Merge pull request 'Vor und Nachname separat speichern sowie Profilbearbeitung' (#18) from Profilbearbeitung into dev
Reviewed-on: #18
This commit was merged in pull request #18.
This commit is contained in:
@@ -18,7 +18,12 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
|
||||
|
||||
if ($user && password_verify($password, $user["password"])) {
|
||||
|
||||
$_SESSION["user"] = $user["username"];
|
||||
if (isset($user["vorname"]) && isset($user["nachname"])) {
|
||||
$_SESSION["user"] = $user["vorname"] . " " . $user["nachname"];
|
||||
} else {
|
||||
$_SESSION["user"] = $user["username"] ?? "";
|
||||
}
|
||||
|
||||
$_SESSION["user_email"] = $user["email"];
|
||||
|
||||
header("Location: index.php");
|
||||
@@ -27,4 +32,4 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
|
||||
} else {
|
||||
$error = "Login fehlgeschlagen. Bitte überprüfe deine Eingaben.";
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -4,28 +4,106 @@ require_once "php/model/LocalUserDAO.php";
|
||||
require_once 'php/model/Article.php';
|
||||
require_once 'php/model/ArticleManager.php';
|
||||
|
||||
$error = null;
|
||||
|
||||
if (!isset($_SESSION["user"])) {
|
||||
header("Location: index.php?pfad=login");
|
||||
exit();
|
||||
}
|
||||
|
||||
try {
|
||||
$dao = new LocalUserDAO();
|
||||
$user = $dao->findUser($_SESSION["user_email"] ?? "");
|
||||
$articleManager = ArticleManager::getInstance();
|
||||
$userArticles = $articleManager->getArticlesByAuthor($_SESSION["user_email"]);
|
||||
if(!isset($userArticles)) {
|
||||
$_SESSION["message"] = "user_has_no_articles";
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
$_SESSION["message"] = "internal_error";
|
||||
exit();
|
||||
/*
|
||||
* Prüft Vor- und Nachnamen.
|
||||
* Erlaubt sind Buchstaben, Umlaute, Leerzeichen und Bindestriche.
|
||||
*/
|
||||
function isValidName($name): bool {
|
||||
return preg_match("/^[a-zA-ZäöüÄÖÜß -]{2,50}$/", $name);
|
||||
}
|
||||
|
||||
if (!$user) {
|
||||
$_SESSION = [];
|
||||
session_destroy();
|
||||
/*
|
||||
* Prüft, ob die E-Mail-Adresse ein gültiges Format hat.
|
||||
*/
|
||||
function isValidEmailAddress($email): bool {
|
||||
return filter_var($email, FILTER_VALIDATE_EMAIL) !== false
|
||||
&& strlen($email) <= 100;
|
||||
}
|
||||
|
||||
header("Location: index.php?pfad=login");
|
||||
exit();
|
||||
/*
|
||||
* Prüft das neue Passwort.
|
||||
* Leeres Passwort ist erlaubt, wenn der Nutzer es nicht ändern möchte.
|
||||
*/
|
||||
function isValidProfilePassword($password): bool {
|
||||
if ($password === "") {
|
||||
return true;
|
||||
}
|
||||
|
||||
return strlen($password) >= 8 && strlen($password) <= 72;
|
||||
}
|
||||
|
||||
try {
|
||||
$dao = new LocalUserDAO();
|
||||
|
||||
$user = $dao->findUser($_SESSION["user_email"] ?? "");
|
||||
|
||||
if (!$user) {
|
||||
$_SESSION = [];
|
||||
session_destroy();
|
||||
|
||||
header("Location: index.php?pfad=login");
|
||||
exit();
|
||||
}
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["saveProfile"])) {
|
||||
$oldEmail = $_SESSION["user_email"];
|
||||
|
||||
$newEmail = trim($_POST["email"] ?? "");
|
||||
$vorname = trim($_POST["vorname"] ?? "");
|
||||
$nachname = trim($_POST["nachname"] ?? "");
|
||||
$password = $_POST["password"] ?? "";
|
||||
|
||||
if (!isValidName($vorname)) {
|
||||
$error = "Der Vorname darf nur Buchstaben, Leerzeichen und Bindestriche enthalten und muss 2 bis 50 Zeichen lang sein.";
|
||||
} elseif (!isValidName($nachname)) {
|
||||
$error = "Der Nachname darf nur Buchstaben, Leerzeichen und Bindestriche enthalten und muss 2 bis 50 Zeichen lang sein.";
|
||||
} elseif (!isValidEmailAddress($newEmail)) {
|
||||
$error = "Bitte gib eine gültige E-Mail-Adresse ein.";
|
||||
} elseif (!isValidProfilePassword($password)) {
|
||||
$error = "Das Passwort muss mindestens 8 Zeichen lang sein.";
|
||||
} else {
|
||||
$existingUser = $dao->findUser($newEmail);
|
||||
|
||||
if ($existingUser && $newEmail !== $oldEmail) {
|
||||
$error = "Diese E-Mail-Adresse wird bereits verwendet.";
|
||||
} else {
|
||||
$updated = $dao->updateUser(
|
||||
$oldEmail,
|
||||
$newEmail,
|
||||
$vorname,
|
||||
$nachname,
|
||||
$password
|
||||
);
|
||||
|
||||
if ($updated) {
|
||||
$_SESSION["user"] = $vorname . " " . $nachname;
|
||||
$_SESSION["user_email"] = $newEmail;
|
||||
|
||||
header("Location: index.php?pfad=profile");
|
||||
exit();
|
||||
} else {
|
||||
$error = "Die Daten konnten nicht gespeichert werden.";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$user = $dao->findUser($_SESSION["user_email"] ?? "");
|
||||
|
||||
$articleManager = ArticleManager::getInstance();
|
||||
$userArticles = $articleManager->getArticlesByAuthor($_SESSION["user_email"]);
|
||||
|
||||
if (!isset($userArticles)) {
|
||||
$_SESSION["message"] = "user_has_no_articles";
|
||||
}
|
||||
|
||||
} catch (Exception $e) {
|
||||
$_SESSION["message"] = "internal_error";
|
||||
}
|
||||
@@ -5,10 +5,6 @@ require_once "php/model/LocalUserDAO.php";
|
||||
$dao = new LocalUserDAO();
|
||||
$error = null;
|
||||
|
||||
/*
|
||||
Verarbeitung des Registrierungs-Formulars
|
||||
Funktion: Erstellt neuen Benutzer und speichert ihn im DAO + Session
|
||||
*/
|
||||
if ($_SERVER["REQUEST_METHOD"] === "POST") {
|
||||
|
||||
$email = $_POST["email"] ?? "";
|
||||
@@ -27,7 +23,8 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
|
||||
|
||||
$dao->addUser(
|
||||
$email,
|
||||
$vorname . " " . $nachname,
|
||||
$vorname,
|
||||
$nachname,
|
||||
$password
|
||||
);
|
||||
|
||||
@@ -37,4 +34,4 @@ if ($_SERVER["REQUEST_METHOD"] === "POST") {
|
||||
header("Location: index.php");
|
||||
exit();
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user