hope/dog
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

läuft schon

Browse Source
This commit is contained in:
Peter Hoppe
2022-12-17 01:18:54 +01:00
parent 147fd66fff
commit 6c48baac3d
17 changed files with 506 additions and 182 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
php/php-dog/AuthMiddleware.php
View File

@ -79,7 +79,7 @@ class Auth
protected function fetchUser($user_id)
{
try {
$fetch_user_by_id = "SELECT id, email, name, qr_id FROM dogs WHERE id=:id";
$fetch_user_by_id = "SELECT id, email, qr_id FROM dogs WHERE id=:id";
$query_stmt = $this->db->prepare($fetch_user_by_id);
$query_stmt->bindValue(':id', $user_id, PDO::PARAM_INT);
$query_stmt->execute();

3
php/php-dog/classes/Database.php
View File

@ -9,7 +9,8 @@ class Database
private $db_username = 'k200835_user_dog';
private $db_password = 'X0pEiBsXN3RLazGhQVvP';
public function dbConnection(){
public function dbConnection()
{
try
{

22
php/php-dog/classes/lib.php
View File

@ -1,12 +1,12 @@
<?php
class CMsg
class CMsg
{
$success;
$status;
$message;
$fields;
$data;
var $success;
var $status;
var $message;
var $fields;
var $data;
function __construct($success,$status = null,$message = null,$fields = null,$data = null)
{
@ -36,17 +36,15 @@ class CMsg
class CUser
{
$id;
$qr_id;
$email;
$name;
var $id;
var $qr_id;
var $email;
function __construct($id,$qr_id,$email,$name)
function __construct($id,$qr_id,$email)
{
$this->id = $id;
$this->qr_id = $qr_id;
$this->email = $email;
$this->name = $name;
}
}

4
php/php-dog/getDog.php
View File

@ -51,12 +51,12 @@ else
if($query_stmt->rowCount())
{
$row = $query_stmt->fetch(PDO::FETCH_ASSOC);
$returnData = new CMsg((1,200,'get dog',$fields,$row);
$returnData = new CMsg(1,200,'get dog',$fields,$row);
}
}
catch(PDOException $e)
{
$returnData = new CMsg((0,500,$e->getMessage(),$fields);
$returnData = new CMsg(0,500,$e->getMessage(),$fields);
}
}
echo $returnData->jsonarray();

153
php/php-dog/login.php
View File

@ -14,90 +14,107 @@ $db_connection = new Database();
$conn = $db_connection->dbConnection();
$data = json_decode(file_get_contents("php://input"));
// $data = json_decode(
// '{
// "email": "a@a.a",
// "password": "qwertzui"
// }'
// );
$returnData = new CMsg(0);
// IF REQUEST METHOD IS NOT EQUAL TO POST
if($_SERVER["REQUEST_METHOD"] != "POST")
{
$returnData = new CMsg(0,404,'Page Not Found!');
}
// if($_SERVER["REQUEST_METHOD"] != "POST")
// {
// $returnData = new CMsg(0,404,'Page Not Found!');
// echo $returnData->jsonarray();
// return;
// }
// CHECKING EMPTY FIELDS
elseif(
!isset($data->qr_id)
if(
!isset($data->email)
|| !isset($data->password)
|| empty(trim($data->qr_id))
|| empty(trim($data->email))
|| empty(trim($data->password))
)
{
$fields = ['fields' => ['qr_id','password']];
$fields = ['fields' => ['email','password']];
$returnData = new CMsg(0,422,'Please Fill in all Required Fields!',$fields);
echo $returnData->jsonarray();
return;
}
// IF THERE ARE NO EMPTY FIELDS THEN-
else
{
$qr_id = trim($data->qr_id);
$password = trim($data->password);
// IF PASSWORD IS LESS THAN 8 THE SHOW THE ERROR
if(strlen($password) < 8)
// IF THERE ARE NO EMPTY FIELDS THEN-
$email = trim($data->email);
$password = trim($data->password);
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$returnData = new CMsg(0, 422, 'Invalid Email Address!');
echo $returnData->jsonarray();
return;
}
// IF PASSWORD IS LESS THAN 8 THE SHOW THE ERROR
if(strlen($password) < 8)
{
$returnData = new CMsg(0,422,'Your password must be at least 8 characters long!');
echo $returnData->jsonarray();
return;
}
// THE USER IS ABLE TO PERFORM THE LOGIN ACTION
try
{
$fetch_user_by_email = "SELECT id, qr_id, email, password FROM `dogs` WHERE `email`=:email";
$query_stmt = $conn->prepare($fetch_user_by_email);
$query_stmt->bindValue(':email', $email,PDO::PARAM_STR);
$query_stmt->execute();
// IF THE USER IS FOUNDED BY EMAIL
if($query_stmt->rowCount())
{
$returnData = new CMsg(0,422,'Your password must be at least 8 characters long!');
$row = $query_stmt->fetch(PDO::FETCH_ASSOC);
$check_password = password_verify($password, $row['password']);
// $check_password = $password == $row['password'];
// VERIFYING THE PASSWORD (IS CORRECT OR NOT?)
// IF PASSWORD IS CORRECT THEN SEND THE LOGIN TOKEN
if ($check_password)
{
// $jwt = new JwtHandler();
$user = new CUser( $row['id'],
$row['qr_id'],
$row['email']
);
$_SESSION['user'] = $user;
$returnData = new CMsg(
1,
200,
'You have successfully logged in.',
$fields,
$user);
}
// IF INVALID PASSWORD
else
{
$returnData = new CMsg(0,422,'Invalid Password!');
}
// IF THE USER IS NOT FOUNDED BY EMAIL THEN SHOW THE FOLLOWING ERROR
}
// THE USER IS ABLE TO PERFORM THE LOGIN ACTION
else
{
try{
$fetch_user_by_qrid = "SELECT id, name, qr_id, email FROM `dogs` WHERE `qr_id`=:qr_id";
$query_stmt = $conn->prepare($fetch_user_by_qrid);
$query_stmt->bindValue(':qr_id', $qr_id,PDO::PARAM_STR);
$query_stmt->execute();
// IF THE USER IS FOUNDED BY EMAIL
if($query_stmt->rowCount())
{
$row = $query_stmt->fetch(PDO::FETCH_ASSOC);
$check_password = password_verify($password, $row['password']);
// VERIFYING THE PASSWORD (IS CORRECT OR NOT?)
// IF PASSWORD IS CORRECT THEN SEND THE LOGIN TOKEN
if ($check_password)
{
// $jwt = new JwtHandler();
$user = new CUser( $row['id'],
$row['qr_id'],
$row['email'],
$row['name']
);
$_SESSION['user'] = $user;
$returnData = new CMsg(
1,
200,
'You have successfully logged in.',
$fields,
$user);
}
// IF INVALID PASSWORD
else
{
$returnData = new CMsg(0,422,'Invalid Password!');
}
// IF THE USER IS NOT FOUNDED BY EMAIL THEN SHOW THE FOLLOWING ERROR
}
else
{
$returnData = new CMsg(0,422,'Invalid Email Address!');
}
}
catch(PDOException $e)
{
$returnData = new CMsg(0,500,$e->getMessage());
}
$returnData = new CMsg(0,422,'Invalid Email Address!');
}
}
catch(PDOException $e)
{
$returnData = new CMsg(0,500,$e->getMessage());
}
echo $returnData->jsonarray();
?>
?>

111
php/php-dog/register.php
View File

@ -19,69 +19,90 @@ $returnData = new CMsg(0);
if ($_SERVER["REQUEST_METHOD"] != "POST")
{
$returnData = new CMsg(0, 404, 'Page Not Found!');
echo $returnData->jsonarray();
return;
}
elseif (
!isset($data->qr_id)
|| !isset($data->nachname)
|| !isset($data->email)
if (
!isset($data->email)
|| !isset($data->password)
|| empty(trim($data->vorname))
|| empty(trim($data->nachname))
|| empty(trim($data->email))
|| empty(trim($data->password))
) :
)
{
$fields = ['fields' => ['vorname', 'nachname', 'email', 'password']];
$fields = ['fields' => ['email', 'password']];
$returnData = new CMsg(0, 422, 'Please Fill in all Required Fields!', $fields);
echo $returnData->jsonarray();
return;
}
// IF THERE ARE NO EMPTY FIELDS THEN-
else :
$email = trim($data->email);
$password = trim($data->password);
$vorname = trim($data->vorname);
$nachname = trim($data->nachname);
$email = trim($data->email);
$password = trim($data->password);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) :
$returnData = msg(0, 422, 'Invalid Email Address!');
if (!filter_var($email, FILTER_VALIDATE_EMAIL))
{
$returnData = new CMsg(0, 422, 'Invalid Email Address!');
echo $returnData->jsonarray();
return;
}
elseif (strlen($password) < 8) :
$returnData = new CMsg(0, 422, 'Your password must be at least 8 characters long!');
if (strlen($password) < 8)
{
$returnData = new CMsg(0, 422, 'Your password must be at least 8 characters long!');
echo $returnData->jsonarray();
return;
}
elseif (strlen($nachname) < 3) :
$returnData = new CMsg(0, 422, 'Your name must be at least 3 characters long!');
try
{
$maxtries = 100000; // prevent endless loop, most unlikely
$tries = 0;
else :
try {
$qr_id = random_str(6);
$count = 1;
while($count >= 1 && $tries < $maxtries)
{
$qr_id = random_str(6);
$check_email = "SELECT `email` FROM `users` WHERE `email`=:email";
$check_email_stmt = $conn->prepare($check_email);
$check_email_stmt->bindValue(':email', $email, PDO::PARAM_STR);
$check_email_stmt->execute();
$check_qr_id = "SELECT `qr_id` FROM `dogs` WHERE `qr_id`=:qr_id";
$check_qr_id_stmt = $conn->prepare($check_qr_id);
$check_qr_id_stmt->bindValue(':qr_id', $qr_id, PDO::PARAM_STR);
$check_qr_id_stmt->execute();
if ($check_email_stmt->rowCount()) :
$returnData = new CMsg(0, 422, 'This E-mail already in use!');
$count = $check_qr_id_stmt->rowCount();
++$tries;
}
if ($tries >= $maxtries)
{
$result = new CMsg(
0,
507,
'Too many users registered on the server, try it again later');
}
else
{
$insert_query = "INSERT INTO `dogs`(`qr_id`,`email`,`password`) VALUES(:qr_id,:email,:password)";
else :
$insert_query = "INSERT INTO `users`(`vorname`,`nachname`,`email`,`password`) VALUES(:vorname,:nachname,:email,:password)";
$insert_stmt = $conn->prepare($insert_query);
$insert_stmt = $conn->prepare($insert_query);
// DATA BINDING
$insert_stmt->bindValue(':qr_id', htmlspecialchars(strip_tags($qr_id)), PDO::PARAM_STR);
$insert_stmt->bindValue(':email', $email, PDO::PARAM_STR);
// $insert_stmt->bindValue(':password', $password, PDO::PARAM_STR);
$insert_stmt->bindValue(':password', password_hash($password, PASSWORD_DEFAULT), PDO::PARAM_STR);
// DATA BINDING
$insert_stmt->bindValue(':vorname', htmlspecialchars(strip_tags($vorname)), PDO::PARAM_STR);
$insert_stmt->bindValue(':nachname', htmlspecialchars(strip_tags($nachname)), PDO::PARAM_STR);
$insert_stmt->bindValue(':email', $email, PDO::PARAM_STR);
$insert_stmt->bindValue(':password', password_hash($password, PASSWORD_DEFAULT), PDO::PARAM_STR);
$insert_stmt->execute();
$insert_stmt->execute();
$returnData = new CMsg(1, 201, 'You have successfully registered.');
}
$returnData = new CMsg(1, 201, 'You have successfully registered.');
endif;
} catch (PDOException $e) {
$returnData = new CMsg(0, 500, $e->getMessage());
}
endif;
endif;
}
catch (PDOException $e)
{
$returnData = new CMsg(0, 500, $e->getMessage());
}
echo $returnData->jsonarray();
?>
?>

2
php/php-dog/upload.php
View File

@ -41,7 +41,7 @@ if(!in_array($fileType, $allowTypes))
}
$newFilename = getNewFilename($targetDir, $fileType, 20);
if($newFilename.strlen() == 0)
if(strlen($newFilename) == 0)
{
$result = new CMsg(
0,