repositories / Project_webapp.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Code cleanups and comments
[Project_webapp.git] / includes / formaccount.php
1 <?php
2 $form_name = filter_input(INPUT_POST, "name", FILTER_SANITIZE_STRING);
3 $form_firstname = filter_input(INPUT_POST, "firstname", FILTER_SANITIZE_STRING);
4 $form_numstreet = filter_input(INPUT_POST, "numstreet", FILTER_VALIDATE_INT);
5 $form_street = filter_input(INPUT_POST, "street", FILTER_SANITIZE_STRING);
6 $form_postalcode = filter_input(INPUT_POST, "postalcode", FILTER_VALIDATE_INT);
7 $form_city = filter_input(INPUT_POST, "city", FILTER_SANITIZE_STRING);
8 $form_email = filter_input(INPUT_POST, "email", FILTER_VALIDATE_EMAIL);
9
10 $form_oldpassword = filter_input(INPUT_POST, "oldpassword", FILTER_SANITIZE_STRING);
11 $form_password = filter_input(INPUT_POST, "password", FILTER_SANITIZE_STRING);
12 $form_confirmpassword = filter_input(INPUT_POST, "confirmpassword", FILTER_SANITIZE_STRING);
13
14 global $is_logged_in;
15 if (!$is_logged_in) {
16 echo "Please login first. <br>";
17 $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER'];
18 redirect("index.php?page=login", 2);
19 }
20
21 $input_failure = false;
22 $password_failure = false;
23
24 if (isset($form_street) && !$form_numstreet) {
25 echo "The street number is not valid. <br>" ;
26 $input_failure = true;
27 }
28 if (isset($form_street) && !$form_postalcode) {
29 echo "The postal code is not valid. <br>";
30 $input_failure = true;
31 }
32 if (isset($form_street) && !$form_email) {
33 echo "The email is not valid. <br>";
34 $input_failure = true;
35 }
36
37 if (isset($form_oldpassword) && isset($form_password) && strcmp($form_oldpassword, $form_password) === 0) {
38 echo "Old and new password are the same. <br>";
39 $password_failure = true;
40 }
41
42 if (strcmp($form_password, $form_confirmpassword) !== 0) {
43 echo "Password do not match. <br>";
44 $password_failure = true;
45 }
46
47 if (!empty($form_name) && !empty($form_firstname) && !empty($form_numstreet) && !empty($form_street) &&
48 !empty($form_postalcode) && !empty($form_city) && !empty($form_email) &&
49 !$input_failure && $is_logged_in) {
50 global $connection;
51 $client_id = get_client_id($_SESSION['email']);
52 $sql_pquery = "update CLIENTS
53 set NomCl = ?, PrenomCl = ?, EmailCl = ?, NumRueCl = ?, NomRueCl = ?, CodePosteCl = ?, VilleCl = ?
54 where NumCl = ?";
55 $connection->prepare_query($sql_pquery);
56 $connection->prepared_query_bind_param("sssisisi", array($form_name, $form_firstname, $form_email, $form_numstreet, $form_street, $form_postalcode, $form_city, $client_id));
57 $connection->run_prepared_query();
58 $connection->close_prepared_query();
59 echo "You've updated your personal informations, you will be redirected to your account in 3 seconds. <br>";
60 redirect("index.php?page=account", 3);
61 } elseif (!empty($form_oldpassword) && !empty($form_password) && !empty($form_confirmpassword) &&
62 !$password_failure && $is_logged_in) {
63 if (chk_password($_SESSION['email'], $form_oldpassword)) {
64 global $connection;
65 $client_id = get_client_id($_SESSION['email']);
66 $hashed_password = password_hash($form_password, PASSWORD_DEFAULT);
67 $sql_pquery = "update CLIENTS
68 set PasswordCl = ?
69 where NumCl = ?";
70 $connection->prepare_query($sql_pquery);
71 $connection->prepared_query_bind_param("si", array($hashed_password, $client_id));
72 $connection->run_prepared_query();
73 $connection->close_prepared_query();
74 echo "You've successfully updated your password. <br>";
75 redirect("index.php?page=account", 3);
76 } else {
77 echo "Your old password is incorrect. <br>";
78 redirect("index.php?page=account&action=modifypassword", 3);
79 }
80 } else {
81 echo "There's a required non filled field or the input in a field do not match the required pattern. <br>";
82 echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
83 }
84
85 ?>
HUGo Polytech'Marseille WebApp project code: an airplanes company site