BreizhHardware/ProjetS4COMWEB
1
0
Fork 0
mirror of https://github.com/BreizhHardware/ProjetS4COMWEB.git synced 2026-03-18 21:40:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Profile page almost done (just when all field are full it didn't work on the first time)

Browse Source
This commit is contained in:
Félix MARQUET
2024-04-17 16:39:06 +02:00
parent 8e2925c61d
commit 22fc526890
3 changed files with 135 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
src/js/AJAX/home.js
View File

@@ -144,7 +144,6 @@ function displayHome(text) {
function displayProfile() {
let user = TokenDecode(sessionStorage.getItem("token"));
console.log(user);
if (user !== null) {
let container = document.getElementById("content");
container.innerHTML = "";
@@ -198,82 +197,58 @@ function changePasswordMailAndPhone(currentPassword, newPassword, currentMail, n
if (currentPassword && newPassword){
if (currentPhone && newPhone){
if(currentMail && newMail) {
let data = {
id: user.id,
currentPassword: currentPassword,
newPassword: newPassword,
currentMail: currentMail,
newMail: newMail,
currentPhone: currentPhone,
newPhone: newPhone
};
let data = "id=" + user.id + "&currentMail=" + currentMail + "&newMail=" + newMail + "&currentPhone=" + currentPhone + "&newPhone=" + newPhone + "&currentPassword=" + currentPassword + "&newPassword=" + newPassword;
ajaxRequest('PUT', "src/API/requests.php/api/change/all", function (data) {
displayHome("Profile mis à jour");
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter");
}, data);
return;
}
let data = {
id: user.id,
currentPassword: currentPassword,
newPassword: newPassword,
currentPhone: currentPhone,
newPhone: newPhone
};
let data = "id=" + user.id + "&currentPhone=" + currentPhone + "&newPhone=" + newPhone + "&currentPassword=" + currentPassword + "&newPassword=" + newPassword;
ajaxRequest('PUT', "src/API/requests.php/api/change/phonepassword", function (data) {
displayHome("Profile mis à jour");
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter");
}, data);
return;
}
if (currentMail && newMail){
let data = {
id: user.id,
currentPassword: currentPassword,
newPassword: newPassword,
currentMail: currentMail,
newMail: newMail
};
let data = "id=" + user.id + "&currentMail=" + currentMail + "&newMail=" + newMail + "&currentPassword=" + currentPassword + "&newPassword=" + newPassword;
ajaxRequest('PUT', "src/API/requests.php/api/change/mailpassword", function (data) {
displayHome("Profile mis à jour");
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter")
}, data);
return;
}
let data = {
id: user.id,
currentPassword: currentPassword,
newPassword: newPassword
};
let data = "id=" + user.id + "&currentPassword=" + currentPassword + "&newPassword=" + newPassword;
ajaxRequest('PUT', "src/API/requests.php/api/change/password", function (data) {
displayHome("Profile mis à jour");
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter")
}, data);
return;
}
if (currentPhone && newPhone){
if(currentMail && newMail) {
let data = {
id: user.id,
currentMail: currentMail,
newMail: newMail,
currentPhone: currentPhone,
newPhone: newPhone
};
let data = "id=" + user.id + "&currentMail=" + currentMail + "&newMail=" + newMail + "&currentPhone=" + currentPhone + "&newPhone=" + newPhone;
ajaxRequest('PUT', "src/API/requests.php/api/change/mailphone", function (data) {
displayHome("Profile mis à jour");
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter")
}, data);
return;
}
let data = {
id: user.id,
currentPhone: currentPhone,
newPhone: newPhone
};
let data = "id=" + user.id + "&currentPhone=" + currentPhone + "&newPhone=" + newPhone;
ajaxRequest('PUT', "src/API/requests.php/api/change/phone", function (data) {
displayHome("Profile mis à jour");
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter")
}, data);
return;
}
if(currentMail && newMail) {
let data = {
id: user.id,
currentMail: currentMail,
newMail: newMail
};
let data = "id=" + user.id + "&currentMail=" + currentMail + "&newMail=" + newMail;
ajaxRequest('PUT', "src/API/requests.php/api/change/mail", function (data) {
displayHome("Profile mis à jour");
sessionStorage.clear();
displayHome("Profile mis à jour, veuillez vous reconnecter");
}, data);
return;
}
}

1
src/js/AJAX/utils.js
View File

@@ -18,7 +18,6 @@ function ajaxRequest(type, url, callback, data = null)
{
case 200:
case 201:
//console.log(xhr.responseText);
callback(JSON.parse(xhr.responseText));
break;
default:

120
src/php/db/Patient.php
View File

@@ -45,7 +45,7 @@ class Patient {
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newpassword, $result['p_password'])) {
Response::HTTP200(['message' => 'Password updated']);
Response::HTTP201(['message' => 'Password updated']);
}
else {
Response::HTTP400(['message' => 'Error updating password']);
@@ -70,7 +70,7 @@ class Patient {
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($newphone == $result['p_phone']) {
Response::HTTP200(['message' => 'Phone updated']);
Response::HTTP201(['message' => 'Phone updated']);
}
else {
Response::HTTP400(['message' => 'Error updating phone']);
@@ -94,8 +94,8 @@ class Patient {
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($newmail == $result['p_mail']) {
Response::HTTP200(['message' => 'Mail updated']);
if (password_verify($newmail, $result['p_mail'])) {
Response::HTTP201(['message' => 'Mail updated']);
}
else {
Response::HTTP400(['message' => 'Error updating mail']);
@@ -104,27 +104,121 @@ class Patient {
public static function updatePasswordAndPhone($pdo, $id, $currentpassword, $newpassword, $currentphone, $newphone): void
{
Patient::updatePassword($pdo, $id, $currentpassword, $newpassword);
Patient::updatePhone($pdo, $id, $currentphone, $newphone);
$query = $pdo->prepare("SELECT p_password, p_phone FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($currentpassword, $result['p_password']) && $currentphone == $result['p_phone']) {
$newpassword = password_hash($newpassword, PASSWORD_ARGON2ID);
$query = $pdo->prepare("UPDATE patient SET p_password = :password, p_phone = :phone WHERE p_id = :id");
$query->bindParam(':password', $newpassword);
$query->bindParam(':phone', $newphone);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current password and phone are correct
$query = $pdo->prepare("SELECT p_password, p_phone FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newpassword, $result['p_password']) && $newphone == $result['p_phone']) {
Response::HTTP201(['message' => 'Password and phone updated']);
}
else {
Response::HTTP400(['message' => 'Error updating password and phone']);
}
}
public static function updatePasswordAndMail($pdo, $id, $currentpassword, $newpassword, $currentmail, $newmail): void
{
Patient::updatePassword($pdo, $id, $currentpassword, $newpassword);
Patient::updateMail($pdo, $id, $currentmail, $newmail);
$query = $pdo->prepare("SELECT p_password, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($currentpassword, $result['p_password']) && $currentmail == $result['p_mail']) {
$newpassword = password_hash($newpassword, PASSWORD_ARGON2ID);
$query = $pdo->prepare("UPDATE patient SET p_password = :password, p_mail = :mail WHERE p_id = :id");
$query->bindParam(':password', $newpassword);
$query->bindParam(':mail', $newmail);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current password and mail are correct
$query = $pdo->prepare("SELECT p_password, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newpassword, $result['p_password']) && $newmail == $result['p_mail']) {
Response::HTTP201(['message' => 'Password and mail updated']);
}
else {
Response::HTTP400(['message' => 'Error updating password and mail']);
}
}
public static function updatePhoneAndMail($pdo, $id, $currentphone, $newphone, $currentmail, $newmail): void
{
Patient::updatePhone($pdo, $id, $currentphone, $newphone);
Patient::updateMail($pdo, $id, $currentmail, $newmail);
$query = $pdo->prepare("SELECT p_phone, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($currentphone == $result['p_phone'] && $currentmail == $result['p_mail']) {
$query = $pdo->prepare("UPDATE patient SET p_phone = :phone, p_mail = :mail WHERE p_id = :id");
$query->bindParam(':phone', $newphone);
$query->bindParam(':mail', $newmail);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current phone and mail are correct
$query = $pdo->prepare("SELECT p_phone, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if ($newphone == $result['p_phone'] && $newmail == $result['p_mail']) {
Response::HTTP201(['message' => 'Phone and mail updated']);
}
else {
Response::HTTP400(['message' => 'Error updating phone and mail']);
}
}
public static function updateAll($pdo, $id, $currentpassword, $newpassword, $currentphone, $newphone, $currentmail, $newmail): void
{
Patient::updatePassword($pdo, $id, $currentpassword, $newpassword);
Patient::updatePhone($pdo, $id, $currentphone, $newphone);
Patient::updateMail($pdo, $id, $currentmail, $newmail);
$query = $pdo->prepare("SELECT p_password, p_phone, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
$newpassword = password_hash($newpassword, PASSWORD_ARGON2ID);
if(!password_verify($currentpassword, $result['p_password'])){
Response::HTTP401(['message' => 'Current password is incorrect']);
}
if (password_verify($currentpassword, $result['p_password']) && $currentphone == $result['p_phone'] && $currentmail == $result['p_mail']) {
$query = $pdo->prepare("UPDATE patient SET p_password = :password, p_phone = :phone, p_mail = :mail WHERE p_id = :id");
$query->bindParam(':password', $newpassword);
$query->bindParam(':phone', $newphone);
$query->bindParam(':mail', $newmail);
$query->bindParam(':id', $id);
$query->execute();
}
// Check if the current password, phone and mail are correct
$query = $pdo->prepare("SELECT p_password, p_phone, p_mail FROM patient WHERE p_id = :id");
$query->bindParam(':id', $id);
$query->execute();
$result = $query->fetch(PDO::FETCH_ASSOC);
if (password_verify($newpassword, $result['p_password']) && $newphone == $result['p_phone'] && $newmail == $result['p_mail']) {
Response::HTTP201(['message' => 'All updated']);
}
else {
if($newphone != $result['p_phone']){
Response::HTTP400(['message' => 'Error updating phone']);
}
if($newmail != $result['p_mail']){
Response::HTTP400(['message' => 'Error updating mail']);
}
if(!password_verify($newpassword, $result['p_password'])){
Response::HTTP400(['message' => 'Error updating password']);
}
}
}
}
?>