iwa-panda1

commit e6f03bc549ff03bcde2ad2fedba79ca781ac137d
parent 2ef417b7b6a46955294404035e16c56da2bd7d1c
Author: Friedel Schon <[email protected]>
Date:   Tue,  4 Apr 2023 12:47:48 +0200

alter user

Diffstat:
A
alteruser.php
 | 
153
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

1 file changed, 153 insertions(+), 0 deletions(-)
diff --git a/alteruser.php b/alteruser.php
@@ -0,0 +1,152 @@
+<!DOCTYPE html>
+<html lang="nl">
+
+<head>
+	<title>User toevoegen</title>
+	<!-- Bootstrap CSS -->
+	<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+</head>
+<?php
+include "navbar.php";
+if (!in_array(1, $_SESSION['permissions'])) {
+	header('Location: dashboard.php');
+	exit;
+}
+?>
+
+<body>
+	<div class="container">
+		<h1>User toevoegen</h1>
+
+		<form action="crud_user.php" method="post">
+			<div class="mb-3">
+				<label for="voornaam" class="form-label"><b>Voornaam:</b></label>
+				<input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
+			</div>
+			<div class="mb-3">
+				<label for="achternaam" class="form-label"><b>Achternaam:</b></label>
+				<input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
+			</div>
+			<div class="mb-3">
+				<label for="email" class="form-label"><b>Email:</b></label>
+				<input type="text" class="form-control" name="email" id="email" placeholder="Email">
+			</div>
+			<div class="mb-3">
+				<label for="password" class="form-label"><b>Wachtwoord:</b></label>
+				<input type="password" class="form-control" name="password" id="password" placeholder="******">
+			</div>
+			<p>Please select the user permissions:</p>
+			<div class="mb-3 form-check">
+				<input type="checkbox" class="form-check-input" id="Admin" name="permissions[]" value="1">
+				<label class="form-check-label" for="Admin">Admin</label>
+			</div>
+			<div class="mb-3 form-check">
+				<input type="checkbox" class="form-check-input" id="Administratief medewerker" name="permissions[]"
+					value="2">
+				<label class="form-check-label" for="Administratief medewerker">Administratief medewerker</label>
+			</div>
+			<div class="mb-3 form-check">
+				<input type="checkbox" class="form-check-input" id="Wetenschappelijk medewerker" name="permissions[]"
+					value="3">
+				<label class="form-check-label" for="Wetenschappelijk medewerker">Wetenschappelijk medewerker</label>
+			</div>
+			<button type="submit" class="btn btn-primary" name="submit">Voeg toe</button>
+		</form>
+	</div>
+	<?php
+	$servername = "86.92.67.21";
+	$username = "friedel";
+	$password = "hailiwa";
+	$dbname = "wap2";
+	// Create connection
+	$conn = mysqli_connect($servername, $username, $password, $dbname);
+	// Check connection
+	if (!$conn) {
+		die("Connection failed: " . mysqli_connect_error());
+	}
+
+	if ($_SERVER["REQUEST_METHOD"] == "POST") {
+		$errors = array(); // initialize an empty array to store errors
+	
+		// Check if voornaam is set and not empty
+		if (isset($_POST['voornaam']) && !empty($_POST['voornaam'])) {
+			$fname = $_POST['voornaam'];
+		} else {
+			$errors[] = "Voornaam is required";
+		}
+
+		// Check if achternaam is set and not empty
+		if (isset($_POST['achternaam']) && !empty($_POST['achternaam'])) {
+			$lname = $_POST['achternaam'];
+		} else {
+			$errors[] = "Achternaam is required";
+		}
+
+		// Check if email is set and not empty
+		if (isset($_POST['email']) && !empty($_POST['email'])) {
+			$email = $_POST['email'];
+		} else {
+			$errors[] = "E-mail is required";
+		}
+
+		// Check if password is set and not empty
+		if (isset($_POST['password']) && !empty($_POST['password'])) {
+			$password = $_POST['password'];
+		} else {
+			$password = null;
+		}
+
+		// Check if permissions is set
+		if (isset($_POST['permissions'])) {
+			$permissions = $_POST['permissions'];
+		} else {
+			$errors[] = "Permissies zijn vereist";
+		}
+
+		// Check if there are any errors
+		if (count($errors) > 0) {
+			// Print out the errors
+			foreach ($errors as $error) {
+				echo $error . "<br>";
+			}
+		} else {
+			// Pass the password through a hashing function
+	
+			// Making a sql statement to add user to the database, preparing it and excuting 
+			$sql = "UPDATE medewerkers 
+					SET voornaam = ?, achternaam = ?
+					WHERE email = ?";
+			$stmt = $conn->prepare($sql);
+			$stmt->bind_param("sss", $fname, $lname, $email);
+			$stmt->execute();
+
+			if ($password) {
+				$hash = password_hash($password, PASSWORD_DEFAULT);
+				$sql = "UPDATE medewerkers 
+				SET wachtwoord = ?
+				WHERE email = ?";
+				$stmt = $conn->prepare($sql);
+				$stmt->bind_param("ss", $hash, $email);
+				$stmt->execute();
+			}
+
+			$sql = "DELETE medewerkers WHERE email = ?";
+			$stmt = $conn->prepare($sql);
+			$stmt->bind_param("s", $email);
+			$stmt->execute();
+
+			//Excecuting a sql statement for all the user permissions
+			foreach ($permissions as $perm) {
+				$sql = "INSERT INTO medewerkers_permissie (email, permissie_id) VALUES (?, ?);";
+				$stmt = $conn->prepare($sql);
+				$stmt->bind_param("si", $email, $perm);
+				$stmt->execute();
+			}
+		}
+	}
+	// closing the connection
+	mysqli_close($conn);
+	?>
+</body>
+
+</html>
+\ No newline at end of file