implemented input validation for register function
This commit is contained in:
Max538
parent
8d4376d313
commit
5965e1df81
@ -41,16 +41,40 @@ class AuthModel extends Database
|
|||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function register($email, $password, $straße, $hausnr, $ort, $postleitzahl, $land, $vorname, $nachname, $tel)
|
public function register($email, $password, $street, $houseNumber, $city, $postalCode, $country, $firstName, $lastName, $phone)
|
||||||
{
|
{
|
||||||
$rtn = $this->pwRequirementCheck($password);
|
$rtn = $this->pwRequirementCheck($password);
|
||||||
if($rtn !== true){
|
if($rtn !== true){
|
||||||
return $rtn;
|
return $rtn;
|
||||||
}
|
}
|
||||||
else{
|
|
||||||
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
||||||
|
return "Bitte geben Sie eine gültige E-Mail ein.";
|
||||||
|
}
|
||||||
|
|
||||||
|
$requiredFields = [$email, $password, $street, $houseNumber, $city, $postalCode, $country, $firstName, $lastName, $phone];
|
||||||
|
foreach ($requiredFields as $field) {
|
||||||
|
if (empty($field)) {
|
||||||
|
return "Bitte füllen Sie alle Felder aus";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
$pdo = $this->linkDB();
|
||||||
|
$stmt = $pdo->prepare("SELECT id FROM user WHERE email = :email");
|
||||||
|
$stmt->execute([':email' => $email]);
|
||||||
|
if($stmt-> fetch()){
|
||||||
|
return "Der Account mit der Email, existiert bereits.";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
catch (PDOException $e){
|
||||||
|
new \Blog\Library\ErrorMsg("Fehler beim Abrufen der Daten", $e);
|
||||||
|
die;
|
||||||
|
}
|
||||||
|
|
||||||
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
|
||||||
|
|
||||||
$sql = "INSERT INTO user (email, passwort, straße, hausnr, ort, postleitzahl,land, vorname, nachname, tel)
|
$sql = "INSERT INTO user (email, password, straße, hausnr, ort, postleitzahl,land, vorname, nachname, tel)
|
||||||
VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land, :vorname, :nachname, :tel)";
|
VALUES (:email, :password, :straße, :hausnr, :ort, :postleitzahl, :land, :vorname, :nachname, :tel)";
|
||||||
|
|
||||||
try{
|
try{
|
||||||
@ -59,20 +83,20 @@ class AuthModel extends Database
|
|||||||
return $stmt->execute([
|
return $stmt->execute([
|
||||||
':email' => $email,
|
':email' => $email,
|
||||||
':password' => $hashedPassword,
|
':password' => $hashedPassword,
|
||||||
':straße' => $straße,
|
':straße' => $street,
|
||||||
':hausnr' => $hausnr,
|
':hausnr' => $houseNumber,
|
||||||
':ort' => $ort,
|
':ort' => $city,
|
||||||
':postleitzahl' => $postleitzahl,
|
':postleitzahl' => $postalCode,
|
||||||
':land' => $land,
|
':land' => $country,
|
||||||
':vorname' => $vorname,
|
':vorname' => $firstName,
|
||||||
':nachname' => $nachname,
|
':nachname' => $lastName,
|
||||||
':tel' => $tel
|
':tel' => $phone
|
||||||
]);
|
]);
|
||||||
} catch (PDOException $e) {
|
} catch (PDOException $e) {
|
||||||
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
|
new \Blog\Library\ErrorMsg("Fehler beim Schreiben der Daten.", $e);
|
||||||
die;
|
die;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private function pwRequirementCheck($password){
|
private function pwRequirementCheck($password){
|
||||||
@ -137,7 +161,7 @@ class AuthModel extends Database
|
|||||||
|
|
||||||
|
|
||||||
$sql = "UPDATE user
|
$sql = "UPDATE user
|
||||||
SET passwort = :password AND validUntil = :validUntil
|
SET password = :password AND validUntil = :validUntil
|
||||||
WHERE email = :email";
|
WHERE email = :email";
|
||||||
|
|
||||||
$stmt = $pdo->prepare($sql);
|
$stmt = $pdo->prepare($sql);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user