update user (in progress)
This commit is contained in:
H1tkliff
parent
2eadf75557
commit
b5118a699f
@ -25,6 +25,13 @@ class UserController{
|
||||
"password" => "Passwort*",
|
||||
];
|
||||
|
||||
private $changeUserLabels = [
|
||||
'name' => 'Vorname*',
|
||||
'lastname' => 'Nachname*',
|
||||
'email' => 'E-Mail*',
|
||||
'password' => 'Passwort*',
|
||||
];
|
||||
|
||||
public function __construct($view){
|
||||
$this->db = new UserModel();
|
||||
$this->view = $view;
|
||||
@ -173,7 +180,7 @@ class UserController{
|
||||
}
|
||||
|
||||
public function deleteAccount(){
|
||||
$userId = $_SESSION["user_id"] ?? "";
|
||||
$userId = $this->getCurrentUserId();
|
||||
if($userId){
|
||||
$this->db->deleteUser($userId);
|
||||
$this->clearUserSession();
|
||||
@ -182,13 +189,117 @@ class UserController{
|
||||
}
|
||||
}
|
||||
|
||||
public function changeAccountData(){
|
||||
$userId = $_SESSION["user_id"] ?? "";
|
||||
public function changeAccountDataRedirect(){
|
||||
$userId = $this->getCurrentUserId();
|
||||
if($userId){
|
||||
$this->db->changeUserData($userId);
|
||||
$this->setUserSession($user);
|
||||
$this->view->setDoMethodName("showUserDeleteConfirmation");
|
||||
$this->showUserDeleteConfirmation();
|
||||
$this->view->setDoMethodName("showUserChangeAccountSettings");
|
||||
$this->showUserChangeAccountSettings();
|
||||
}
|
||||
}
|
||||
|
||||
public function showUserChangeAccountSettings(){
|
||||
$userId = $this->getCurrentUserId();
|
||||
if(!$userId){
|
||||
header("Location: index.php?controller=user&do=showUserLoginForm");
|
||||
exit();
|
||||
}
|
||||
|
||||
$currentUser = $this->db->getUserById($userId);
|
||||
if(!$currentUser){
|
||||
throw new \Exception("User nicht gefunden");
|
||||
}
|
||||
|
||||
$validData = [
|
||||
'name' => $currentUser["name"],
|
||||
'vorname' => $currentUser["vorname"],
|
||||
'email' => $currentUser["email"],
|
||||
];
|
||||
|
||||
$this->view->setVars([
|
||||
'labels' => $this->changeUserLabels,
|
||||
'validData' => $validData,
|
||||
'errors' => $this->errors,
|
||||
'message' => $this->message ?? null,
|
||||
]);
|
||||
|
||||
$this->view->render('User/showUserChangeAccountSettings');
|
||||
}
|
||||
|
||||
public function updateAccountData()
|
||||
{
|
||||
$userId = $this->getCurrentUserId();
|
||||
if (!$userId) {
|
||||
header('Location: index.php?controller=user&do=showUserLoginForm');
|
||||
exit;
|
||||
}
|
||||
|
||||
$currentUser = $this->db->getUserById($userId);
|
||||
if (!$currentUser) {
|
||||
throw new \Exception('User nicht gefunden');
|
||||
}
|
||||
|
||||
$submitted = [
|
||||
'name' => trim($_POST['name'] ?? ''),
|
||||
'lastname' => trim($_POST['lastname'] ?? ''),
|
||||
'email' => trim($_POST['email'] ?? ''),
|
||||
'password' => trim($_POST['password'] ?? ''),
|
||||
];
|
||||
|
||||
$this->errors = [];
|
||||
if (strlen($submitted['name']) < 2) {
|
||||
$this->errors['name'] = 'Vorname muss mindestens 2 Zeichen haben.';
|
||||
}
|
||||
if (strlen($submitted['lastname']) < 2) {
|
||||
$this->errors['lastname'] = 'Nachname muss mindestens 2 Zeichen haben.';
|
||||
}
|
||||
if (!filter_var($submitted['email'], FILTER_VALIDATE_EMAIL)) {
|
||||
$this->errors['email'] = 'Ungültige E-Mail-Adresse.';
|
||||
}
|
||||
if ($submitted['password'] !== '' && strlen($submitted['password']) < 6) {
|
||||
$this->errors['password'] = 'Passwort muss mindestens 6 Zeichen haben.';
|
||||
}
|
||||
|
||||
if (count($this->errors) > 0) {
|
||||
$this->view->setVars([
|
||||
'labels' => $this->changeUserLabels,
|
||||
'validData' => $submitted,
|
||||
'errors' => $this->errors,
|
||||
]);
|
||||
return $this->showUserChangeAccountSettings();
|
||||
}
|
||||
|
||||
$updateData = [];
|
||||
foreach (['name','lastname','email'] as $field) {
|
||||
if ($submitted[$field] !== $currentUser[$field]) {
|
||||
$updateData[$field] = $submitted[$field];
|
||||
}
|
||||
}
|
||||
if ($submitted['password'] !== '') {
|
||||
$salt = bin2hex(random_bytes(16));
|
||||
$hash = hash('sha256', $submitted['password'] . $salt);
|
||||
$updateData['passwort'] = $hash;
|
||||
$updateData['salt'] = $salt;
|
||||
}
|
||||
|
||||
if (empty($updateData)) {
|
||||
$this->message = 'Keine Änderungen festgestellt.';
|
||||
return $this->showUserChangeAccountSettings();
|
||||
}
|
||||
|
||||
$ok = $this->db->updateUserData($userId, $updateData);
|
||||
|
||||
if ($ok) {
|
||||
// Session‑Werte aktualisieren
|
||||
$_SESSION['vorname'] = $updateData['name'] ?? $_SESSION['vorname'];
|
||||
$_SESSION['name'] = $updateData['lastname'] ?? $_SESSION['name'];
|
||||
$_SESSION['email'] = $updateData['email'] ?? $_SESSION['email'];
|
||||
$this->message = 'Änderungen erfolgreich gespeichert.';
|
||||
} else {
|
||||
$this->errors['general'] = 'Beim Speichern ist ein Fehler aufgetreten.';
|
||||
}
|
||||
|
||||
return $this->showUserChangeAccountSettings();
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
@ -67,4 +67,39 @@ class UserModel extends Database
|
||||
$sth->execute();
|
||||
}
|
||||
|
||||
public function updateUserData($id, $values){
|
||||
$pdo = $this->linkDB();
|
||||
$fields = [];
|
||||
$params = [':id' => $id];
|
||||
|
||||
if(!empty($values["password"])){
|
||||
$salt = bin2hex(random_bytes(16));
|
||||
$hash = hash('sha256', $values["password"] . $salt);
|
||||
$fields["password"] = "´passwort´ = :password";
|
||||
$fields["salt"] = "´salt´ = :salt";
|
||||
$params[":password"] = $hash;
|
||||
$params[":salt"] = $salt;
|
||||
}
|
||||
|
||||
foreach (['name','vorname','email'] as $col) {
|
||||
if (isset($values[$col])) {
|
||||
$fields[] = "`{$col}` = :{$col}";
|
||||
$params[":{$col}"] = $values[$col];
|
||||
}
|
||||
}
|
||||
|
||||
$sql = "UPDATE user
|
||||
SET " . implode(", ", $fields) . "
|
||||
where id = :id";
|
||||
|
||||
try {
|
||||
$sth = $pdo->prepare($sql);
|
||||
$sth->execute($params);
|
||||
} catch (PDOException $e) {
|
||||
new \Blog\Library\ErrorMsg("Fehler beim Aktualisieren der Daten.", $e);
|
||||
die;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
@ -24,7 +24,7 @@
|
||||
</form>
|
||||
<form method="post">
|
||||
<input type="hidden" name="controller" value="user">
|
||||
<input type="hidden" name="do" value="changeAccountData">
|
||||
<input type="hidden" name="do" value="changeAccountDataRedirect">
|
||||
<button type="submit" class="btn btn-logout">Meine Kontodaten ändern</button>
|
||||
</form>
|
||||
</div>
|
||||
|
||||
34
Views/User/showUserChangeAccountSettings.phtml
Normal file
34
Views/User/showUserChangeAccountSettings.phtml
Normal file
@ -0,0 +1,34 @@
|
||||
<?php
|
||||
include dirname(__DIR__).'/header.phtml';
|
||||
?>
|
||||
|
||||
<div class="container">
|
||||
<div class="row">
|
||||
<div class="col-12">
|
||||
<h1>Change Account Info</h1>
|
||||
|
||||
<form method="post" class="form-grid form-user">
|
||||
<?php foreach ($changeUserLabels as $key => $label): ?>
|
||||
<div class="input">
|
||||
<label for="reg_<?= $key ?>"><?= $label ?></label>
|
||||
<?php if ($key === 'password'): ?>
|
||||
<input type="password" name="<?= $key ?>" id="reg_<?= $key ?>">
|
||||
<?php elseif($key === 'email'): ?>
|
||||
<input type="email" name="<?= $key ?>" id="reg_<?= $key ?>">
|
||||
<?php else: ?>
|
||||
<input type="text" name="<?= $key ?>" id="reg_<?= $key ?>" value="<?= htmlspecialchars($validData[$key] ?? '') ?>">
|
||||
<?php endif; ?>
|
||||
|
||||
<?php if (!empty($errors[$key])): ?>
|
||||
<div class="error"><?= $errors[$key] ?></div>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
<?php endforeach; ?>
|
||||
|
||||
<input type="hidden" name="controller" value="user">
|
||||
<input type="hidden" name="do" value="updateAccountData">
|
||||
<button type="submit" class="btn btn-primary btn-form" style="display: block">Meine Info ändern</button>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
Loading…
x
Reference in New Issue
Block a user