update code
This commit is contained in:
parent
2a17c387a3
commit
b8741335bd
1
css.php
1
css.php
|
@ -1,3 +1,4 @@
|
|||
<link rel="stylesheet" type="text/css" href="/css/head.css">
|
||||
<link rel="stylesheet" type="text/css" href="/css/foot.css">
|
||||
<link rel="stylesheet" type="text/css" href="/css/global.css">
|
||||
<link rel="stylesheet" type="text/css" href="/css/user.css">
|
|
@ -5,8 +5,6 @@
|
|||
background-color: lightblue;
|
||||
text-align: center;
|
||||
width:100%;
|
||||
position:absolute;
|
||||
bottom: 0px;
|
||||
}
|
||||
|
||||
.footer span {
|
||||
|
|
|
@ -18,6 +18,7 @@ a:hover{
|
|||
margin-left: 30%;
|
||||
margin-right: 30%;
|
||||
font-size: 130%;
|
||||
height:100%
|
||||
}
|
||||
|
||||
.textinput{
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
.system {
|
||||
padding: 20px;
|
||||
background-color: lightblue;
|
||||
margin-bottom: 20px;
|
||||
}
|
2
head.php
2
head.php
|
@ -30,7 +30,7 @@
|
|||
<div class="sitename">
|
||||
<a href="/" >
|
||||
<div id="image">
|
||||
<img src="img/logo.png" alt="<?php echo(SITE_NAME); ?>" width="64" height="128">
|
||||
<img src="/img/logo.png" alt="<?php echo(SITE_NAME); ?>" width="64" height="128">
|
||||
</div>
|
||||
|
||||
<span id="title">
|
||||
|
|
|
@ -2,4 +2,5 @@
|
|||
include("sql.php");
|
||||
include("users.php");
|
||||
include("hlp.php");
|
||||
include("system.php");
|
||||
?>
|
93
lib/sql.php
93
lib/sql.php
|
@ -1,14 +1,14 @@
|
|||
<?php
|
||||
include("sqlcfg.php");
|
||||
|
||||
function createTables($conn) {
|
||||
function dbCreateTables($conn) {
|
||||
$conn->query("CREATE TABLE IF NOT EXISTS Users(Id INT NOT NULL AUTO_INCREMENT, Username TEXT, PasswordHash TEXT, PRIMARY KEY(Id))");
|
||||
$conn->query("CREATE TABLE IF NOT EXISTS Systems(Id INT NOT NULL AUTO_INCREMENT, Name TEXT, IsPluralSystem BOOL, SubSystem INT, UserCreated INT, PRIMARY KEY(Id))");
|
||||
$conn->query("CREATE TABLE IF NOT EXISTS Members(Id INT NOT NULL AUTO_INCREMENT, Name TEXT, Pronouns TEXT, FromSystem INT, PRIMARY KEY(Id))");
|
||||
}
|
||||
|
||||
|
||||
function connect(){
|
||||
function dbConnect(){
|
||||
$conn = new mysqli(MYSQL_HOST, MYSQL_USERNAME, MYSQL_PASSWORD, MYSQL_DATABASE);
|
||||
|
||||
|
||||
|
@ -18,13 +18,41 @@ function connect(){
|
|||
}
|
||||
|
||||
|
||||
createTables($conn);
|
||||
dbCreateTables($conn);
|
||||
|
||||
return $conn;
|
||||
}
|
||||
|
||||
function userExist(string $username) {
|
||||
$conn = connect();
|
||||
|
||||
function dbGetPasswordHash(string $username){
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("SELECT PasswordHash FROM Users WHERE Username=?");
|
||||
$prep->bind_param("s", $username);
|
||||
$prep->execute();
|
||||
|
||||
return $prep->get_result()->fetch_row()[0];
|
||||
}
|
||||
|
||||
function dbGetUserName(int $userId) {
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("SELECT Username FROM Users WHERE Id=?");
|
||||
$prep->bind_param("i", $userId);
|
||||
|
||||
$prep->execute();
|
||||
return $prep->get_result()->fetch_row()[0];
|
||||
}
|
||||
|
||||
function dbGetUserId(string $username) {
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("SELECT Id FROM Users WHERE Username=?");
|
||||
$prep->bind_param("s", $username);
|
||||
|
||||
$prep->execute();
|
||||
return intval($prep->get_result()->fetch_row()[0]);
|
||||
}
|
||||
|
||||
function dbUserExist(string $username) {
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("SELECT COUNT(*) FROM Users WHERE Username=?");
|
||||
$prep->bind_param("s", $username);
|
||||
|
||||
|
@ -32,24 +60,61 @@ function userExist(string $username) {
|
|||
return intval($prep->get_result()->fetch_row()[0]);
|
||||
}
|
||||
|
||||
function createUser(string $username, string $password) {
|
||||
function dbCreateUser(string $username, string $password) {
|
||||
|
||||
$hashedPassword = password_hash($password, PASSWORD_BCRYPT);
|
||||
$conn = connect();
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("INSERT INTO Users VALUES(NULL, ?, ?)");
|
||||
$prep->bind_param("ss", $username, $hashedPassword);
|
||||
$prep->execute();
|
||||
|
||||
}
|
||||
|
||||
function verifyLogin(string $username, string $passwordAttempt){
|
||||
$conn = connect();
|
||||
$prep = $conn->prepare("SELECT PasswordHash FROM Users WHERE Username=?");
|
||||
$prep->bind_param("s", $username);
|
||||
function dbGetSystems(int $userId) {
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("SELECT * FROM Systems WHERE UserCreated=?");
|
||||
$prep->bind_param("i", $userId);
|
||||
|
||||
$prep->execute();
|
||||
|
||||
$expectedHash = $prep->get_result()->fetch_row()[0];
|
||||
return password_verify($passwordAttempt, $expectedHash);
|
||||
return $prep->get_result()->fetch_all();
|
||||
}
|
||||
|
||||
|
||||
function dbGetMemberCount(int $systemId) {
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("SELECT COUNT(*) FROM Members WHERE FromSystem=?");
|
||||
$prep->bind_param("i", $systemId);
|
||||
|
||||
$prep->execute();
|
||||
return intval($prep->get_result()->fetch_row()[0]);
|
||||
}
|
||||
|
||||
function dbGetMembers(int $systemId) {
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("SELECT * FROM Members WHERE FromSystem=?");
|
||||
$prep->bind_param("i", $systemId);
|
||||
|
||||
$prep->execute();
|
||||
return $prep->get_result()->fetch_all();
|
||||
}
|
||||
|
||||
function dbCreateSystem(string $systemName, bool $isPlural, $subSystem, int $userId) {
|
||||
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("INSERT INTO Systems VALUES(NULL, ?, ?, ?, ?)");
|
||||
$prep->bind_param("siii", $systemName, $isPlural, $subSystem, $userId);
|
||||
$prep->execute();
|
||||
|
||||
}
|
||||
|
||||
function dbCreateMember(string $memberName, string $pronouns, int $fromSystem) {
|
||||
|
||||
$conn = dbConnect();
|
||||
$prep = $conn->prepare("INSERT INTO Members VALUES(NULL, ?, ?, ?)");
|
||||
$prep->bind_param("ssi", $memberName, $pronouns, $fromSystem);
|
||||
$prep->execute();
|
||||
|
||||
}
|
||||
|
||||
|
||||
?>
|
|
@ -0,0 +1,38 @@
|
|||
<?php
|
||||
|
||||
function createSystem(string $systemName) {
|
||||
if(!isLoggedIn()) { return; }
|
||||
|
||||
dbCreateSystem($systemName, true, null, $_SESSION["userId"]);
|
||||
}
|
||||
|
||||
function getMembers($systemId) {
|
||||
if(!isLoggedIn()) { return; }
|
||||
}
|
||||
|
||||
function getSystems() {
|
||||
if(!isLoggedIn()) { return; }
|
||||
|
||||
$dbSystems = dbGetSystems($_SESSION["userId"]);
|
||||
|
||||
$systemList = Array();
|
||||
|
||||
foreach($dbSystems as &$dbSystem)
|
||||
{
|
||||
|
||||
$systemEntry = Array(
|
||||
"id" => $dbSystem[0],
|
||||
"name" => htmlspecialchars($dbSystem[1], ENT_QUOTES),
|
||||
"isPlural" => (bool)$dbSystem[2],
|
||||
"subSystem" => $dbSystem[3],
|
||||
"userCreated" => $dbSystem[4],
|
||||
"memberCount" => dbGetMemberCount($dbSystem[0])
|
||||
);
|
||||
|
||||
array_push($systemList, $systemEntry);
|
||||
}
|
||||
|
||||
return $systemList;
|
||||
}
|
||||
|
||||
?>
|
|
@ -1,5 +1,10 @@
|
|||
<?php
|
||||
|
||||
function verifyLogin(string $username, string $passwordAttempt){
|
||||
$expectedHash = dbGetPasswordHash($username);
|
||||
return password_verify($passwordAttempt, $expectedHash);
|
||||
}
|
||||
|
||||
function logout() {
|
||||
$_SESSION["loggedIn"] = false;
|
||||
session_destroy();
|
||||
|
@ -7,10 +12,12 @@ function logout() {
|
|||
|
||||
function login(string $username) {
|
||||
$_SESSION["username"] = $username;
|
||||
$_SESSION["userId"] = dbGetUserId($username);
|
||||
$_SESSION["loggedIn"] = true;
|
||||
}
|
||||
|
||||
function getUsername() {
|
||||
if(!isLoggedIn()) return "";
|
||||
return htmlspecialchars($_SESSION["username"], ENT_QUOTES);
|
||||
}
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ if(isset($_POST["name"], $_POST["password"])){
|
|||
$name = $_POST["name"];
|
||||
$password = $_POST["password"];
|
||||
|
||||
if(userExist($name)) {
|
||||
if(dbUserExist($name)) {
|
||||
if(verifyLogin($name, $password)) {
|
||||
login($name);
|
||||
redirect("/user.php");
|
||||
|
@ -24,7 +24,6 @@ if(isset($_POST["name"], $_POST["password"])){
|
|||
}
|
||||
|
||||
?>
|
||||
|
||||
<span class="heading">
|
||||
<p>Login</p>
|
||||
</span>
|
||||
|
|
|
@ -8,8 +8,8 @@ if(isset($_POST["name"], $_POST["password"])){
|
|||
$name = $_POST["name"];
|
||||
$password = $_POST["password"];
|
||||
|
||||
if(!userExist($name)) {
|
||||
createUser($name, $password);
|
||||
if(!dbUserExist($name)) {
|
||||
dbCreateUser($name, $password);
|
||||
|
||||
login($name);
|
||||
redirect("/user.php");
|
||||
|
|
5
user.php
5
user.php
|
@ -11,9 +11,6 @@
|
|||
|
||||
<hr/>
|
||||
|
||||
<span class="heading">
|
||||
<p>Systems:</p>
|
||||
</span>
|
||||
|
||||
<?php include("user/systeminfo.php"); ?>
|
||||
|
||||
<?php include("foot.php"); ?>
|
|
@ -0,0 +1,25 @@
|
|||
<?php include("../head.php"); ?>
|
||||
|
||||
<?php
|
||||
if(isset($_POST["name"])){
|
||||
createSystem($_POST["name"]);
|
||||
redirect("/user.php");
|
||||
}
|
||||
?>
|
||||
|
||||
<span class="heading">
|
||||
<p>Add a System.</p>
|
||||
</span>
|
||||
|
||||
<span class="info">
|
||||
<p>Enter a name for your System:</p>
|
||||
</span>
|
||||
|
||||
<div class="info">
|
||||
<form action="/user/createSystem.php" method="post">
|
||||
<p><input class="textinput" type="text" name="name" placeholder="System Name"/></p>
|
||||
<p><input class="button" type="submit" value="Add System"/></p>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
<?php include("../foot.php"); ?>
|
|
@ -0,0 +1,38 @@
|
|||
|
||||
<span class="heading">
|
||||
<p>Systems:</p>
|
||||
</span>
|
||||
|
||||
|
||||
<?php
|
||||
$systems = getSystems();
|
||||
if(count($systems) <= 0) {
|
||||
echo('
|
||||
<span class="info">
|
||||
<p>You have no systems, Maybe try <a href="/user/createSystem.php">Adding a System.</a></p>
|
||||
</span>
|
||||
');
|
||||
}
|
||||
else {
|
||||
foreach($systems as &$system) {
|
||||
echo('
|
||||
<div class="system">
|
||||
<span class="heading">
|
||||
<p>'.$system['name'].'</p>
|
||||
</span>
|
||||
<span class="info">
|
||||
<p>Total Members: '. strval($system['memberCount']) .'</p>
|
||||
<a class="button" href="/user/editMembers.php?system='. strval($system['id']) .'">Edit Members</a>
|
||||
</span>
|
||||
</div>
|
||||
');
|
||||
//print_r($system);
|
||||
}
|
||||
}
|
||||
?>
|
||||
<div id="manage">
|
||||
<span class="info">
|
||||
<a class="button" href="/user/createSystem.php">Add System</a>
|
||||
<p/>
|
||||
</span>
|
||||
</div>
|
Loading…
Reference in New Issue