diff --git a/pages/password.php b/pages/password.php deleted file mode 100644 index 464ca2f..0000000 --- a/pages/password.php +++ /dev/null @@ -1,66 +0,0 @@ - array('required' => true, 'regex' => '/.{1,1000}/'), - 'newPassword' => array('required' => true, 'regex' => '/.{1,1000}/'), - 'newPasswordRepeat' => array('required' => true, 'regex' => '/.{1,1000}/') - )); - - if($validator->isValid($_POST)) { - if($_POST['newPasswordRepeat'] == $_POST['newPassword']) { - if(password_verify($_POST['oldPassword'], $_SESSION['PASSWORD'])) { - $hash = password_hash($NewPassword, PASSWORD_ARGON2ID); - $statement = $RUNTIME['PDO']->prepare('UPDATE auth SET passwordHash = :PasswordHash WHERE UUID = :PrincipalID'); - $statement->execute(['PasswordHash' => $hash, 'PrincipalID' => $_SESSION['UUID']]); - $_SESSION['PASSWORD'] = $hash; - $_SESSION['pw_info'] = 'Neues Passwort gespeichert.'; - } - else { - $_SESION['pw_info'] = 'Das alte Passwort ist nicht richtig!'; - } - } - else { - $_SESSION['pw_info'] = 'Die neuen Passwörter stimmen nicht überein!'; - } - } - else { - $_SESSION['pw_info'] = 'Bitte fülle das Formular vollständig aus.'; - } - - header('Location: index.php?page=password'); - die(); - } - - $HTML->setHTMLTitle("Passwort ändern"); - $HTML->importSeitenInhalt("profile.html"); - - include 'app/OpenSim.php'; - $opensim = new OpenSim(); - - $PartnerName = ""; - $PartnerUUID = $opensim->getPartner($_SESSION['UUID']); - if($PartnerUUID != null)$PartnerName = $opensim->getUserName($PartnerUUID); - - $HTML->ReplaceSeitenInhalt("%%offlineIMSTATE%%", ' '); - $HTML->ReplaceSeitenInhalt("%%firstname%%", htmlspecialchars($_SESSION['FIRSTNAME'])); - $HTML->ReplaceSeitenInhalt("%%lastname%%", htmlspecialchars($_SESSION['LASTNAME'])); - $HTML->ReplaceSeitenInhalt("%%partner%%", htmlspecialchars($PartnerName)); - $HTML->ReplaceSeitenInhalt("%%email%%", htmlspecialchars($opensim->getUserMail($_SESSION['UUID']))); - $HTML->ReplaceSeitenInhalt("%%listAllResidentsAsJSArray%%", ""); - - $pwInfo = ''; - if(isset($_SESSION['pw_info'])) { - $pwInfo = $_SESSION['pw_info']; - unset($_SESSION['pw_info']); - } - $HTML->ReplaceSeitenInhalt("%%INFOMESSAGE%%", $pwInfo); - - $HTML->build(); - echo $HTML->ausgabe(); -?> \ No newline at end of file diff --git a/pages/profile.php b/pages/profile.php index c4088e7..a08b944 100644 --- a/pages/profile.php +++ b/pages/profile.php @@ -28,7 +28,7 @@ 'formInputFeldVorname' => array('regex' => '/[^\\/<>\s]{1,64}/'), 'formInputFeldNachname' => array('regex' => '/[^\\/<>\s]{1,64}/'), 'formInputFeldEMail' => array('regex' => '/\S{1,64}@\S{1,250}.\S{2,64}/'), - 'formInputFeldOfflineIM' => array('regex' => '(|on)'), + 'formInputFeldOfflineIM' => array('regex' => '/(|on)/'), 'formInputFeldPartnerName' => array('regex' => '/[^\\/<>\s]{1,64} [^\\/<>\s]{1,64}/') )); @@ -78,15 +78,13 @@ $statement = $RUNTIME['PDO']->prepare('UPDATE usersettings SET imviaemail = :IMState WHERE useruuid = :PrincipalID'); $statement->execute(['IMState' => 'false', 'PrincipalID' => $_SESSION['UUID']]); } - - include 'app/OpenSim.php'; - $opensim = new OpenSim(); - + if(isset($_POST['formInputFeldPartnerName']) && $_POST['formInputFeldPartnerName'] != "") { $NewPartner = trim($_POST['formInputFeldPartnerName']); $CurrentPartner = $opensim->getPartner($_SESSION['UUID']); - if($CurrentPartner != "")$CurrentPartner = $opensim->getUserName($CurrentPartner); + include_once 'app/OpenSim.php'; + if($CurrentPartner != "")$CurrentPartner = (new OpenSim())->getUserName($CurrentPartner); if($NewPartner != "" && $CurrentPartner != $NewPartner) { $newPartnerUUID = $opensim->getUserUUID($NewPartner); @@ -103,7 +101,32 @@ } } else if(isset($_POST['savePassword'])) { - + $validator = new FormValidator(array( + 'oldPassword' => array('required' => true, 'regex' => '/.{1,1000}/'), + 'newPassword' => array('required' => true, 'regex' => '/.{1,1000}/'), + 'newPasswordRepeat' => array('required' => true, 'regex' => '/.{1,1000}/') + )); + + if($validator->isValid($_POST)) { + if($_POST['newPasswordRepeat'] == $_POST['newPassword']) { + if(password_verify($_POST['oldPassword'], $_SESSION['PASSWORD'])) { + $hash = password_hash($NewPassword, PASSWORD_ARGON2ID); + $statement = $RUNTIME['PDO']->prepare('UPDATE auth SET passwordHash = :PasswordHash WHERE UUID = :PrincipalID'); + $statement->execute(['PasswordHash' => $hash, 'PrincipalID' => $_SESSION['UUID']]); + $_SESSION['PASSWORD'] = $hash; + $_SESSION['profile_info'] = 'Neues Passwort gespeichert.'; + } + else { + $_SESSION['profile_info'] = 'Das alte Passwort ist nicht richtig!'; + } + } + else { + $_SESSION['profile_info'] = 'Die neuen Passwörter stimmen nicht überein!'; + } + } + else { + $_SESSION['profile_info'] = 'Bitte fülle das Formular vollständig aus.'; + } } header('Location: index.php?page=profile'); @@ -137,6 +160,9 @@ $allUsers .= '," "'; + include_once 'app/OpenSim.php'; + $opensim = new OpenSim(); + $PartnerUUID = $opensim->getPartner($_SESSION['UUID']); $PartnerName = ""; @@ -150,7 +176,14 @@ $HTML->ReplaceSeitenInhalt("%%partner%%", htmlspecialchars($PartnerName)); $HTML->ReplaceSeitenInhalt("%%email%%", htmlspecialchars($opensim->getUserMail($_SESSION['UUID']))); $HTML->ReplaceSeitenInhalt("%%listAllResidentsAsJSArray%%", ""); - $HTML->ReplaceSeitenInhalt("%%INFOMESSAGE%%", ' '); + + $profileInfo = ''; + if(isset($_SESSION['profile_info'])) { + $profileInfo = $_SESSION['profile_info']; + unset($_SESSION['profile_info']); + } + $HTML->ReplaceSeitenInhalt("%%INFOMESSAGE%%", $profileInfo); + $HTML->ReplaceSeitenInhalt("%%IARINFOMESSAGE%%", ' '); $HTML->ReplaceSeitenInhalt("%%IARBUTTONSTATE%%", ''); diff --git a/templates/passwort.html b/templates/passwort.html deleted file mode 100644 index 3248f22..0000000 --- a/templates/passwort.html +++ /dev/null @@ -1,42 +0,0 @@ -
%%INFOMESSAGE%%
- -
-
-
-
- - -
-
- -
-
- - -
-
- - -
-
- - -
-
- - -
-
-
-
-
- -
-
- %%CSRF%% - -
-
- -
-
\ No newline at end of file