Browse Source

Add login, signup, and account pages ( issue #8 )

master
Skylar Ittner 1 year ago
parent
commit
bb59035e46
6 changed files with 257 additions and 10 deletions
  1. 56
    9
      public/action.php
  2. 9
    0
      public/index.php
  3. 75
    0
      public/parts/account.php
  4. 51
    0
      public/parts/login.php
  5. 53
    0
      public/parts/signup.php
  6. 13
    1
      public/required.php

+ 56
- 9
public/action.php View File

@@ -29,32 +29,79 @@ switch ($VARS['action']) {
29 29
         } else {
30 30
             $cart[$item] += $qty;
31 31
         }
32
-
33 32
         $_SESSION['cart'] = $cart;
34
-
35 33
         header('Location: ./?page=cart&msg=itemadded');
36 34
         die();
37
-
38 35
         break;
39 36
     case "updatecart":
40 37
         $item = $VARS['item'];
41 38
         $qty = $VARS['qty'];
42
-
43 39
         $cart = [];
44
-
45 40
         if (!empty($_SESSION['cart'])) {
46 41
             $cart = $_SESSION['cart'];
47 42
         }
48
-
49 43
         $cart[$item] = $qty;
50
-
51 44
         if ($qty <= 0) {
52 45
             unset($cart[$item]);
53 46
         }
54
-
55 47
         $_SESSION['cart'] = $cart;
56
-
57 48
         header('Location: ./?page=cart&msg=itemupdated');
49
+        break;
50
+    case "login":
51
+        $email = $VARS['email'];
52
+        $password = $VARS['password'];
53
+        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
54
+            header('Location: ./?page=login&msg=invalidemail');
55
+            die("Invalid email address.");
56
+        }
57
+        if ($database->has('customers', ['email' => $email])) {
58
+            $hash = $database->get('customers', 'password', ['email' => $email]);
59
+            if (password_verify($password, $hash)) {
60
+                $_SESSION['shop_account'] = $database->get('customers', ['customerid (id)', 'name', 'password (hashed_password)', 'email'], ['email' => $email]);
61
+                header('Location: ./?page=account');
62
+                die();
63
+            } else {
64
+                header('Location: ./?page=login&msg=badlogin');
65
+                die("Bad login.");
66
+            }
67
+        } else {
68
+            header('Location: ./?page=login&msg=badlogin');
69
+            die("Bad login.");
70
+        }
71
+        break;
72
+    case "logout":
73
+        $_SESSION['shop_account'] = null;
74
+        header('Location: ./');
75
+        break;
76
+    case "signup":
77
+        $name = $VARS['name'];
78
+        $email = $VARS['email'];
79
+        $password = $VARS['password'];
80
+        $phone = $VARS['phone'];
81
+
82
+        if (empty($name) || empty($email) || empty($password)) {
83
+            header('Location: ./?page=signup&msg=missingdata');
84
+            die("Missing required data.");
85
+        }
86
+        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
87
+            header('Location: ./?page=signup&msg=invalidemail');
88
+            die("Invalid email address.");
89
+        }
90
+
91
+        if ($database->has('customers', ['OR' => ['name' => $name, 'email' => $email]])) {
92
+            header('Location: ./?page=signup&msg=accountinuse');
93
+            die("Name or email already in use.");
94
+        }
95
+
96
+        if (empty($phone)) {
97
+            $phone = null;
98
+        }
99
+
100
+        $database->insert('customers', ['name' => $name, 'email' => $email, 'password' => password_hash($password, PASSWORD_BCRYPT), 'phone' => $phone]);
101
+
102
+        $_SESSION['shop_account'] = $database->get('customers', ['name', 'password (hashed_password)', 'email'], ['email' => $email]);
103
+        header('Location: ./?page=account');
104
+        die();
58 105
 
59 106
         break;
60 107
 }

+ 9
- 0
public/index.php View File

@@ -46,6 +46,15 @@ if (isset($_GET['page'])) {
46 46
         case "cart":
47 47
             $page = "cart";
48 48
             break;
49
+        case "account":
50
+            $page = "account";
51
+            break;
52
+        case "login":
53
+            $page = "login";
54
+            break;
55
+        case "signup":
56
+            $page = "signup";
57
+            break;
49 58
         case "home":
50 59
         default:
51 60
             $page = "home";

+ 75
- 0
public/parts/account.php View File

@@ -0,0 +1,75 @@
1
+<?php
2
+/*
3
+ * This Source Code Form is subject to the terms of the Mozilla Public
4
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
5
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
+ */
7
+
8
+if (!defined('NICKELBOX')) {
9
+    die("Direct access denied.");
10
+}
11
+
12
+if ($loggedin !== true || is_null($account)) {
13
+    header('Location: ./?page=login');
14
+    die("Please log in.");
15
+}
16
+?>
17
+
18
+<div class="container mt-4">
19
+    <h1 class="display-4">Account</h1>
20
+
21
+    <div class="row">
22
+        <div class="col-md-8">
23
+            <h3>Recent Orders</h3>
24
+            <div class="list-group">
25
+                <?php
26
+                $orders = $database->select('transactions', ['txid', 'txdate', 'type'], ['customerid' => $account['id'], 'ORDER' => ['txdate' => 'DESC'], 'LIMIT' => 50]);
27
+                foreach ($orders as $o) {
28
+                    $lines = $database->select('lines', ['lineid', 'amount', 'qty', 'name'], ['txid' => $o['txid']]);
29
+                    $itemcount = 0;
30
+                    $total = 0.0;
31
+                    foreach ($lines as $l) {
32
+                        $itemcount += $l['qty'];
33
+                        $total += $l['amount'] * $l['qty'];
34
+                    }
35
+                    ?>
36
+                    <div class="list-group-item">
37
+                        Date: <?php echo date(DATETIME_FORMAT, strtotime($o['txdate'])); ?><br />
38
+                        Type: <?php
39
+                        switch ($o['type']) {
40
+                            case 1:
41
+                                echo "In-store";
42
+                                break;
43
+                            case 2:
44
+                                echo "Return";
45
+                                break;
46
+                            case 3:
47
+                                echo "Online";
48
+                                break;
49
+                            default:
50
+                                echo "Other";
51
+                                break;
52
+                        }
53
+                        ?><br />
54
+                        Total: $<?php echo number_format($total, 2); ?><br />
55
+                        <div class="list-group list-group-flush">
56
+                            <?php
57
+                            foreach ($lines as $l) {
58
+                                ?>
59
+                                <div class="list-group-item d-flex justify-content-between">
60
+                                    <div><?php echo $l['name']; ?></div>
61
+                                    <div><?php echo $l['qty'] * 1.0; ?>@<?php echo number_format($l['amount'], 2); ?></div>
62
+                                    <div>$<?php echo number_format($l['amount'] * $l['qty'], 2); ?></div>
63
+                                </div>
64
+                                <?php
65
+                            }
66
+                            ?>
67
+                        </div>
68
+                    </div>
69
+                    <?php
70
+                }
71
+                ?>
72
+            </div>
73
+        </div>
74
+    </div>
75
+</div>

+ 51
- 0
public/parts/login.php View File

@@ -0,0 +1,51 @@
1
+<?php
2
+/*
3
+ * This Source Code Form is subject to the terms of the Mozilla Public
4
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
5
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
+ */
7
+
8
+if (!defined('NICKELBOX')) {
9
+    die("Direct access denied.");
10
+}
11
+?>
12
+
13
+<div class="container mt-4">
14
+    <div class="row justify-content-center">
15
+        <form class="card" action="action.php" method="post">
16
+            <input type="hidden" name="action" value="login" />
17
+            <div class="card-header">
18
+                Log In
19
+            </div>
20
+            <div class="card-body">
21
+                <?php
22
+                $alert = "";
23
+                if (!empty($_GET['msg'])) {
24
+                    switch ($_GET['msg']) {
25
+                        case "badlogin":
26
+                            $alert = "Bad email or password.";
27
+                            break;
28
+                        case "invalidemail":
29
+                            $alert = "Invalid email address.";
30
+                            break;
31
+                    }
32
+                }
33
+                if ($alert != "") {
34
+                    ?>
35
+                <div class="text-danger mb-2">
36
+                    <?php echo $alert; ?>
37
+                </div>
38
+                <?php
39
+                }
40
+                ?>
41
+                <p class="small"><a href="./?page=signup">Don't have an account?  Click here</a></p>
42
+                <input type="email" name="email" class="form-control mb-2" placeholder="Email address" required />
43
+                <input type="password" name="password" class="form-control" placeholder="Password" required />
44
+            </div>
45
+            <div class="card-footer d-flex">
46
+                <a href="./" class="btn btn-default">Back</a>
47
+                <button type="submit" class="btn btn-primary ml-auto">Log in</button>
48
+            </div>
49
+        </form>
50
+    </div>
51
+</div>

+ 53
- 0
public/parts/signup.php View File

@@ -0,0 +1,53 @@
1
+<?php
2
+/*
3
+ * This Source Code Form is subject to the terms of the Mozilla Public
4
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
5
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
+ */
7
+
8
+if (!defined('NICKELBOX')) {
9
+    die("Direct access denied.");
10
+}
11
+?>
12
+
13
+<div class="container mt-4">
14
+    <div class="row justify-content-center">
15
+        <form class="card" action="action.php" method="post">
16
+            <input type="hidden" name="action" value="signup" />
17
+            <div class="card-header">
18
+                Create Account
19
+            </div>
20
+            <div class="card-body">
21
+                <?php
22
+                $alert = "";
23
+                if (!empty($_GET['msg'])) {
24
+                    switch ($_GET['msg']) {
25
+                        case "badlogin":
26
+                            $alert = "Bad email or password.";
27
+                            break;
28
+                        case "invalidemail":
29
+                            $alert = "Invalid email address.";
30
+                            break;
31
+                    }
32
+                }
33
+                if ($alert != "") {
34
+                    ?>
35
+                <div class="text-danger mb-2">
36
+                    <?php echo $alert; ?>
37
+                </div>
38
+                <?php
39
+                }
40
+                ?>
41
+                <p class="small"><a href="./?page=login">Already have an account?  Click here</a></p>
42
+                <input type="text" name="name" class="form-control mb-2" placeholder="Name" required />
43
+                <input type="email" name="email" class="form-control mb-2" placeholder="Email address" required />
44
+                <input type="password" name="password" class="form-control mb-2" placeholder="Password" required />
45
+                <input type="phone" name="phone" class="form-control" placeholder="Phone (optional)" />
46
+            </div>
47
+            <div class="card-footer d-flex">
48
+                <a href="./" class="btn btn-default">Back</a>
49
+                <button type="submit" class="btn btn-primary ml-auto">Create Account</button>
50
+            </div>
51
+        </form>
52
+    </div>
53
+</div>

+ 13
- 1
public/required.php View File

@@ -117,6 +117,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
117 117
     define("GET", true);
118 118
 }
119 119
 
120
+
121
+$loggedin = false;
122
+$account = null;
123
+if (!empty($_SESSION['shop_account'])) {
124
+    $account = $_SESSION['shop_account'];
125
+    if ($database->has('customers', ['AND' => ['name' => $account['name'], 'password' => $account['hashed_password']]])) {
126
+        $loggedin = true;
127
+    } else {
128
+        $account = null;
129
+    }
130
+}
131
+
120 132
 /**
121 133
  * Checks if a string or whatever is empty.
122 134
  * @param $str The thingy to check
@@ -124,4 +136,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
124 136
  */
125 137
 function is_empty($str) {
126 138
     return (is_null($str) || !isset($str) || $str == '');
127
-}
139
+}

Loading…
Cancel
Save