update user (in progress)

2025-07-04 11:12:24 +02:00
parent 2eadf75557
commit b5118a699f
4 changed files with 189 additions and 9 deletions
--- a/Controller/UserController.php
+++ b/Controller/UserController.php
@@ -25,6 +25,13 @@ class UserController{
        "password" => "Passwort*",
    ];

+    private $changeUserLabels = [
+        'name'     => 'Vorname*',
+        'lastname' => 'Nachname*',
+        'email'    => 'E-Mail*',
+        'password' => 'Passwort*',
+    ];
+
    public function __construct($view){
        $this->db = new UserModel();
        $this->view = $view;
@@ -173,7 +180,7 @@ class UserController{
    }

    public function deleteAccount(){
-        $userId = $_SESSION["user_id"] ?? "";
+        $userId = $this->getCurrentUserId();
        if($userId){
            $this->db->deleteUser($userId);
            $this->clearUserSession();
@@ -182,13 +189,117 @@ class UserController{
        }
    }

-    public function changeAccountData(){
-        $userId = $_SESSION["user_id"] ?? "";
+    public function changeAccountDataRedirect(){
+        $userId = $this->getCurrentUserId();
        if($userId){
-            $this->db->changeUserData($userId);
-            $this->setUserSession($user);
-            $this->view->setDoMethodName("showUserDeleteConfirmation");
-            $this->showUserDeleteConfirmation();
+            $this->view->setDoMethodName("showUserChangeAccountSettings");
+            $this->showUserChangeAccountSettings();
        }
    }
+
+    public function showUserChangeAccountSettings(){
+        $userId = $this->getCurrentUserId();
+        if(!$userId){
+            header("Location: index.php?controller=user&do=showUserLoginForm");
+            exit();
+        }
+
+        $currentUser = $this->db->getUserById($userId);
+        if(!$currentUser){
+            throw new \Exception("User nicht gefunden");
+        }
+
+        $validData = [
+            'name' => $currentUser["name"],
+            'vorname' => $currentUser["vorname"],
+            'email' => $currentUser["email"],
+        ];
+
+        $this->view->setVars([
+            'labels'    => $this->changeUserLabels,
+            'validData' => $validData,
+            'errors'    => $this->errors,
+            'message'   => $this->message ?? null,
+        ]);
+
+        $this->view->render('User/showUserChangeAccountSettings');
+    }
+
+    public function updateAccountData()
+    {
+        $userId = $this->getCurrentUserId();
+        if (!$userId) {
+            header('Location: index.php?controller=user&do=showUserLoginForm');
+            exit;
+        }
+
+        $currentUser = $this->db->getUserById($userId);
+        if (!$currentUser) {
+            throw new \Exception('User nicht gefunden');
+        }
+
+        $submitted = [
+            'name'     => trim($_POST['name']     ?? ''),
+            'lastname' => trim($_POST['lastname'] ?? ''),
+            'email'    => trim($_POST['email']    ?? ''),
+            'password' => trim($_POST['password'] ?? ''),
+        ];
+
+        $this->errors = [];
+        if (strlen($submitted['name']) < 2) {
+            $this->errors['name'] = 'Vorname muss mindestens 2 Zeichen haben.';
+        }
+        if (strlen($submitted['lastname']) < 2) {
+            $this->errors['lastname'] = 'Nachname muss mindestens 2 Zeichen haben.';
+        }
+        if (!filter_var($submitted['email'], FILTER_VALIDATE_EMAIL)) {
+            $this->errors['email'] = 'Ungültige E-Mail-Adresse.';
+        }
+        if ($submitted['password'] !== '' && strlen($submitted['password']) < 6) {
+            $this->errors['password'] = 'Passwort muss mindestens 6 Zeichen haben.';
+        }
+
+        if (count($this->errors) > 0) {
+            $this->view->setVars([
+                'labels'    => $this->changeUserLabels,
+                'validData' => $submitted,
+                'errors'    => $this->errors,
+            ]);
+            return $this->showUserChangeAccountSettings();
+        }
+
+        $updateData = [];
+        foreach (['name','lastname','email'] as $field) {
+            if ($submitted[$field] !== $currentUser[$field]) {
+                $updateData[$field] = $submitted[$field];
+            }
+        }
+        if ($submitted['password'] !== '') {
+            $salt               = bin2hex(random_bytes(16));
+            $hash               = hash('sha256', $submitted['password'] . $salt);
+            $updateData['passwort'] = $hash;
+            $updateData['salt']     = $salt;
+        }
+
+        if (empty($updateData)) {
+            $this->message = 'Keine Änderungen festgestellt.';
+            return $this->showUserChangeAccountSettings();
+        }
+
+        $ok = $this->db->updateUserData($userId, $updateData);
+
+        if ($ok) {
+            // Session‑Werte aktualisieren
+            $_SESSION['vorname'] = $updateData['name']     ?? $_SESSION['vorname'];
+            $_SESSION['name']    = $updateData['lastname'] ?? $_SESSION['name'];
+            $_SESSION['email']   = $updateData['email']    ?? $_SESSION['email'];
+            $this->message       = 'Änderungen erfolgreich gespeichert.';
+        } else {
+            $this->errors['general'] = 'Beim Speichern ist ein Fehler aufgetreten.';
+        }
+
+        return $this->showUserChangeAccountSettings();
+    }
+
+
 }