From 3d4e1532c751dfdb12103e2897d87c197cea6573 Mon Sep 17 00:00:00 2001
From: pbbfa23ckl <david.kalemi@edu.bib.de>
Date: Mon, 23 Jun 2025 11:13:48 +0200
Subject: [PATCH] Register

---
 Controller/UserController.php         | 32 +++++++++++++++++++---
 Model/UserModel.php                   | 38 +++++++++++++++++++++++++--
 Views/User/showUserLoginForm.phtml    |  2 +-
 Views/User/showUserRegisterForm.phtml | 28 ++++++++++++++++++++
 4 files changed, 93 insertions(+), 7 deletions(-)
 create mode 100644 Views/User/showUserRegisterForm.phtml

diff --git a/Controller/UserController.php b/Controller/UserController.php
index 0ff5a1e..9f263ba 100644
--- a/Controller/UserController.php
+++ b/Controller/UserController.php
@@ -20,7 +20,7 @@ class UserController
     public function loginUser() 
     {
         $erg = array();
-        $erg = $this->userModel->verifyLogin($_POST["username"], $_POST["password"]);
+        $erg = $this->userModel->loginUser($_POST["username"], $_POST["password"]);
         if ($erg["success"] == true) {
             header("Location: ?controller=Welcome&do=showWelcome");
             exit();
@@ -28,9 +28,9 @@ class UserController
         }
         else {
             $this->view->setDoMethodName("showUserLoginForm");
-            $this->view->setVars([
-                "errmsg" => $erg["message"]
-            ]);
+            ## $this->view->setVars([
+            ##    "errmsg" => $erg["message"]
+            ## ]);
             $this->showUserLoginForm();
         }
 
@@ -43,12 +43,36 @@ class UserController
         exit();
     }
 
+    public function registerUser() 
+    {
+        $erg = array();
+        $erg = $this->userModel->registerUser($_POST["username"], $_POST["password"]);
+        if ($erg["success"] == true) {
+            header("Location: ?controller=Welcome&do=showWelcome");
+            exit();
+        }
+        else {
+            $this->view->setDoMethodName("showUserRegisterForm");
+
+            ## $message = $erg['message'];
+            ## echo "<script type='text/javascript'>alert('$message');</script>";
+            ## $this->view->setVars([
+            ##    "errmsg" => $erg["message"]
+            ## ]);
+            $this->showUserRegisterForm();
+        }
+    }
 
     public function showUserLoginForm() 
     {
 
     }
 
+    public function showUserRegisterForm()
+    {
+
+    }
+
 
 
 }
\ No newline at end of file
diff --git a/Model/UserModel.php b/Model/UserModel.php
index 23975b8..dfac769 100644
--- a/Model/UserModel.php
+++ b/Model/UserModel.php
@@ -7,7 +7,7 @@ use PDOException;
 
 class UserModel extends Database
 {
-    public function verifyLogin($username, $password) 
+    public function loginUser($username, $password) 
     {
         $pdo = $this->linkDB();
         if (!$pdo) return ['success' => false, 'message' => 'Database connection error.'];
@@ -31,8 +31,42 @@ class UserModel extends Database
 
     function logoutUser() 
     {
-        session_unset(); // Unset all session variables
+        session_unset(); 
         session_destroy();
         return ['success' => true, 'message' => 'Logged out successfully.'];
     }
+
+
+    function registerUser($username, $password) {
+        $pdo = $this->linkDB();
+        if (!$pdo) return ['success' => false, 'message' => 'Database connection error.'];
+        $errors = [];
+        if (empty($username)) $errors[] = "Username is required.";
+        if (empty($password)) $errors[] = "Password is required.";
+        if (strlen($password) < 8) $errors[] = "Password must be at least 8 characters.";
+        if (!preg_match('/[A-Z]/', $password)) $errors[] = "Password needs an uppercase letter.";
+        if (!preg_match('/[a-z]/', $password)) $errors[] = "Password needs a lowercase letter.";
+        if (!preg_match('/[0-9]/', $password)) $errors[] = "Password needs a number.";
+        if (!preg_match('/[^A-Za-z0-9]/', $password)) $errors[] = "Password needs a special character.";
+
+        if (!empty($errors)) {
+            return ['success' => false, 'message' => "<ul><li>" . implode("</li><li>", $errors) . "</li></ul>"];
+        }
+
+        try {
+            $stmt = $pdo->prepare("SELECT id FROM users WHERE username = ?");
+            $stmt->execute([$username]);
+            if ($stmt->fetch()) {
+                return ['success' => false, 'message' => 'Username already taken.'];
+            }
+
+            $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
+            $stmt = $pdo->prepare("INSERT INTO users (username, password) VALUES (?, ?)"); // Role defaults to 'user'
+            $stmt->execute([$username, $hashedPassword]);
+            return ['success' => true, 'message' => 'Registration successful! Please login.'];
+        } catch (PDOException $e) {
+            error_log("Registration Error: " . $e->getMessage());
+            return ['success' => false, 'message' => 'An error occurred during registration.'];
+        }
+    }
 }
\ No newline at end of file
diff --git a/Views/User/showUserLoginForm.phtml b/Views/User/showUserLoginForm.phtml
index e16f3f6..660eb5b 100644
--- a/Views/User/showUserLoginForm.phtml
+++ b/Views/User/showUserLoginForm.phtml
@@ -17,7 +17,7 @@
                  <?php echo $errmsg;?> 
                  <?php endif; ?>  
             </label>
-            <p style="margin-top:15px; text-align:center;">Don't have an account? <a href="index.php?page=register">Register here</a></p>
+            <p style="margin-top:15px; text-align:center;">Don't have an account? <a href="?controller=User&do=showUserRegisterForm">Register here</a></p>
         </div> 
         <input type="hidden" name="controller" value="User">
         <input type="hidden" name="do" value="loginUser">
diff --git a/Views/User/showUserRegisterForm.phtml b/Views/User/showUserRegisterForm.phtml
new file mode 100644
index 0000000..2d658a5
--- /dev/null
+++ b/Views/User/showUserRegisterForm.phtml
@@ -0,0 +1,28 @@
+<?php include dirname(__DIR__).'/header.phtml'; ?>
+<div class="form-container">
+    <h2>Register</h2>
+    <form id="register-form" method="POST">
+        <input type="hidden" name="action" value="register">
+        <div class="form-group">
+            <label for="username">Username:</label>
+            <input type="text" id="username" name="username" required>
+        </div>
+        <div class="form-group">
+            <label for="password">Password:</label>
+            <input type="password" id="password" name="password" required>
+            <div class="password-strength-meter"><div id="strength-bar"></div></div>
+            <div id="password-strength"><ul></ul></div>
+        </div>
+        <div class="form-group">
+            <label for="confirm_password">Confirm Password:</label>
+            <input type="password" id="confirm_password" name="confirm_password" required>
+        </div>
+        <div class="form-actions">
+            <button type="submit" >Register</button>
+                <p style="margin-top:15px; text-align:center;">Already have an account? <a href="?controller=User&do=showUserLoginForm">Login here</a></p>
+        </div>
+        <input type="hidden" name="controller" value="User">
+        <input type="hidden" name="do" value="registerUser">
+    </form>
+</div>
+<?php include dirname(__DIR__).'/footer.phtml'; ?>
\ No newline at end of file