forked from Adleraci/adlerka.top
Add some more account actions,
Add return types,
This commit is contained in:
parent
a4fd20ad00
commit
3d22ff555e
@ -1,6 +1,6 @@
|
||||
function login() {
|
||||
var email = document.getElementById("email").value;
|
||||
var password = document.getElementById("password").value;
|
||||
const email = document.getElementById("email").value;
|
||||
const password = document.getElementById("password").value;
|
||||
|
||||
// Assuming you use fetch API to send data to the server
|
||||
fetch('https://home.adlerka.top/account', {
|
||||
|
176
lib/account.php
176
lib/account.php
@ -1,14 +1,41 @@
|
||||
<?php
|
||||
|
||||
function isLoggedIn(){
|
||||
return $_SESSION["ID"] > 0 && !empty($_SESSION["email"]);
|
||||
use Random\RandomException;
|
||||
|
||||
function isLoggedIn(): bool
|
||||
{
|
||||
global $routerConfig;
|
||||
return $_SESSION["ID"] > 0 && !empty($_SESSION["email"]) && $_SESSION["privilegelevel"] >= $routerConfig["logged_in_default_permission_level"];
|
||||
}
|
||||
|
||||
function doLogin($email, $password){
|
||||
function generateActivationToken(): string
|
||||
{
|
||||
try {
|
||||
return bin2hex(random_bytes(16));
|
||||
} catch (RandomException $e) {
|
||||
return "error_generating_code_because_of_$e";
|
||||
} // Adjust the length of the token as needed
|
||||
}
|
||||
function verifyPassword($userID, $password): bool
|
||||
{
|
||||
global $mysqli;
|
||||
$stmt = $mysqli->prepare("SELECT PasswordHash FROM Users WHERE ID = ?");
|
||||
$stmt->bind_param("i", $userID);
|
||||
$stmt->execute();
|
||||
$pwdhash = "";
|
||||
$stmt->bind_result($pwdhash);
|
||||
$stmt->fetch();
|
||||
$stmt->close();
|
||||
|
||||
return !empty($pwdhash) && password_verify($password, $pwdhash);
|
||||
}
|
||||
|
||||
function doLogin($email, $password): array
|
||||
{
|
||||
global $mysqli, $routerConfig;
|
||||
$found = false;
|
||||
if(!empty($email) && !empty($password)){
|
||||
$stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, isAdmin FROM Users WHERE EMAIL = ? AND isActive = 1");
|
||||
$stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, PasswordHash, MinecraftNick, privilegeLevel FROM Users WHERE EMAIL = ? AND isActive = 1");
|
||||
$stmt->bind_param("s", $email);
|
||||
$stmt->execute();
|
||||
|
||||
@ -18,27 +45,29 @@ function doLogin($email, $password){
|
||||
$nickname = "";
|
||||
$pwdhash = "";
|
||||
$mcnick = "";
|
||||
$stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, false);
|
||||
$privilegelevel = 0;
|
||||
$stmt->bind_result($idcko, $fname, $lname, $nickname, $pwdhash, $mcnick, $privilegelevel);
|
||||
|
||||
if($stmt->num_rows() > 0){
|
||||
$stmt->fetch();
|
||||
if (password_verify($password, $pwdhash)){
|
||||
if (password_verify($password, $pwdhash) && $privilegelevel >= $routerConfig["logged_in_default_permission_level"]){
|
||||
$found = true;
|
||||
}
|
||||
}
|
||||
$_SESSION["ID"] = $idcko;
|
||||
$_SESSION["first_name"] = $fname;
|
||||
$_SESSION["last_name"] = $lname;
|
||||
$_SESSION["nickname"] = $nickname;
|
||||
$_SESSION["email"] = $email;
|
||||
$_SESSION["mcnick"] = $mcnick;
|
||||
$_SESSION["isadmin"] = false;
|
||||
$found = true;
|
||||
}
|
||||
}
|
||||
$_SESSION["privilegelevel"] = $privilegelevel;
|
||||
$stmt->close();
|
||||
}
|
||||
return $found ? ["status" => "success"] : ["status" => "fail"];
|
||||
}
|
||||
|
||||
function doLogout(){
|
||||
function doLogout(): array
|
||||
{
|
||||
if(isLoggedIn()){
|
||||
session_destroy();
|
||||
return ["status" => "success"];
|
||||
@ -47,7 +76,8 @@ function doLogout(){
|
||||
}
|
||||
}
|
||||
|
||||
function doRegister($firstname, $lastname, $nickname, $email, $password, $minecraftnick, $activationtoken){
|
||||
function doRegister($firstname, $lastname, $nickname, $email, $password, $minecraftnick, $activationtoken): array
|
||||
{
|
||||
global $mysqli;
|
||||
$status = ["status" => "fail"];
|
||||
if (!empty($activationtoken)){
|
||||
@ -63,3 +93,125 @@ function doRegister($firstname, $lastname, $nickname, $email, $password, $minecr
|
||||
return $status;
|
||||
}
|
||||
|
||||
function changePassword($userID, $newPassword): array
|
||||
{
|
||||
global $mysqli, $routerConfig;
|
||||
$status = ["status" => "fail"];
|
||||
if(!empty($userID) && !empty($newPassword) && verifyPassword($userID, $newPassword) && $_SESSION["privilegelevel"] >= $routerConfig["logged_in_default_permission_level"]){
|
||||
$passwordHash = password_hash($newPassword, PASSWORD_DEFAULT);
|
||||
$stmt = $mysqli->prepare("UPDATE Users SET PasswordHash = ? WHERE ID = ?");
|
||||
$stmt->bind_param("si", $passwordHash, $userID);
|
||||
$stmt->execute();
|
||||
if ($stmt->affected_rows > 0) {
|
||||
$status["status"] = "success";
|
||||
}
|
||||
$stmt->close();
|
||||
}
|
||||
return $status;
|
||||
}
|
||||
|
||||
|
||||
function updateUserProfile($userID, $firstName, $lastName, $nickname, $minecraftNick): array
|
||||
{
|
||||
global $mysqli;
|
||||
$status = ["status" => "fail"];
|
||||
if (!empty($userID)) {
|
||||
$stmt = $mysqli->prepare("UPDATE Users SET FirstName = ?, LastName = ?, Nickname = ?, MinecraftNick = ? WHERE ID = ?");
|
||||
$stmt->bind_param("ssssi", $firstName, $lastName, $nickname, $minecraftNick, $userID);
|
||||
$stmt->execute();
|
||||
if ($stmt->affected_rows > 0) {
|
||||
$status["status"] = "success";
|
||||
}
|
||||
$stmt->close();
|
||||
}
|
||||
return $status;
|
||||
}
|
||||
|
||||
function getUserInfo($userID): array
|
||||
{
|
||||
global $mysqli;
|
||||
$userInfo = [];
|
||||
if (!empty($userID)) {
|
||||
$stmt = $mysqli->prepare("SELECT ID, FirstName, LastName, Nickname, Email, MinecraftNick, privilegeLevel FROM Users WHERE ID = ?");
|
||||
$stmt->bind_param("i", $userID);
|
||||
$stmt->execute();
|
||||
$id = 0;
|
||||
$firstName = "";
|
||||
$lastName = "";
|
||||
$nickname = "";
|
||||
$email = "";
|
||||
$minecraftNick = "";
|
||||
$privilegeLevel = 0;
|
||||
|
||||
$stmt->bind_result($id, $firstName, $lastName, $nickname, $email, $minecraftNick, $privilegeLevel);
|
||||
$stmt->fetch();
|
||||
$stmt->close();
|
||||
|
||||
$userInfo = [
|
||||
"ID" => $id,
|
||||
"FirstName" => $firstName,
|
||||
"LastName" => $lastName,
|
||||
"Nickname" => $nickname,
|
||||
"Email" => $email,
|
||||
"MinecraftNick" => $minecraftNick,
|
||||
"PrivilegeLevel" => $privilegeLevel
|
||||
];
|
||||
}
|
||||
return $userInfo;
|
||||
}
|
||||
|
||||
function isEmailAvailable($email): bool
|
||||
{
|
||||
global $mysqli;
|
||||
$stmt = $mysqli->prepare("SELECT COUNT(*) FROM Users WHERE Email = ?");
|
||||
$stmt->bind_param("s", $email);
|
||||
$stmt->execute();
|
||||
$count = -1;
|
||||
$stmt->bind_result($count);
|
||||
$stmt->fetch();
|
||||
$stmt->close();
|
||||
|
||||
return $count === 0;
|
||||
}
|
||||
|
||||
|
||||
function addActivationCodes($adminID, $count): array
|
||||
{
|
||||
global $mysqli;
|
||||
$activationCodes = [];
|
||||
if (!empty($adminID) && is_numeric($count) && $count > 0) {
|
||||
$stmt = $mysqli->prepare("INSERT INTO ActivationCodes (AdminID, Code) VALUES (?, ?)");
|
||||
for ($i = 0; $i < $count; $i++) {
|
||||
$activationCode = generateActivationToken();
|
||||
$stmt->bind_param("is", $adminID, $activationCode);
|
||||
$stmt->execute();
|
||||
if ($stmt->affected_rows > 0) {
|
||||
$activationCodes[] = $activationCode;
|
||||
}
|
||||
}
|
||||
$stmt->close();
|
||||
}
|
||||
return $activationCodes;
|
||||
}
|
||||
|
||||
function listUsers(): array
|
||||
{
|
||||
global $mysqli;
|
||||
$users = [];
|
||||
$result = $mysqli->query("SELECT ID, FirstName, LastName, Nickname, Email, MinecraftNick, privilegeLevel FROM Users");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$users[] = $row;
|
||||
}
|
||||
return $users;
|
||||
}
|
||||
|
||||
function listActivationCodes(): array
|
||||
{
|
||||
global $mysqli;
|
||||
$activationCodes = [];
|
||||
$result = $mysqli->query("SELECT Code FROM ActivationCodes");
|
||||
while ($row = $result->fetch_assoc()) {
|
||||
$activationCodes[] = $row['Code'];
|
||||
}
|
||||
return $activationCodes;
|
||||
}
|
||||
|
@ -1,5 +1,6 @@
|
||||
<?php
|
||||
function loadRouterConfig(){
|
||||
function loadRouterConfig(): void
|
||||
{
|
||||
global $routerConfig;
|
||||
|
||||
$routerConfig["default_page"] = "domov";
|
||||
@ -13,4 +14,16 @@
|
||||
$routerConfig["page_dir"] = "pages/";
|
||||
|
||||
$routerConfig["protocol"] = "https://";
|
||||
|
||||
$routerConfig["logged_out_permission_level"] = 0;
|
||||
|
||||
$routerConfig["logged_in_default_permission_level"] = 1;
|
||||
|
||||
$routerConfig["verified_permission_level"] = 2;
|
||||
|
||||
$routerConfig["trustworthy_permission_level"] = 3;
|
||||
|
||||
$routerConfig["moderator_permission_level"] = 4;
|
||||
|
||||
$routerConfig["adminpermissionlevel"] = 255;
|
||||
}
|
||||
|
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
function runEndpoint($endpoint_file)
|
||||
function runEndpoint($endpoint_file): ?array
|
||||
{
|
||||
|
||||
$endpoint_data = $_POST;
|
||||
@ -10,7 +10,7 @@ function runEndpoint($endpoint_file)
|
||||
}
|
||||
|
||||
|
||||
function getEndpoint($endpoint_name)
|
||||
function getEndpoint($endpoint_name): false|string
|
||||
{
|
||||
$output = array();
|
||||
$output["status"] = "fail";
|
||||
|
@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
function generateNavigation()
|
||||
function generateNavigation(): string
|
||||
{
|
||||
global $routerConfig;
|
||||
global $routerRequest;
|
||||
|
@ -1,11 +1,12 @@
|
||||
<?php
|
||||
function renderDynamicPage($page_file)
|
||||
function renderDynamicPage($page_file): false|string
|
||||
{
|
||||
require_once $page_file;
|
||||
return render();
|
||||
}
|
||||
|
||||
function getPage($page_name = null){
|
||||
function getPage($page_name = null): array|false|string
|
||||
{
|
||||
global $routerConfig;
|
||||
global $routerRequest;
|
||||
|
||||
|
@ -1,7 +1,8 @@
|
||||
<?php
|
||||
|
||||
|
||||
function initRouter(){
|
||||
function initRouter(): bool
|
||||
{
|
||||
global $routerRequest;
|
||||
global $routerConfig;
|
||||
|
||||
|
@ -2,7 +2,7 @@
|
||||
|
||||
require_once "lib/router.php";
|
||||
|
||||
function render()
|
||||
function render(): false|string
|
||||
{
|
||||
global $routerConfig;
|
||||
|
||||
|
@ -1,5 +1,6 @@
|
||||
<page minpermissionlevel="0" name="Domov"></page>
|
||||
<header>
|
||||
<h1 class="title">Vitaj na tejto úžasnej stránke</h1>
|
||||
<p>Oficiálna stránka pre adlerka.top</p>
|
||||
<p>Neoficiálna študentská stránka pre adlerku</p>
|
||||
<hr>
|
||||
</header>
|
Loading…
Reference in New Issue
Block a user