PBBFA23AHR/kurs-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update user (in progress)

Browse Source
This commit is contained in:
H1tkliff 2025-07-04 11:12:24 +02:00
parent 2eadf75557
commit b5118a699f
4 changed files with 189 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

125
Controller/UserController.php
View File

@ -25,6 +25,13 @@ class UserController{
"password" => "Passwort*", "password" => "Passwort*",
]; ];
private $changeUserLabels = [
'name' => 'Vorname*',
'lastname' => 'Nachname*',
'email' => 'E-Mail*',
'password' => 'Passwort*',
];
public function __construct($view){ public function __construct($view){
$this->db = new UserModel(); $this->db = new UserModel();
$this->view = $view; $this->view = $view;
@ -173,7 +180,7 @@ class UserController{
} }
public function deleteAccount(){ public function deleteAccount(){
$userId = $_SESSION["user_id"] ?? ""; $userId = $this->getCurrentUserId();
if($userId){ if($userId){
$this->db->deleteUser($userId); $this->db->deleteUser($userId);
$this->clearUserSession(); $this->clearUserSession();
@ -182,13 +189,117 @@ class UserController{
} }
} }
public function changeAccountData(){ public function changeAccountDataRedirect(){
$userId = $_SESSION["user_id"] ?? ""; $userId = $this->getCurrentUserId();
if($userId){ if($userId){
$this->db->changeUserData($userId); $this->view->setDoMethodName("showUserChangeAccountSettings");
$this->setUserSession($user); $this->showUserChangeAccountSettings();
$this->view->setDoMethodName("showUserDeleteConfirmation");
$this->showUserDeleteConfirmation();
} }
} }
public function showUserChangeAccountSettings(){
$userId = $this->getCurrentUserId();
if(!$userId){
header("Location: index.php?controller=user&do=showUserLoginForm");
exit();
}
$currentUser = $this->db->getUserById($userId);
if(!$currentUser){
throw new \Exception("User nicht gefunden");
}
$validData = [
'name' => $currentUser["name"],
'vorname' => $currentUser["vorname"],
'email' => $currentUser["email"],
];
$this->view->setVars([
'labels' => $this->changeUserLabels,
'validData' => $validData,
'errors' => $this->errors,
'message' => $this->message ?? null,
]);
$this->view->render('User/showUserChangeAccountSettings');
}
public function updateAccountData()
{
$userId = $this->getCurrentUserId();
if (!$userId) {
header('Location: index.php?controller=user&do=showUserLoginForm');
exit;
}
$currentUser = $this->db->getUserById($userId);
if (!$currentUser) {
throw new \Exception('User nicht gefunden');
}
$submitted = [
'name' => trim($_POST['name'] ?? ''),
'lastname' => trim($_POST['lastname'] ?? ''),
'email' => trim($_POST['email'] ?? ''),
'password' => trim($_POST['password'] ?? ''),
];
$this->errors = [];
if (strlen($submitted['name']) < 2) {
$this->errors['name'] = 'Vorname muss mindestens 2 Zeichen haben.';
}
if (strlen($submitted['lastname']) < 2) {
$this->errors['lastname'] = 'Nachname muss mindestens 2 Zeichen haben.';
}
if (!filter_var($submitted['email'], FILTER_VALIDATE_EMAIL)) {
$this->errors['email'] = 'Ungültige E-Mail-Adresse.';
}
if ($submitted['password'] !== '' && strlen($submitted['password']) < 6) {
$this->errors['password'] = 'Passwort muss mindestens 6 Zeichen haben.';
}
if (count($this->errors) > 0) {
$this->view->setVars([
'labels' => $this->changeUserLabels,
'validData' => $submitted,
'errors' => $this->errors,
]);
return $this->showUserChangeAccountSettings();
}
$updateData = [];
foreach (['name','lastname','email'] as $field) {
if ($submitted[$field] !== $currentUser[$field]) {
$updateData[$field] = $submitted[$field];
}
}
if ($submitted['password'] !== '') {
$salt = bin2hex(random_bytes(16));
$hash = hash('sha256', $submitted['password'] . $salt);
$updateData['passwort'] = $hash;
$updateData['salt'] = $salt;
}
if (empty($updateData)) {
$this->message = 'Keine Änderungen festgestellt.';
return $this->showUserChangeAccountSettings();
}
$ok = $this->db->updateUserData($userId, $updateData);
if ($ok) {
// SessionWerte aktualisieren
$_SESSION['vorname'] = $updateData['name'] ?? $_SESSION['vorname'];
$_SESSION['name'] = $updateData['lastname'] ?? $_SESSION['name'];
$_SESSION['email'] = $updateData['email'] ?? $_SESSION['email'];
$this->message = 'Änderungen erfolgreich gespeichert.';
} else {
$this->errors['general'] = 'Beim Speichern ist ein Fehler aufgetreten.';
}
return $this->showUserChangeAccountSettings();
}
} }

35
Model/UserModel.php
View File

@ -67,4 +67,39 @@ class UserModel extends Database
$sth->execute(); $sth->execute();
} }
public function updateUserData($id, $values){
$pdo = $this->linkDB();
$fields = [];
$params = [':id' => $id];
if(!empty($values["password"])){
$salt = bin2hex(random_bytes(16));
$hash = hash('sha256', $values["password"] . $salt);
$fields["password"] = "´passwort´ = :password";
$fields["salt"] = "´salt´ = :salt";
$params[":password"] = $hash;
$params[":salt"] = $salt;
}
foreach (['name','vorname','email'] as $col) {
if (isset($values[$col])) {
$fields[] = "`{$col}` = :{$col}";
$params[":{$col}"] = $values[$col];
}
}
$sql = "UPDATE user
SET " . implode(", ", $fields) . "
where id = :id";
try {
$sth = $pdo->prepare($sql);
$sth->execute($params);
} catch (PDOException $e) {
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
die;
}
}
} }

4
Views/User/showUserAccountPage.phtml
View File

@ -6,7 +6,7 @@
<div class="container"> <div class="container">
<div class="row"> <div class="row">
<div class="col-12"> <div class="col-12">
<h1>Hallo, <h1>Hallo,
<?php echo ($_SESSION['vorname'] ?? "") . " " . ($_SESSION['name'] ?? "") ?> <?php echo ($_SESSION['vorname'] ?? "") . " " . ($_SESSION['name'] ?? "") ?>
</br> </br>
Hier können Sie ihren Account verwalten. Hier können Sie ihren Account verwalten.
@ -24,7 +24,7 @@
</form> </form>
<form method="post"> <form method="post">
<input type="hidden" name="controller" value="user"> <input type="hidden" name="controller" value="user">
<input type="hidden" name="do" value="changeAccountData"> <input type="hidden" name="do" value="changeAccountDataRedirect">
<button type="submit" class="btn btn-logout">Meine Kontodaten ändern</button> <button type="submit" class="btn btn-logout">Meine Kontodaten ändern</button>
</form> </form>
</div> </div>

34
Views/User/showUserChangeAccountSettings.phtml Normal file
View File

@ -0,0 +1,34 @@
<?php
include dirname(__DIR__).'/header.phtml';
?>
<div class="container">
<div class="row">
<div class="col-12">
<h1>Change Account Info</h1>
<form method="post" class="form-grid form-user">
<?php foreach ($changeUserLabels as $key => $label): ?>
<div class="input">
<label for="reg_<?= $key ?>"><?= $label ?></label>
<?php if ($key === 'password'): ?>
<input type="password" name="<?= $key ?>" id="reg_<?= $key ?>">
<?php elseif($key === 'email'): ?>
<input type="email" name="<?= $key ?>" id="reg_<?= $key ?>">
<?php else: ?>
<input type="text" name="<?= $key ?>" id="reg_<?= $key ?>" value="<?= htmlspecialchars($validData[$key] ?? '') ?>">
<?php endif; ?>
<?php if (!empty($errors[$key])): ?>
<div class="error"><?= $errors[$key] ?></div>
<?php endif; ?>
</div>
<?php endforeach; ?>
<input type="hidden" name="controller" value="user">
<input type="hidden" name="do" value="updateAccountData">
<button type="submit" class="btn btn-primary btn-form" style="display: block">Meine Info ändern</button>
</form>
</div>
</div>
</div>