+
+
+
+
+
\ No newline at end of file
diff --git a/config/dbaccess.php b/config/dbaccess.php
index f5df6fa..810f913 100644
--- a/config/dbaccess.php
+++ b/config/dbaccess.php
@@ -1,8 +1,8 @@
\ No newline at end of file
diff --git a/config/sessionStart.php b/config/sessionStart.php
new file mode 100644
index 0000000..9843117
--- /dev/null
+++ b/config/sessionStart.php
@@ -0,0 +1,3 @@
+
\ No newline at end of file
diff --git a/db/datahandler.php b/db/datahandler.php
index cf7430e..f97208e 100644
--- a/db/datahandler.php
+++ b/db/datahandler.php
@@ -1,5 +1,4 @@
email);
- $password = testinput($data->password);
+ $password = password_hash(testinput($data->password), PASSWORD_DEFAULT);
$email = testinput($data->email);
$phone = testinput($data->phone);
$salutation = testinput($data->salutation);
@@ -15,10 +14,9 @@ class DataHandler
$lastname = testinput($data->lastname);
$street = testinput($data->street);
$postalcode = testinput($data->postalcode);
+ $city = testinput($data->city);
$role = "customer";
- $password = password_hash($password, PASSWORD_DEFAULT);
-
require($_SERVER['DOCUMENT_ROOT'] . '/config/setupDBAccess.php');
$sql2 = "INSERT IGNORE INTO `cities` (`city_id`, `postalcode`, `name`) VALUES (?,?,?)";
@@ -29,17 +27,21 @@ class DataHandler
$stmtCities = $db->prepare($sql2);
$stmtUser->bind_param("ssssssssss", null, $username, $password, $email, $phone, $salutation, $firstname, $lastname, $street, $postalcode, $role, null);
- $stmtCities->bind_param("sss", null, $postalcode, $coty);
+ $stmtCities->bind_param("sss", null, $postalcode, $city);
- if ($stmtUser->execute() && $stmtCities->execute() && $stmtAddress->execute()) {
- return $data;
+ if ($stmtUser->execute() && $stmtCities->execute()) {
+ echo "Your registration was successfully.\n";
+ $returnArray['Response'] = "Your registration was successfully.";
} else {
- return false;
+ echo "Your registration was not successfully. Please try again later.\n";
+ $returnArray['Response'] = "Your registration was not successfully. Please try again later.";
}
$stmtUser->close();
$stmtCities->close();
$stmtAddress->close();
$db->close();
+
+ return $returnArray;
}
}
diff --git a/js/app.ts b/js/app.ts
index a1b9765..46ed437 100644
--- a/js/app.ts
+++ b/js/app.ts
@@ -2,6 +2,17 @@ $(document).ready(function() {
$('#mmlMainContent').load('../components/homepage.html');
$('#top_nav_bar').load('../components/top_nav.html');
$('#main_nav_bar').load('../components/main_nav.html', function() {
+ if (document.cookie.indexOf('loggedIn=true') != -1) {
+ $('#main_nav_bar').find('#loginLink').hide();
+ $('#main_nav_bar').find('#registerLink').hide();
+ $('#main_nav_bar').find('#logoutLink').show();
+ $('#main_nav_bar').find('#profileLink').show();
+ } else {
+ $('#main_nav_bar').find('#loginLink').show();
+ $('#main_nav_bar').find('#registerLink').show();
+ $('#main_nav_bar').find('#logoutLink').hide();
+ $('#main_nav_bar').find('#profileLink').hide();
+ }
document.getElementById('registerLink')?.addEventListener('click', function() {
$('#mmlMainContent').load('../components/register.html');
},);
@@ -11,6 +22,19 @@ $(document).ready(function() {
document.getElementById('loginLink')?.addEventListener('click', function() {
$('#mmlMainContent').load('../components/login.html');
},);
+ document.getElementById('logoutLink')?.addEventListener('click', function() {
+ document.cookie = 'loggedIn=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;';
+ document.cookie = 'email=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;';
+ document.cookie = 'rememberme=; expires=Thu, 01 Jan 1970 00:00:00 UTC; path=/;';
+ $('#mmlMainContent').load('../components/homepage.html');
+ $('#main_nav_bar').find('#loginLink').show();
+ $('#main_nav_bar').find('#registerLink').show();
+ $('#main_nav_bar').find('#logoutLink').hide();
+ $('#main_nav_bar').find('#profileLink').hide();
+ });
+ document.getElementById('profileLink')?.addEventListener('click', function() {
+ $('#mmlMainContent').load('../components/profile.html');
+ });
});
$('#marmeladenladen_footer').load('../components/footer.html');
$('#marmeladenladen_search').load('../components/modal.html');
diff --git a/js/cookieHandling.js b/js/cookieHandling.js
new file mode 100644
index 0000000..a39a7c6
--- /dev/null
+++ b/js/cookieHandling.js
@@ -0,0 +1,15 @@
+function getCookie(cname) {
+ let name = cname + "=";
+ let decodeCookie = decodeURIComponent(document.cookie);
+ let ca = decodeCookie.split(';');
+ for (let i = 0; i < ca.length; i++) {
+ let c = ca[i];
+ while (c.charAt(0) == ' ') {
+ c = c.substring(1);
+ }
+ if (c.indexOf(name) == 0) {
+ return c.substring(name.length, c.length);
+ }
+ }
+ return "";
+}
\ No newline at end of file
diff --git a/js/datachange.js b/js/datachange.js
new file mode 100644
index 0000000..deea47d
--- /dev/null
+++ b/js/datachange.js
@@ -0,0 +1,97 @@
+//document get ready function
+ const username = getCookie('email');
+ const loggedIn = getCookie('loggedIn');
+
+$(document).ready(function () {
+ const usernameHeader = document.getElementById("usernameHeader");
+ const salutation = document.getElementById("salutation");
+ const firstname = document.getElementById("firstname");
+ const lastname = document.getElementById("lastname");
+ const street = document.getElementById("street");
+ const postalcode = document.getElementById("postalcode");
+ const city = document.getElementById("city");
+ const email = document.getElementById("email");
+ const phone = document.getElementById("phone");
+ let hashedPassword = '';
+ //make json from username
+ const sendData = {
+ "username": username
+ };
+ stringData = JSON.stringify(sendData);
+ if (loggedIn == 'true') {
+ $.ajax({
+ url: '../logic/getUserData.php',
+ type: 'POST',
+ cache: false,
+ datatype: 'json',
+ data: stringData,
+ success: function (response) {
+ const data = JSON.parse(response);
+ //set data to fields
+ usernameHeader.innerHTML = data.username;
+ salutation.value = data.salutation;
+ firstname.value = data.firstname;
+ lastname.value = data.lastname;
+ street.value = data.address;
+ postalcode.value = data.plz;
+ city.value = data.city;
+ email.value = data.email;
+ phone.value = data.phone;
+ hashedPassword = data.password;
+ }
+ });
+ } else {
+ window.location.href = '../index.html';
+ }
+ const userForm = document.getElementById("userProfile");
+ userForm.addEventListener('submit', function (e) {
+ e.preventDefault();
+ updateUser(hashedPassword);
+ });
+});
+
+function updateUser(pwd){
+
+ const sendData = {
+ "username": username,
+ "street": street.value,
+ "postalcode": postalcode.value,
+ "city": city.value,
+ "phone": phone.value,
+ "password": password.value,
+ "hashedPassword": pwd
+ };
+ stringData = JSON.stringify(sendData);
+ console.log(stringData);
+ $.ajax({
+ url: '../logic/updateUserData.php',
+ type: 'POST',
+ cache: false,
+ datatype: 'text',
+ data: stringData,
+ success: function (response) {
+ console.log(response);
+ if (response == 'success') {
+ alert('Data updated');
+ } else {
+ alert('Data not updated - please try again later or enter correct password.');
+ }
+ }
+ });
+}
+
+function getCookie(cname) {
+ let name = cname + "=";
+ let decodeCookie = decodeURIComponent(document.cookie);
+ let ca = decodeCookie.split(';');
+ for (let i = 0; i < ca.length; i++) {
+ let c = ca[i];
+ while (c.charAt(0) == ' ') {
+ c = c.substring(1);
+ }
+ if (c.indexOf(name) == 0) {
+ return c.substring(name.length, c.length);
+ }
+ }
+ return "";
+}
\ No newline at end of file
diff --git a/js/login.js b/js/login.js
new file mode 100644
index 0000000..c6c3194
--- /dev/null
+++ b/js/login.js
@@ -0,0 +1,53 @@
+const emailLogin = document.getElementById('emailLogin');
+const passwordLogin = document.getElementById('passwordLogin');
+const rememberme = document.getElementById('rememberMe');
+
+const formLogin = document.getElementById('loginForm');
+formLogin.addEventListener('submit', login);
+
+async function login(event) {
+ event.preventDefault();
+ if (checkLogin()) {
+ //get form data
+ const formData = new FormData(formLogin);
+ //create object with form data
+ const data = {};
+ formData.forEach((value, key) => data[key] = value);
+ //log data on console
+ datastring = JSON.stringify(data);
+ //send data to php with Ajax
+ $.ajax({
+ url: '../logic/loginLogic.php',
+ type: 'POST',
+ data: datastring,
+ cache: false,
+ datatype: 'text',
+ success: function (response) {
+ if (response == 'success') {
+ if (rememberme.checked) {
+ document.cookie = "rememberme=true; expires=Fri, 31 Dec 9999 23:59:59 GMT";
+ document.cookie = "email=" + emailLogin.value + "; expires=Fri, 31 Dec 9999 23:59:59 GMT";
+ document.cookie = "loggedIn=true; expires=Fri, 31 Dec 9999 23:59:59 GMT";
+ } else {
+ document.cookie = "rememberme=false";
+ document.cookie = "email=" + emailLogin.value;
+ document.cookie = "loggedIn=true";
+ }
+ window.location.href = '../index.html';
+ alert(response);
+ } else {
+ alert(response);
+ }
+ }
+ });
+ }
+}
+
+function checkLogin() {
+ if (emailLogin.value == '' || passwordLogin.value == '') {
+ alert('Please fill in all fields');
+ return false;
+ } else {
+ return true;
+ }
+}
\ No newline at end of file
diff --git a/js/logout.js b/js/logout.js
new file mode 100644
index 0000000..709aba1
--- /dev/null
+++ b/js/logout.js
@@ -0,0 +1,11 @@
+//delete all cookies
+function deleteAllCookies() {
+ var cookies = document.cookie.split(";");
+
+ for (var i = 0; i < cookies.length; i++) {
+ var cookie = cookies[i];
+ var eqPos = cookie.indexOf("=");
+ var name = eqPos > -1 ? cookie.substr(0, eqPos) : cookie;
+ document.cookie = name + "=;expires=Thu, 01 Jan 1970 00:00:00 GMT";
+ }
+}
\ No newline at end of file
diff --git a/js/registration.js b/js/registration.js
index 7397df5..8a2bef6 100644
--- a/js/registration.js
+++ b/js/registration.js
@@ -27,9 +27,8 @@ async function register(event) {
cache: false,
datatype: 'text',
success: function (response) {
- console.log(response);
if (response == 'success') {
- window.location.href = '../index.html';
+ $('#mmlMainContent').load('../components/login.html');
} else {
alert(response);
}
diff --git a/logic/getUserData.php b/logic/getUserData.php
new file mode 100644
index 0000000..1db3ce7
--- /dev/null
+++ b/logic/getUserData.php
@@ -0,0 +1,47 @@
+username);
+
+function getData($email)
+{
+ require($_SERVER['DOCUMENT_ROOT'] . '/config/setupDBAccess.php');
+
+ $sql = "SELECT `user_id`, `username`, `password`, `email`, `phone`, `salutation`, `firstname`, `lastname`, `address`, `role`, `created_at`, `plz`, `name` FROM `user` JOIN `cities` ON `plz` = `postalcode` WHERE `username` = ?";
+ $stmt = $db->prepare($sql);
+ $stmt->bind_param("s", $email);
+
+ $stmt->execute();
+ $stmt->store_result();
+ $stmt->bind_result($user_id, $username, $password, $email, $phone, $salutation, $firstname, $lastname, $address, $role, $created_at, $plz, $name);
+ if ($stmt->num_rows == 1) {
+ if ($stmt -> fetch()) {
+ $data = array(
+ 'user_id' => $user_id,
+ 'username' => $username,
+ 'password' => $password,
+ 'email' => $email,
+ 'phone' => $phone,
+ 'salutation' => $salutation,
+ 'firstname' => $firstname,
+ 'lastname' => $lastname,
+ 'address' => $address,
+ 'plz' => $plz,
+ 'city' => $name,
+ 'role' => $role,
+ 'created_at' => $created_at
+ );
+ $data = json_encode($data);
+ $response = $data;
+ } else {
+ $response = "failure";
+ }
+ } else {
+ $response = "failure";
+ }
+ $stmt->close();
+ $db->close();
+
+ echo $response;
+}
\ No newline at end of file
diff --git a/logic/loginLogic.php b/logic/loginLogic.php
new file mode 100644
index 0000000..1f65d97
--- /dev/null
+++ b/logic/loginLogic.php
@@ -0,0 +1,45 @@
+email);
+$passwordUnhashed = testinput($data->password);
+
+loginUser($username, $passwordUnhashed);
+
+function loginUser($username, $passwordUnhashed)
+{
+ require($_SERVER['DOCUMENT_ROOT'] . '/config/setupDBAccess.php');
+
+ $sql = "SELECT `username`, `password`, `role` FROM `user` WHERE `username` = ?";
+ $stmt = $db->prepare($sql);
+ $stmt->bind_param("s", $username);
+
+
+ $stmt->execute();
+ $stmt->store_result();
+ $stmt->bind_result($username, $password, $role);
+ if ($stmt->num_rows == 1) {
+ $stmt->fetch();
+ if (password_verify($passwordUnhashed, $password)) {
+ $response = "success";
+ $_SESSION['username'] = $username;
+ $_SESSION['role'] = $role;
+ $_SESSION['loggedIn'] = true;
+ } else {
+ $response = "failure";
+ }
+ } else {
+ $response = "failure";
+ }
+ $stmt->close();
+ $db->close();
+
+ echo $response;
+}
+
+
+
+
+?>
\ No newline at end of file
diff --git a/logic/serviceLogic.php b/logic/serviceLogic.php
index 0e43d3c..b2efa35 100644
--- a/logic/serviceLogic.php
+++ b/logic/serviceLogic.php
@@ -1,18 +1,24 @@
handleUserRequests($method, $param);
+$method =
+$result = true;
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+ $json = file_get_contents('php://input');
+ $data = json_decode($json, true);
+ $result = $logic->handleUserRequests($method, $data);
+}
+
+
if ($result == null) {
- response("GET", 400, null);
+ response('POST', 400, $result);
} else {
- response("GET", 200, $result);
+ response('POST', 200, $result);
}
function response($method, $status, $data)
diff --git a/logic/updateUserData.php b/logic/updateUserData.php
new file mode 100644
index 0000000..b1e8b79
--- /dev/null
+++ b/logic/updateUserData.php
@@ -0,0 +1,37 @@
+username;
+$phone = $data->phone;
+$address = $data->street;
+$name = $data->city;
+$plz = $data->postalcode;
+$password = $data->password;
+$hashedPassword = $data->hashedPassword;
+updateData($email, $phone, $address, $name, $plz, $password, $hashedPassword);
+
+function updateData($email, $phone, $address, $name, $plz, $password, $hashedPassword){
+ require($_SERVER['DOCUMENT_ROOT'] . '/config/setupDBAccess.php');
+ if (password_verify($password, $hashedPassword)) {
+ $sqlOrt = "INSERT IGNORE INTO `cities` (`postalcode`, `name`) VALUES (?, ?)";
+ $sqlUser = "UPDATE `user` SET `phone` = ?, `address` = ?, `plz` = ? WHERE `username` = ?";
+ $stmtOrt = $db->prepare($sqlOrt);
+ $stmtUser = $db->prepare($sqlUser);
+ $stmtOrt->bind_param("ss", $plz, $name);
+ $stmtUser->bind_param("ssss", $phone, $address, $plz, $email);
+
+ if ($stmtOrt->execute() && $stmtUser->execute()) {
+ $response = "success";
+ } else {
+ $response = "failure";
+ }
+ $stmtOrt->close();
+ $stmtUser->close();
+ $db->close();
+ } else {
+ $response = "failure";
+ }
+
+ echo $response;
+
+
+}
\ No newline at end of file
diff --git a/res/css/style.css b/res/css/style.css
index 3ce3106..6731079 100644
--- a/res/css/style.css
+++ b/res/css/style.css
@@ -82,4 +82,8 @@
font-size: .9em;
padding: 10px;
margin-bottom: 10px;
+}
+
+.registerform .form-control:read-only {
+ background-color: #f07f7f;
}
\ No newline at end of file