="text" > <input type="submit" value="search" > </form> diff --git a/user/index.php b/user/index.php new file mode 100644 index 0000000..90b3a84 --- /dev/null +++ b/user/index.php @@ -0,0 +1,67 @@ +<?php +require '../config.php'; +require_once(TEMPLATES_PATH . "/header.php"); +require_once(TEMPLATES_PATH . "/panel.php"); +require_once(LIBRARY_PATH . "/functions.php"); + +if (isset($_SESSION['user_id']) && $_SESSION['user_id'] != "") { + $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']); + $r = $conn->query("SELECT username, email FROM users WHERE id = '$_SESSION[user_id]'")->fetch(); +?> + +<div id='user_info_box'> +<p>User information</p> +<form action='<?php echo "{$config['urls']['base']}/user/update.php"; ?>' method='post'> + +<p> + <label for='username'><b>Username</b></label> + <input name='username' type='text' value='<?php echo $r['username']; ?>' required > +</p> + +<p> + <label for='email'><b>Email</b></label> + <input name='email' type='text' value='<?php echo $r['email']; ?>' required > +</p> + +<p> + <label for='password'><b>Password</b></label> + <input name='password' type='password' placeholder='Enter new password' > +</p> + + <input type='submit' value='update' > +</form> +</div> + +<?php +} else { + # not logged in +?> +<div id='register_box'> +<p>Register a new account</p> +<form action='<?php echo "{$config['urls']['base']}/user/register.php"; ?>' method='post'> + +<p> + <label for='username'><b>Username</b></label> + <input name='username' type='text' placeholder='Enter username' required > +</p> + +<p> + <label for='email'><b>Email</b></label> + <input name='email' type='text' placeholder='Enter email' required > +</p> + +<p> + <label for='password'><b>Password</b></label> + <input name='password' type='password' placeholder='Enter password' required > +</p> + + <input type='submit' value='register' > +</form> +</div> + +<?php +} + +require_once(TEMPLATES_PATH . "/footer.php"); +?> + diff --git a/user/login.php b/user/login.php index 7c892e8..a927d02 100644 --- a/user/login.php +++ b/user/login.php @@ -4,8 +4,6 @@ require_once(TEMPLATES_PATH . "/header.php"); session_start(); $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']); - -// Performing SQL query $query = "SELECT id, username, password FROM users WHERE username = '$_POST[username]'"; $result = $conn->query($query)->fetch(); diff --git a/user/register.php b/user/register.php new file mode 100644 index 0000000..fb9ed09 --- /dev/null +++ b/user/register.php @@ -0,0 +1,29 @@ +<?php +require '../config.php'; +require_once(TEMPLATES_PATH . "/header.php"); +require_once(TEMPLATES_PATH . "/panel.php"); +require_once(LIBRARY_PATH . "/functions.php"); + +print_r($_POST); + +$password = password_hash($_POST['password'], PASSWORD_ARGON2I); + +$conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']); +$query = $conn->prepare("INSERT INTO users (username, password, email) VALUES (:username, :password, :email)"); +$query->bindParam(':username', $_POST['username']); +$query->bindParam(':password', $password); +$query->bindParam(':email', $_POST['email']); + +if($query->execute()) { + echo '<h2>Registration successful</h2>'; + $result = $conn->query("SELECT id, username, password FROM users WHERE username = '$_POST[username]'")->fetch(); + $_SESSION['user_name'] = $result['username']; + $_SESSION['user_id'] = $result['id']; +} else { + echo '<h2>Registration failed</h2>'; +} + +header("Refresh: 2; URL={$config['urls']['base']}"); + +require_once(TEMPLATES_PATH . "/footer.php"); +?> diff --git a/user/update.php b/user/update.php new file mode 100644 index 0000000..1fe291a --- /dev/null +++ b/user/update.php @@ -0,0 +1,37 @@ +<?php +require '../config.php'; +require_once(TEMPLATES_PATH . "/header.php"); +require_once(TEMPLATES_PATH . "/panel.php"); +require_once(LIBRARY_PATH . "/functions.php"); + +print_r($_POST); + +if (isset($_SESSION['user_id']) && $_SESSION['user_id'] != "") { + $conn = new PDO($config['db']['dsn'], $config['db']['username'], $config['db']['password']); + $query = $conn->prepare("UPDATE users SET username=:username, email=:email WHERE id={$_SESSION['user_id']}"); + $query->bindParam(':username', $_POST['username']); + $query->bindParam(':email', $_POST['email']); + + if($query->execute()) { + echo "<h2>Account updated</h2>"; + } else { + echo "<h2>Account update failed</h2>"; + } + + if($_POST['password'] != "") { + $password = password_hash($_POST['password'], PASSWORD_ARGON2I); + $query = $conn->prepare("UPDATE users SET password=:password WHERE id={$_SESSION['user_id']}"); + $query->bindParam(':password', $password); + + if($query->execute()) { + echo "<p>Password updated</p>"; + } else { + echo "<p>Password update failed</p>"; + } + } + +} + +header("Refresh: 2; URL=$_SERVER[HTTP_REFERER]"); +require_once(TEMPLATES_PATH . "/footer.php"); +?> |