commit 3e71e110537592f5d6e5c3f90f168dbbf3b5349f
parent 3b41601274ca3a715ca8036e7e7787bbf72458cb
Author: Gerco van Woudenbergh <[email protected]>
Date: Mon, 12 Jun 2023 13:34:59 +0200
op hoop van zegen
Diffstat:
22 files changed, 309 insertions(+), 257 deletions(-)
diff --git a/Controller/login/login_get.php b/Controller/login/login_get.php
@@ -0,0 +1,3 @@
+<?php
+ $templater = new Lollipop\Template();
+ echo $templater->template("views/login.html", ["msg" => ""]);
+\ No newline at end of file
diff --git a/Controller/login/login_post.php b/Controller/login/login_post.php
@@ -0,0 +1,73 @@
+<?php
+const login = "email";
+const pwd = "password";
+class Login_handler
+{
+ function login():bool{
+ $post_arr = Utils::post_to_array();;
+ $missing_fields = Utils::missing_fields($post_arr , [login, pwd]);
+
+ if(sizeof($missing_fields) > 0){
+ return ($this->authenticate($post_arr));
+ }else{
+ return false;
+ }
+
+ }
+ function authenticate(array $post) : bool
+ //this function return true when user is autheticated uses set_globals to set $_SESSION variables
+ {
+ //create a SQLDatabase class
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
+ //create a Database object class, with the table User
+ $u = $db->get(User::class);
+
+ //check if the email exists in db
+ if(!$u->where($post[login])){
+ //email does not exist
+ return false;
+ }else{
+ if(password_verify($post[pwd], $u->password)){
+ //authenticated -> set $_SESSION variables
+ $this->set_globals($u, $db);
+ return true;
+ } else {
+ //password did not match
+ return false;
+ }
+ }
+ }
+
+ private function set_globals(Lollipop\DatabaseObject $u, Lollipop\SQLDatabase $db)
+ //this function sets Session variables which incluse
+ //email, first_name, last_name and array user_permissions
+ {
+ //start session and set
+ session_start();
+ $u->load($u->primary);
+
+ foreach($u->getData() as $key => $data){
+ if($key != pwd){
+ $_SESSION[$key] = $data;
+ }
+ }
+
+ //get permissions form db and set sessions_permissions
+ $p = $db->all_where(Permission_user::class, array('id_user' => $u->id));
+ foreach($p as $permission){
+ $user_permissions[] = $permission->id;
+ }
+ $_SESSION['user_permissions'] = $user_permissions;
+ }
+}
+function login_handler(){
+ $templater = new Lollipop\Template();
+ $login = new Login_handler();
+
+ if( $login->login()){
+ echo $templater->template("views/dashboard.html", ["email" => $_SESSION["email"]]);
+ }else{
+ echo $templater->template("views/login.html", ["msg" => "<p style=\"color:red;\">Incorrect username or password.</p>"]);
+ }
+}
+?>
+\ No newline at end of file
diff --git a/Controller/user/add_get.php b/Controller/user/add_get.php
@@ -0,0 +1,4 @@
+ <?php
+ $templater = new Lollipop\Template();
+ $template["msg"] = "";
+ echo $templater->template("views/add_user.html", $template);
+\ No newline at end of file
diff --git a/Controller/user/add_post.php b/Controller/user/add_post.php
@@ -0,0 +1,41 @@
+<?php
+function add_user(){
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
+ $u = $db->get(User::class);
+
+ $post_arr = Utils::post_to_array();;
+ $missing_fields = Utils::missing_fields($post_arr , $u->not_nullable);
+
+ if(sizeof($missing_fields) > 0)
+ return $missing_fields;
+
+ if($u->load($post_arr[$u->get_primary()])){
+ return ["msg" => "<p style=\"color:red;\">this email address is already taken: {$post_arr[$u->get_primary()]} </p>"];
+ }else{
+ if($post_arr["password"]){
+ $post_arr["password"] = password_hash($post_arr["password"], PASSWORD_DEFAULT);
+ }
+ foreach($u->column_names as $col){
+ if($post_arr[$col] != ""){
+ $u->$col = $post_arr[$col];
+ }
+ }
+ if($u->add())
+ return ["msg" => "<p style=\"color:green;\">succes</p>"];
+ else
+ return ["msg" => "<p style=\"color:red;\">could not add user to database</p>"];
+ }
+}
+
+
+$templater = new Lollipop\Template();
+$response = add_user();
+
+if(!array_key_exists("msg", $response)){
+ $newArray = ["msg" => ""];
+ array_push($newArray, $response);
+}
+
+echo $templater->template("views/add_user.html", $response);
+
+
diff --git a/LICENSE b/LICENSE
@@ -1,17 +0,0 @@
-Copyright (c) 2023 Friedel Schön and Gerco van Woudenbergh
-
-This software is provided 'as-is', without any express or implied
-warranty. In no event will the authors be held liable for any damages
-arising from the use of this software.
-
-Permission is granted to anyone to use this software for any purpose,
-including commercial applications, and to alter it and redistribute it
-freely, subject to the following restrictions:
-
-1. The origin of this software must not be misrepresented; you must not
- claim that you wrote the original software. If you use this software
- in a product, an acknowledgment in the product documentation would be
- appreciated but is not required.
-2. Altered source versions must be plainly marked as such, and must not be
- misrepresented as being the original software.
-3. This notice may not be removed or altered from any source distribution.
diff --git a/Lollipop/DatabaseObject.php b/Lollipop/DatabaseObject.php
@@ -17,6 +17,7 @@ namespace Lollipop {
$this->db = $db;
$this->primary = $this->get_primary();
$this->table = $this->get_table();
+ $this->notNullable();
}
abstract static function get_primary(): string;
@@ -165,5 +166,32 @@ namespace Lollipop {
{
return $this->data;
}
+ private function notNullable(){
+ //non-auto-increment not-nullable collumn names query
+ $not_null = [];
+ $col_names = [];
+ $sql = " SELECT column_name, is_nullable, extra
+ FROM INFORMATION_SCHEMA.COLUMNS
+ WHERE TABLE_NAME = '{$this->table}'
+ AND TABLE_SCHEMA = 'panda'";
+ $stmt = $this->db->conn->prepare($sql);
+ $stmt->execute();
+ $result = $stmt->get_result();
+
+ if ($result->num_rows == 0) {
+ return false;
+ }
+ while($tmp = $result->fetch_assoc()){
+ if($tmp["is_nullable"] == 'NO'){
+ if($tmp["extra"] == "auto_increment")
+ continue;
+ $not_null[] = $tmp["column_name"];
+ }
+ $col_names[] = $tmp["column_name"];
+ }
+ $this->data["not_nullable"] = $not_null;
+ $this->data["column_names"] = $col_names;
+ return true;
+ }
}
}
\ No newline at end of file
diff --git a/Model/Login_handler.php b/Model/Login_handler.php
@@ -1,20 +1,33 @@
<?php
+const login = "email";
+const pwd = "password";
class Login_handler
{
- function login(string $email, string $pwd) : bool
+ function login():bool{
+ $post_arr = Utils::post_to_array();;
+ $missing_fields = Utils::missing_fields($post_arr , [login, pwd]);
+
+ if(sizeof($missing_fields) > 0){
+ return ($this->authenticate($post_arr));
+ }else{
+ return false;
+ }
+
+ }
+ function authenticate(array $post) : bool
//this function return true when user is autheticated uses set_globals to set $_SESSION variables
{
//create a SQLDatabase class
- $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "lollipop");
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
//create a Database object class, with the table User
- $u = $db->get(Model\User::class);
+ $u = $db->get(User::class);
//check if the email exists in db
- if(!$u->where('email', $email)){
+ if(!$u->where($post[login])){
//email does not exist
return false;
}else{
- if(password_verify($pwd, $u->pwd)){
+ if(password_verify($post[pwd], $u->password)){
//authenticated -> set $_SESSION variables
$this->set_globals($u, $db);
return true;
@@ -31,12 +44,16 @@ class Login_handler
{
//start session and set
session_start();
- $_SESSION['email'] = $u->email;
- $_SESSION['first_name'] = $u->fname;
- $_SESSION['last_name'] = $u->lname;
+ $u->load($u->primary);
+
+ foreach($u->getData() as $key => $data){
+ if($key != pwd){
+ $_SESSION[$key] = $data;
+ }
+ }
//get permissions form db and set sessions_permissions
- $p = $db->all_where(Model\Permission_user::class, array('email' => $u->email));
+ $p = $db->all_where(Permission_user::class, array('id_user' => $u->id));
foreach($p as $permission){
$user_permissions[] = $permission->id;
}
diff --git a/Model/Utils.php b/Model/Utils.php
@@ -0,0 +1,35 @@
+<?php
+Class Utils{
+ static function post_to_array():array{
+ $arr = [];
+ foreach ($_POST as $key => $value) {
+ $arr[$key] = $value;
+ }
+ return $arr;
+ }
+
+ static function missing_fields($post, $not_nullable){
+ $missing = [];
+ foreach($not_nullable as $column){
+ if($post[$column] == NULL || $post[$column] == ""){
+ $missing[$column] = "This field cannot be empty!";
+ }
+ }
+ return $missing;
+ }
+
+ function create_permission_radials():string{
+ $db = new Lollipop\SQLDatabase("86.92.67.21", "friedel", "hailiwa", "panda");
+ //select the available permissions from the database
+ $all_p = $db->all(Permissions::class);
+ $radials = "";
+ foreach($all_p as $db_permission){
+ $radials .= "<div class=\"mb-3 form-check\">
+ <input type=\"checkbox\" class=\"form-check-input\" name=\"permissions[]\" value=" . $db_permission->id . "\">
+ <input type='hidden' value='-1' name='{$db_permission->name}'>
+ <label class=\"form-check-label\" for=" . $db_permission->name . ">" . $db_permission->name . "</label>
+ </div> ";
+ }
+ return $radials;
+ }
+}
+\ No newline at end of file
diff --git a/README.md b/README.md
@@ -1,9 +0,0 @@
-# `LOLLIPOP.php`
-
-> Lollipop is een PHP component-system :lollipop:
-
-ADMIN PASSWORD IS:
-
-| user | password |
-| -------------- | -------- |
-| `[email protected]` | `test` |
diff --git a/backup.php b/backup.php
@@ -1,34 +0,0 @@
-if($email == $row['email'] && password_verify($pwd, $row['wachtwoord'])) {
-session_start();
-$_SESSION['email'] = $row['email'];
-mysqli_data_seek($result, 0);
-$permissions = array();
-$permissions_names = array();
-while($row = mysqli_fetch_assoc($result)){
-array_push($permissions, $row['permissie_id']);
-array_push($permissions_names, $row['permissie_naam']);
-}
-$_SESSION['permissions'] = $permissions;
-$_SESSION['permissions_names'] = $permissions_names;
-foreach($_SESSION['permissions'] as $bullshit){
-echo $bullshit . "<br>";
-
-
-// verification logic and $_SESSION start
-if(count($row = $result->fetch_assoc()) > 0){
-
-header('Location: dashboard.php');
-} else {
-echo '<p style="color:red">Invalid username or password.</p>';
-}
-} else {
-echo '<p style="color:red">Invalid username or password.</p>';
-}
-
-//Excecuting a sql statement for all the user permissions
-foreach($permissions as $perm){
-$sql = "INSERT INTO medewerkers_permissie (email, permissie_id) VALUES (?, ?);";
-$stmt= $conn->prepare($sql);
-$stmt->bind_param("si", $email, $perm);
-$stmt->execute();
-}
-\ No newline at end of file
diff --git a/controller.php b/controller.php
@@ -1,11 +0,0 @@
-<?php
-include "Template.php";
-$uri = "template_test.html";
-$data = array( "<p> <h1>Het werkt</h1> </p>",
- "<p> <h1>Het werkt</h1> </p>",
- "<p> <h1>Het werkt</h1> </p>");
-
-$template = new Lollipop\Template;
-$html = $template->template($uri, $data);
-echo $html;
-?>
-\ No newline at end of file
diff --git a/form.html b/form.html
@@ -1,24 +0,0 @@
-<html lang="nl">
-<head>
- <meta charset="UTF-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
- <title>Awesome Form</title>
-</head>
-<body>
-
-<h1>Awesome form</h1>
-
-<form action="formtest.php" method="post">
- <p>
- <b>Naam:</b> <input type="text" name="naam" id="naam" placeholder="Naam komt hier">
- <b>Email:</b> <input type="text" name="email" id="email" placeholder="E-mailadres">
- <b>Formulier</b> <input type="file" name="bestand">
- </p>
-
- <p><input type="submit" name="submit" value="Ga los!"></p>
-
-</form>
-
-</body>
-</html>
diff --git a/formtest.php b/formtest.php
@@ -1,11 +0,0 @@
-<?php
-if ($_SERVER["REQUEST_METHOD"] == "POST") {
- // collect value of input field
- $name = $_POST['naam'];
- if (empty($name)) {
- echo "Name is empty";
- } else {
- echo $name;
- }
-}
-?>
-\ No newline at end of file
diff --git a/index.php b/index.php
@@ -1,9 +1,22 @@
<?php
require_once "utils/autoloader.php";
+include "Controller/login/login_post.php";
$router = new Lollipop\Router();
+//login
+$router->addRoute(["GET"], "/", "Controller/login/login_get.php");
+$router->addRoute(["POST"], "/login", function($vars){
+ login_handler();
+});
+
+//user
+//add
+$router->addRoute(["GET"], "/user/add", "Controller/user/add_get.php");
+$router->addRoute(["POST"], "/user/add", "Controller/user/add_post.php");
+$router->route();
+/*
$router->addRoute(["GET", "POST"], "/user/:email/update", "views/alter_user.php");
$router->addRoute(["GET", "POST"], "/user/:email/crud", "views/crud_user.php");
$router->addRoute(["GET", "POST"], "/user/search", "views/search_user.php");
@@ -24,5 +37,4 @@ $router->addRoute(["GET"], "/user/add", function($vars) {
echo $t->template("views/add_user.html", $vars);
});
$router->addRoute(["POST"], "/user/add", "logic/add_user_post.php");
-
-$router->route();
-\ No newline at end of file
+*/
+\ No newline at end of file
diff --git a/template.php b/template.php
@@ -1,6 +0,0 @@
-<?php
-
-include_once "Lollipop/Template.php";
-
-$t = new Lollipop\Template;
-echo $t->template("template_test.html", [ "hello" => "world" ]);
diff --git a/template_test.html b/template_test.html
@@ -1,9 +0,0 @@
-<<<<<<< HEAD
-{{ name "value" !set }}
-
-{{ "test_include.php" !include }}
-
-{{ "hello_foo()" !eval "- Mayor Monogram" !cat }}
-=======
-data: {{ 3 3 !add }}
->>>>>>> origin/views
diff --git a/test_include.php b/test_include.php
@@ -1,5 +0,0 @@
-<?php
-
-function hello_foo() {
- return "HELLO FOO";
-}
-\ No newline at end of file
diff --git a/views/add_user.html b/views/add_user.html
@@ -1,36 +1,35 @@
<!DOCTYPE html>
<html lang="eng">
-<head>
- <title>Add user</title>
- <!-- Bootstrap CSS -->
- <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
-</head>
-<body>
- <div class="container">
- <h1>Add user</h1>
+ <head>
+ <title>Add user</title>
+ <!-- Bootstrap CSS -->
+ <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
+ <link rel="stylesheet" type="text/css" href="/css/homepage.css">
+ </head>
+ <body>
+ <div class="container">
+ <h1>Add user</h1>
- <form action="/user/add" method="post">
- <div class="mb-3">
- <label for="voornaam" class="form-label"><b>Voornaam:</b></label>
- <input type="text" class="form-control" name="voornaam" id="voornaam" placeholder="Voornaam">
- </div>
- <div class="mb-3">
- <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
- <input type="text" class="form-control" name="achternaam" id="achternaam" placeholder="Achternaam">
- </div>
- <div class="mb-3">
- <label for="email" class="form-label"><b>Email:</b></label>
- <input type="text" class="form-control" name="email" id="email" placeholder="Email">
- </div>
- <div class="mb-3">
- <label for="password" class="form-label"><b>Wachtwoord:</b></label>
- <input type="password" class="form-control" name="password" id="password" placeholder="******">
- </div>
- <p>Please select the user permissions:</p>
- {{ permission_radials }}
- <button type="submit" class="btn btn-primary" name="submit">Add user</button>
- </form>
- </div>
-</body>
-
-</html>
-\ No newline at end of file
+ <form action="/user/add" method="post">
+ <div class="mb-3">
+ <label for="first_name" class="form-label"><b>Voornaam:</b></label>
+ <input type="text" class="form-control" name="first_name" id="first_name" placeholder="{{first_name}}">
+ </div>
+ <div class="mb-3">
+ <label for="achternaam" class="form-label"><b>Achternaam:</b></label>
+ <input type="text" class="form-control" name="last_name" id="achternaam" placeholder="{{last_name}}">
+ </div>
+ <div class="mb-3">
+ <label for="email" class="form-label"><b>Email:</b></label>
+ <input type="text" class="form-control" name="email" id="email" placeholder="{{email}}">
+ </div>
+ <div class="mb-3">
+ <label for="password" class="form-label"><b>Wachtwoord:</b></label>
+ <input type="password" class="form-control" name="password" id="password" placeholder="{{password}}">
+ </div>
+ <button type="submit" class="btn btn-primary" name="submit">Add user</button>
+ </form>
+ {{msg}}
+ </div>
+ </body>
+</html>
diff --git a/views/dashboard.php b/views/dashboard.php
@@ -1,14 +1,8 @@
<html>
<head>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css">
- <?php
- include "navbar.php";
- include "logic/dashboard.php";
- ?>
</head>
<body>
- <!-- make a course overview-->
- <!-- option to apply to course-->
- <!-- overview of grades-->
+ {{email}}
</body>
</html>
\ No newline at end of file
diff --git a/views/login.html b/views/login.html
@@ -0,0 +1,46 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <title>Login Page</title>
+ <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css"
+ integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
+</head>
+<body>
+ <div class="container mx-auto text-center">
+ <div class="row">
+ <div class="col-md-12 title">
+ <h1>Welcome to Lollipop</h1>
+ <h4>Please log in</h4>
+ </div>
+ </div>
+ </div>
+ <div class="container mt-5">
+ <div class="row justify-content-center">
+ <div class="col-md-6">
+ <div class="card">
+ <div class="card-header">Login</div>
+ <div class="card-body">
+ <form method="POST" action="/login">
+ <div class="form-group">
+ <label for="email">Email:</label>
+ <input type="email" class="form-control" id="email" name="email"
+ placeholder="Enter email">
+ </div>
+ <div class="form-group">
+ <label for="password">Password:</label>
+ <input type="password" class="form-control" id="password" name="password"
+ placeholder="Enter password">
+ </div>
+ <button type="submit" name='login_btn' class="btn btn-primary">Login</button>
+ </form>
+ </div>
+ <div class="row justify-content-center">
+ {{msg}}
+ </div>
+ </div>
+ </div>
+ </div>
+ </div>
+</body>
+
+</html>
+\ No newline at end of file
diff --git a/weerdata.css b/weerdata.css
@@ -1,8 +0,0 @@
-table {
- border-collapse: collapse;
- }
-
- table, th, td {
- border: 1px solid black;
- }
-
-\ No newline at end of file
diff --git a/weerdata.php b/weerdata.php
@@ -1,64 +0,0 @@
-<?php
-$servername = "86.92.67.21";
-$username = "friedel";
-$password = "koffiemetzuiker";
-$dbname = "wap2";
-
-// Create connection
-$conn = mysqli_connect($servername, $username, $password, $dbname);
-// Check connection
-if (!$conn) {
- die("Connection failed: " . mysqli_connect_error());
-}
-
-$sql = "SELECT * FROM weerdata";
-$result = mysqli_query($conn, $sql);
-
-if (mysqli_num_rows($result) > 0) {
- // output data of each row
- echo"
- <head> <link rel=\"stylesheet\" type=\"text/css\" href=\"weerdata.css\"> </head>
- <table>" .
- " <tr>
- <th> data id </th>
- <th> station naam </th>
- <th> datum & tijd </th>
- <th> gevalideerd </th>
- <th> temp </th>
- <th> dauwpunt </th>
- <th> luchtdruk zeeniveau </th>
- <th> luchtdruk stationniveau </th>
- <th> zichtbaarheid </th>
- <th> windsnelheid </th>
- <th> neerslag </th>
- <th> sneeuwdiepte </th>
- <th> gebeurtenissen </th>
- <th> bewolking </th>
- <th> windrichting </th>
- </tr>";
- while($row = mysqli_fetch_assoc($result)) {
- echo"<tr>" .
- "<td>" . $row["data_id"]. "</td>" .
- "<td>" . $row["station_name"] . "</td>" .
- "<td>" . $row["datum_tijd"]. "</td>" .
- "<td>" . $row["gevalideerd"]. "</td>" .
- "<td>" . $row["temp"]. "</td>" .
- "<td>" . $row["dauwpunt"]. "</td>" .
- "<td>" . $row["ldrk_znv"]. "</td>" .
- "<td>" . $row["ldrk_station"]. "</td>" .
- "<td>" . $row["zichtbaarheid"]. "</td>" .
- "<td>" . $row["windsnelheid"]. "</td>" .
- "<td>" . $row["neerslag"]. "</td>" .
- "<td>" . $row["sneeuwdpt"]. "</td>" .
- "<td>" . $row["gebeurtenissen"]. "</td>" .
- "<td>" . $row["bewolking"]. "</td>" .
- "<td>" . $row["windrichting"]. "</td>" .
- "</tr>";
- }
- echo"</table>";
-} else {
- echo "0 results";
-}
-
-mysqli_close($conn);
-?>
-\ No newline at end of file
