Business/NickelBox
2
0
Fork 0
Code Issues 7 Pull Requests Releases Wiki Activity

Add login, signup, and account pages ( issue #8 )

Browse Source
This commit is contained in:
Skylar Ittner 2018-06-23 20:38:27 -06:00
parent 06f7f4d9d2
commit bb59035e46
6 changed files with 257 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
public/action.php
View File

@ -29,32 +29,79 @@ switch ($VARS['action']) {
} else { } else {
$cart[$item] += $qty; $cart[$item] += $qty;
} }
$_SESSION['cart'] = $cart; $_SESSION['cart'] = $cart;
header('Location: ./?page=cart&msg=itemadded'); header('Location: ./?page=cart&msg=itemadded');
die(); die();
break; break;
case "updatecart": case "updatecart":
$item = $VARS['item']; $item = $VARS['item'];
$qty = $VARS['qty']; $qty = $VARS['qty'];
$cart = []; $cart = [];
if (!empty($_SESSION['cart'])) { if (!empty($_SESSION['cart'])) {
$cart = $_SESSION['cart']; $cart = $_SESSION['cart'];
} }
$cart[$item] = $qty; $cart[$item] = $qty;
if ($qty <= 0) { if ($qty <= 0) {
unset($cart[$item]); unset($cart[$item]);
} }
$_SESSION['cart'] = $cart; $_SESSION['cart'] = $cart;
header('Location: ./?page=cart&msg=itemupdated'); header('Location: ./?page=cart&msg=itemupdated');
break;
case "login":
$email = $VARS['email'];
$password = $VARS['password'];
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header('Location: ./?page=login&msg=invalidemail');
die("Invalid email address.");
}
if ($database->has('customers', ['email' => $email])) {
$hash = $database->get('customers', 'password', ['email' => $email]);
if (password_verify($password, $hash)) {
$_SESSION['shop_account'] = $database->get('customers', ['customerid (id)', 'name', 'password (hashed_password)', 'email'], ['email' => $email]);
header('Location: ./?page=account');
die();
} else {
header('Location: ./?page=login&msg=badlogin');
die("Bad login.");
}
} else {
header('Location: ./?page=login&msg=badlogin');
die("Bad login.");
}
break;
case "logout":
$_SESSION['shop_account'] = null;
header('Location: ./');
break;
case "signup":
$name = $VARS['name'];
$email = $VARS['email'];
$password = $VARS['password'];
$phone = $VARS['phone'];
if (empty($name) || empty($email) || empty($password)) {
header('Location: ./?page=signup&msg=missingdata');
die("Missing required data.");
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header('Location: ./?page=signup&msg=invalidemail');
die("Invalid email address.");
}
if ($database->has('customers', ['OR' => ['name' => $name, 'email' => $email]])) {
header('Location: ./?page=signup&msg=accountinuse');
die("Name or email already in use.");
}
if (empty($phone)) {
$phone = null;
}
$database->insert('customers', ['name' => $name, 'email' => $email, 'password' => password_hash($password, PASSWORD_BCRYPT), 'phone' => $phone]);
$_SESSION['shop_account'] = $database->get('customers', ['name', 'password (hashed_password)', 'email'], ['email' => $email]);
header('Location: ./?page=account');
die();
break; break;
} }

9
public/index.php
View File

@ -46,6 +46,15 @@ if (isset($_GET['page'])) {
case "cart": case "cart":
$page = "cart"; $page = "cart";
break; break;
case "account":
$page = "account";
break;
case "login":
$page = "login";
break;
case "signup":
$page = "signup";
break;
case "home": case "home":
default: default:
$page = "home"; $page = "home";

75
public/parts/account.php Normal file
View File

@ -0,0 +1,75 @@
<?php
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
if (!defined('NICKELBOX')) {
die("Direct access denied.");
}
if ($loggedin !== true || is_null($account)) {
header('Location: ./?page=login');
die("Please log in.");
}
?>
<div class="container mt-4">
<h1 class="display-4">Account</h1>
<div class="row">
<div class="col-md-8">
<h3>Recent Orders</h3>
<div class="list-group">
<?php
$orders = $database->select('transactions', ['txid', 'txdate', 'type'], ['customerid' => $account['id'], 'ORDER' => ['txdate' => 'DESC'], 'LIMIT' => 50]);
foreach ($orders as $o) {
$lines = $database->select('lines', ['lineid', 'amount', 'qty', 'name'], ['txid' => $o['txid']]);
$itemcount = 0;
$total = 0.0;
foreach ($lines as $l) {
$itemcount += $l['qty'];
$total += $l['amount'] * $l['qty'];
}
?>
<div class="list-group-item">
Date: <?php echo date(DATETIME_FORMAT, strtotime($o['txdate'])); ?><br />
Type: <?php
switch ($o['type']) {
case 1:
echo "In-store";
break;
case 2:
echo "Return";
break;
case 3:
echo "Online";
break;
default:
echo "Other";
break;
}
?><br />
Total: $<?php echo number_format($total, 2); ?><br />
<div class="list-group list-group-flush">
<?php
foreach ($lines as $l) {
?>
<div class="list-group-item d-flex justify-content-between">
<div><?php echo $l['name']; ?></div>
<div><?php echo $l['qty'] * 1.0; ?>@<?php echo number_format($l['amount'], 2); ?></div>
<div>$<?php echo number_format($l['amount'] * $l['qty'], 2); ?></div>
</div>
<?php
}
?>
</div>
</div>
<?php
}
?>
</div>
</div>
</div>
</div>

51
public/parts/login.php Normal file
View File

@ -0,0 +1,51 @@
<?php
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
if (!defined('NICKELBOX')) {
die("Direct access denied.");
}
?>
<div class="container mt-4">
<div class="row justify-content-center">
<form class="card" action="action.php" method="post">
<input type="hidden" name="action" value="login" />
<div class="card-header">
Log In
</div>
<div class="card-body">
<?php
$alert = "";
if (!empty($_GET['msg'])) {
switch ($_GET['msg']) {
case "badlogin":
$alert = "Bad email or password.";
break;
case "invalidemail":
$alert = "Invalid email address.";
break;
}
}
if ($alert != "") {
?>
<div class="text-danger mb-2">
<?php echo $alert; ?>
</div>
<?php
}
?>
<p class="small"><a href="./?page=signup">Don't have an account? Click here</a></p>
<input type="email" name="email" class="form-control mb-2" placeholder="Email address" required />
<input type="password" name="password" class="form-control" placeholder="Password" required />
</div>
<div class="card-footer d-flex">
<a href="./" class="btn btn-default">Back</a>
<button type="submit" class="btn btn-primary ml-auto">Log in</button>
</div>
</form>
</div>
</div>

53
public/parts/signup.php Normal file
View File

@ -0,0 +1,53 @@
<?php
/*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
if (!defined('NICKELBOX')) {
die("Direct access denied.");
}
?>
<div class="container mt-4">
<div class="row justify-content-center">
<form class="card" action="action.php" method="post">
<input type="hidden" name="action" value="signup" />
<div class="card-header">
Create Account
</div>
<div class="card-body">
<?php
$alert = "";
if (!empty($_GET['msg'])) {
switch ($_GET['msg']) {
case "badlogin":
$alert = "Bad email or password.";
break;
case "invalidemail":
$alert = "Invalid email address.";
break;
}
}
if ($alert != "") {
?>
<div class="text-danger mb-2">
<?php echo $alert; ?>
</div>
<?php
}
?>
<p class="small"><a href="./?page=login">Already have an account? Click here</a></p>
<input type="text" name="name" class="form-control mb-2" placeholder="Name" required />
<input type="email" name="email" class="form-control mb-2" placeholder="Email address" required />
<input type="password" name="password" class="form-control mb-2" placeholder="Password" required />
<input type="phone" name="phone" class="form-control" placeholder="Phone (optional)" />
</div>
<div class="card-footer d-flex">
<a href="./" class="btn btn-default">Back</a>
<button type="submit" class="btn btn-primary ml-auto">Create Account</button>
</div>
</form>
</div>
</div>

14
public/required.php
View File

@ -117,6 +117,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
define("GET", true); define("GET", true);
} }
$loggedin = false;
$account = null;
if (!empty($_SESSION['shop_account'])) {
$account = $_SESSION['shop_account'];
if ($database->has('customers', ['AND' => ['name' => $account['name'], 'password' => $account['hashed_password']]])) {
$loggedin = true;
} else {
$account = null;
}
}
/** /**
* Checks if a string or whatever is empty. * Checks if a string or whatever is empty.
* @param $str The thingy to check * @param $str The thingy to check
@ -124,4 +136,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
*/ */
function is_empty($str) { function is_empty($str) {
return (is_null($str) || !isset($str) || $str == ''); return (is_null($str) || !isset($str) || $str == '');
} }