From: peter Date: Sat, 1 Mar 2008 11:20:21 +0000 (+0000) Subject: - user login and registration X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=4794f362ec15493e3486e70ec837183a44cbc407;p=web%2Fkonrad%2Fsmoke.git - user login and registration git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@96 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33 --- diff --git a/www/inc/classes/customer.php b/www/inc/classes/customer.php index b503dc3..1648ab4 100644 --- a/www/inc/classes/customer.php +++ b/www/inc/classes/customer.php @@ -5,13 +5,25 @@ class Customer { private $id; + private $email; + private $name; + private $address; + private $contact; /**construct an empty customer; if $id is given it tries to pre-load from the database*/ public function __construct($id=false) { $this->id=false; if($id!==false){ - $this->getByID($id); + if ($this->getByID($id)) { + $res=$db->select("customer", "*", "customerid=".$db->escapeInt($id)); + if (count($res) == 1) { + $this->email = $res[0]["email"]; + $this->name = $res[0]["name"]; + $this->address = $res[0]["address"]; + $this->contact = $res[0]["contact"]; + } + } } } @@ -19,7 +31,7 @@ class Customer public function getByID($id) { global $db; - $res=$db->select("customer","customerid","where customerid=".$db->escapeInt($id)); + $res=$db->select("customer","customerid","customerid=".$db->escapeInt($id)); if(count($res)>0){ $this->id=$id+0; return true; @@ -31,7 +43,7 @@ class Customer public function getByMail($mail) { global $db; - $res=$db->select("customer","customerid","where email=".$db->escapeString($mail)); + $res=$db->select("customer","customerid","email=".$db->escapeString($mail)); if(count($res)>0){ $this->id=$res[0]["customerid"]; return true; @@ -39,6 +51,48 @@ class Customer return false; } + /** returns the name of the customer */ + public function getName() + { + if($this->id===false) + return ""; + else + return $this->name; + } + + /** returns the email address of the customer */ + public function getEmail() + { + if($this->id===false) + return ""; + else + return $this->email; + } + + /** returns the address of the customer */ + public function getAddress() + { + if($this->id===false) + return ""; + else + return $this->address; + } + + /** returns the contact data of the customer */ + public function getContact() + { + if($this->id===false) + return ""; + else + return $this->contact; + } + + /**returns the data in an array suitable for the web-page-renderer*/ + public function getParserData() + { + return array("CUST_NAME"=>$this->getName(), "CUST_EMAIL"=>$this->getEmail(), "CUST_ADDRESS"=>$this->getAddress(), "CUST_CONTACT"=>$this->getContact()); + } + /**checks whether the customer exists in the database; getByID or getByMail must have been called first*/ public function exists() { @@ -72,6 +126,24 @@ class Customer $db->update("customer",array("passwd"=>$pass),"customerid=".$db->escapeInt($this->id)); } + /**sets the address of this customer*/ + public function setAddress($address) + { + if($this->id===false) + return; + global $db; + $db->update("customer", array("address"=>$address), "customerid=".$db->escapeInt($this->id)); + } + + /**sets the contact data of this customer*/ + public function setContact($contact) + { + if($this->id===false) + return; + global $db; + $db->update("customer", array("contact"=>$phone), "customerid=".$db->escapeInt($this->id)); + } + /**checks whether $password matches the stored password for this customer; returns true on success*/ public function authenticate($passwd) { diff --git a/www/inc/rendering/order_listing.php b/www/inc/rendering/order_listing.php index 16854dd..8f7b199 100644 --- a/www/inc/rendering/order_listing.php +++ b/www/inc/rendering/order_listing.php @@ -39,4 +39,63 @@ function createOrderLogin() $parser->setVAR("PAGE", $localParser->parseFile("orderlogin.html")); } +/** creates the view to register a new customer */ +function createCustomerRegistration() +{ + global $parser; + + $error = ErrorManager::singleton(); + + $localParser = new Parser("customerregistration.html"); + + $email = ""; + + // check if email is set and is an correct eMail-Address + if (isset($_GET["email"]) && isEmail($_GET["email"])) { + $email = $_GET["email"]; + + // set new POST-Url + $fullUrl = $parser->getVar("FULLURL"); + $newUrl = substr($fullUrl, 0, (strpos($fullUrl, "&")) - strlen($fullUrl)); + $localParser->setVar("FULLURL", $newUrl); + } + + // if email not available and no error, then it must be an intrusion + if (empty($email) && !$error->exists()) { + header("Location:index.php"); + exit(); + } + + // set input fields + $localParser->setVar("fieldCUST_EMAIL", "ms_custEmail"); + $localParser->setVar("fieldCUST_NAME", "ms_custName"); + $localParser->setVar("fieldCUST_ADDRESS", "ms_custAddress"); + $localParser->setVar("fieldCUST_CONTACT", "ms_custContact"); + $localParser->setVar("fieldCUST_PASSWD", "ms_custPasswd"); + $localParser->setVar("fieldCUST_PASSWD2", "ms_custPasswd2"); + $localParser->setVar("buttonCUST_REGISTER", "ms_custRegister"); + + // set data + if (!$error->exists()) { + $localParser->setVar("CUST_EMAIL", $email); + $localParser->setVar("CUST_NAME", ""); + $localParser->setVar("CUST_ADDRESS", ""); + $localParser->setVar("CUST_CONTACT", ""); + } else { + $localParser->setVar("CUST_EMAIL", $_POST["ms_custEmail"]); + $localParser->setVar("CUST_NAME", $_POST["ms_custName"]); + $localParser->setVar("CUST_ADDRESS", $_POST["ms_custAddress"]); + $localParser->setVar("CUST_CONTACT", $_POST["ms_custContact"]); + } + + // set error message + if ($error->exists()) { + $localParser->setVar("ERROR", "true"); + $localParser->setVar("ERRORAREA", $error->getAllFormatted()); + } + + // create page + $parser->setVAR("PAGE", $localParser->parseFile("customerregistration.html")); +} + ?> \ No newline at end of file diff --git a/www/inc/rendering/submit.php b/www/inc/rendering/submit.php index 3471d9c..5dadd04 100644 --- a/www/inc/rendering/submit.php +++ b/www/inc/rendering/submit.php @@ -158,31 +158,108 @@ function checkOrderLogin() return; } + // check if eMail already registered + $customer = new Customer(); + if ($customer->getByMail($_POST["ms_email"])) { + $error->add(i18n("eMail already registered!")); + return; + } + + // go to user registration + Header("Location: index.php?mode=customerRegistration&email=".$_POST["ms_email"]); + exit(); + // if user is registered } elseif ($_POST["ms_isCustomer"] == "true") { if (!isEmail($_POST["ms_email"])) { - $error->add(i18n("Please enter a correct email address!")); + $error->add(i18n("Please enter a valid email address!")); } if (empty($_POST["ms_password"])) { $error->add(i18n("Please enter a password!")); } if ($error->exists()) return; - // TODO: check if login valid + + //check if user really available and password correct + $customer = new Customer(); + $customer->getByMail($_POST["ms_email"]); + if ($customer->authenticate($_POST["ms_password"])) { + // go to order overview + Header("Location: index.php?mode=userdata"); + exit(); + } else { + $error->add(i18n("eMail or Password wrong")); + } // if radio button is not checked } else { $error->add(i18n("Please specify if you're a registered user!")); return; } + } +} + +/** checks the data for a new user */ +function registerUser() +{ + $error = ErrorManager::singleton(); + + if (isset($_POST["ms_custRegister"])) { + + // check if eMail already registered + $customer = new Customer(); + if ($customer->getByMail($_POST["ms_custEmail"])) { + $error->add(i18n("eMail already registered!")); + return; + } - Header("Location: index.php?mode=userdata"); - exit(); + // check if email is a valid address + if (!isEmail($_POST["ms_custEmail"])) { + $error->add(i18n("Please enter a valid email address!")); + } + + // check if name is not empty + if (empty($_POST["ms_custName"])) { + $error->add(i18n("Please enter a name!")); + } + + // check if address is not empty + if (empty($_POST["ms_custAddress"])) { + $error->add(i18n("Please enter an address!")); + } + + // check if contact data is not empty + //if (empty($_POST["ms_custContact"])) { + // $error->add(i18n("Please enter a phone number!")); + //} + + // check if passwords are not empty and equal + if (empty($_POST["ms_custPasswd"]) || ($_POST["ms_custPasswd"] != $_POST["ms_custPasswd2"])) { + $error->add(i18n("Passwords are empty or not equal!")); + } + + // if error then exit + if ($error->exists()) { + return; + } + + $customer = new Customer(); + $customer->create($_POST["ms_custName"]); + $customer->setMail($_POST["ms_custEmail"]); + $customer->setAddress($_POST["ms_custAddress"]); + $customer->setPassword($_POST["ms_custPasswd"]); + + if (!empty($_POST["ms_custContact"])) { + $customer->setContact($_POST["ms_custContact"]); + } + + // redirect to overview page } } /** checks if given value is a valid email address */ -function isEmail($value) { +function isEmail($value) +{ return ereg("^[a-zA-Z0-9\._-]+@[a-zA-Z0-9\._-]+$", $value); } diff --git a/www/index.php b/www/index.php index 439258b..266b810 100644 --- a/www/index.php +++ b/www/index.php @@ -35,6 +35,10 @@ switch($mode){ checkOrderLogin(); createOrderLogin(); break; + case "customerRegistration": + registerUser(); + createCustomerRegistration(); + break; default: createEventList(); break; diff --git a/www/template/de/customerregistration.html b/www/template/de/customerregistration.html new file mode 100644 index 0000000..7ee5cdd --- /dev/null +++ b/www/template/de/customerregistration.html @@ -0,0 +1,40 @@ +

Kundenregistrierung

+
+
+
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ +
+ +
+
+ +#if:ERROR==true +@ERRORAREA@ +#endif + +
\ No newline at end of file