Add files via upload

This commit is contained in:
Fernando Méndez 2021-05-11 17:36:06 +02:00 committed by GitHub
parent d106e3c3d3
commit 6834851714
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 90 additions and 68 deletions

View File

@ -315,6 +315,9 @@
font-size: 90%;
color: #00020f;
}
.code label{
color: #d3ebff;
}
.code.details{
height: 750px;
}

View File

@ -314,6 +314,9 @@ main img {
font-size: 90%;
color: #d3ebff;
}
.code label{
color: #d3ebff;
}
.code.details{
height: 750px;
}

View File

@ -18,15 +18,6 @@
//Methods:
// Delete user
public function deleteUser($user_id) {
$sql = sprintf( "DELETE FROM users WHERE id = '%s'", $user_id);
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
return $resul;
}
//Encrypt password with SHA254.
private function encryptPass($password){
//$password = hash('sha256', $password);
@ -75,6 +66,7 @@
$resul = mysqli_query($this->mysqli, $sql);
$resul->data_seek(0);
$user = null;
while ($fila = $resul->fetch_assoc()) {
if($username === $fila['username'] && $this->verifyPass($password, $fila['passwd'])){
$user = $this->loadUser($fila['id'], $fila['username'], $fila['email'], $fila['passwd'], $fila['rol']);
@ -132,6 +124,16 @@
}
//Delete user account by id.
public function deleteUserAccount($id){
$id = $this->mysqli->real_escape_string($id);
$sql = sprintf( "DELETE FROM users WHERE id = '%d'", $id );
$resul = mysqli_query($this->mysqli, $sql) or die ('Error into query database');
return $resul;
}
//Create a new User Data Transfer Object.
public function loadUser($id, $username, $email, $password, $rol){
return new User($id, $username, $email, $password, $rol);

View File

@ -2,10 +2,10 @@
/**
* Connection parameters to the DB.
*/
define('BD_HOST', 'vm01.db.swarm.test');
define('BD_HOST', 'localhost');
define('BD_NAME', 'complucine');
define('BD_USER', 'root');
define('BD_PASS', 'T4cFwfxT_vI2W!nYp!tv');
define('BD_USER', 'sw');
define('BD_PASS', '_admin_');
/*
* Configuration parameters used to generate URLs and file paths in the application
@ -46,4 +46,9 @@
* @see http://php.net/manual/en/language.types.callable.php
*/
register_shutdown_function(array($app, 'shutdown'));
//Depuración (BORRAR):
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
?>

View File

@ -12,7 +12,7 @@ class FormChangeEmail extends Form {
}
protected function generaCamposFormulario($datos, $errores = array()){
$nombre = $datos['nombreUsuario'] ?? '';
$email = $datos['email'] ?? '';
// Se generan los mensajes de error si existen.
$htmlErroresGlobales = self::generaListaErroresGlobales($errores);

View File

@ -74,7 +74,7 @@ class FormChangeName extends Form {
";
} else {
$user = $bd->selectUser($nombre, $password);
if ($user == ""){
if ($user){
$result[] = "El nombre de usuario ya existe.";
} else {
$bd->changeUserName(unserialize($_SESSION['user'])->getId(), $nombre);

View File

@ -10,7 +10,6 @@ class FormChangePass extends Form {
}
protected function generaCamposFormulario($datos, $errores = array()){
$nombre = $datos['nombreUsuario'] ?? '';
// Se generan los mensajes de error si existen.
$htmlErroresGlobales = self::generaListaErroresGlobales($errores);

View File

@ -1,31 +1,41 @@
<?php
require_once('../assets/php/form.php');
include_once('../assets/php/common/user.php');
include_once('../assets/php/common/user_dao.php');
include_once('../assets/php/form.php');
// Class
class FormDeleteAccount extends Form {
// Constructor
//Constants:
const HTML5_EMAIL_REGEXP = '^[a-zA-Z0-9.!#$%&\'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$';
public function __construct() {
$options = array("action" => "./?option=delete_user");
parent::__construct('formDelete', $options);
parent::__construct('formDeleteAccount', $options);
}
// Metodos
// Generar formulario
protected function generaCamposFormulario($datos, $errores = array()){
$nombre = $datos['nombreUsuario'] ?? '';
$nombre = $datos['username'] ?? '';
// Se generan los mensajes de error si existen.
$htmlErroresGlobales = self::generaListaErroresGlobales($errores);
$errorNombre = self::createMensajeError($errores, 'new_name', 'span', array('class' => 'error'));
$errorEmail = self::createMensajeError($errores, 'email', 'span', array('class' => 'error'));
$errorPassword = self::createMensajeError($errores, 'pass', 'span', array('class' => 'error'));
$errorPassword2 = self::createMensajeError($errores, 'repass', 'span', array('class' => 'error'));
$html = "<div class='row'>
<fieldset id='contraseña_usuario'><pre>".$htmlErroresGlobales."</pre>
<legend>Eliminar usuario</legend>
<input type='password' name='pass' id='pass' value='' placeholder='Contraseña actual' required/><pre>".$errorPassword."</pre> </fieldset>
<fieldset id='cuenta_usuario'><pre>".$htmlErroresGlobales."</pre>
<legend>Datos de la cuenta</legend>
<input type='text' name='name' id='name' value='' placeholder='Nombre de usuario' required/><pre>".$errorNombre."</pre>
<input type='text' name='email' id='email' value='' placeholder='Email de usuario' required/><pre>".$errorEmail."</pre>
<input type='password' name='pass' id='pass' value='' placeholder='Contraseña' required/><pre>".$errorPassword."</pre>
<input type='password' name='repass' id='repass' value='' placeholder='Repita la contraseña' required/><pre>".$errorPassword2."</pre>
</fieldset>
<div class='verify'>
<input type='checkbox' id='checkbox' name='verify' required>
<label for='verify'>Marque esta casilla para confirmar que entiende que esta acción no se puede deshacer.</label>
</div>
<div class='actions'>
<input type='submit' id='submit' value='Borrar cuenta' class='primary' onclick=\"return confirm('¿Estás seguro? Se borrará la cuenta definitivamente.');\"/>
<input type='submit' id='submit' value='Eliminar Cuenta de Usuario' class='primary' />
<input type='reset' id='reset' value='Borrar' />
</div>
</div>";
@ -33,49 +43,46 @@ class FormDeleteAccount extends Form {
return $html;
}
// Procesar el formulario
protected function procesaFormulario($datos){
$result = array();
$nombre = $datos['name'] ?? null;
$nombre = strtolower($nombre);
if ( empty($nombre) || mb_strlen($nombre) < 3 || mb_strlen($nombre) > 8 ) {
$result['new_name'] = "El nombre tiene que tener\n una longitud de al menos\n 3 caracteres\n y menos de 8 caracteres.";
}
$email = $datos['email'] ?? null;
if ( empty($email) || !mb_ereg_match(self::HTML5_EMAIL_REGEXP, $email) ) {
$result['email'] = "El email no es válido.";
}
$password = $datos['pass'] ?? null;
if ( empty($password) || mb_strlen($password) < 4 ) {
$result['pass'] = "Vuelve a introducir tu contrseña.";
$result['pass'] = "El password tiene que tener\n una longitud de al menos\n 4 caracteres.";
}
$password2 = $datos['repass'] ?? null;
if ( empty($password2) || strcmp($password, $password2) !== 0 ) {
$result['repass'] = "Los passwords deben coincidir.";
}
if (count($result) === 0) {
$bd = new UserDAO("complucine");
$user = $bd->selectUser(unserialize($_SESSION['user'])->getName(), $password);
$user = $bd->selectUser($nombre, $password);
if (!$user) {
$result[] = "Ha ocurrido un problema\nal eliminar el usuario.";
$_SESSION['message'] = "<div class='row'>
<div class='column side'></div>
<div class='column middle'>
<div class='code info'>
<h1>Ha ocurrido un problema</h1><hr />
<p>No se ha podido eliminar el usuario.
Comprueba que la contraseña introducida sea correcta.</p>
<a href=''><button>Cerrar Mensaje</button></a>
</div>
</div>
<div class='column side'></div>
</div>
";
}
else {
$bd->deleteUser(unserialize($_SESSION['user'])->getId());
$_SESSION['message'] = "<div class='row'>
<div class='column side'></div>
<div class='column middle'>
<div class='code info'>
<h1>Operacion realizada con exito</h1><hr />
<p>Se ha eliminado su usuario correctamente.</p>
<a href=''><button>Cerrar Mensaje</button></a>
</div>
</div>
<div class='column side'></div>
</div>
";
$result = '/logout/index.php';
$result[] = "El usuario o contraseña\nno son correctos.";
} else {
if( (unserialize($_SESSION['user'])->getId() === $user->getId()) && ($nombre === $user->getName())
&& ($email === $user->getEmail()) && ($bd->verifyPass($password, $user->getPass())) ){
$bd->deleteUserAccount($user->getId());
unset($_SESSION);
session_destroy();
$result = ROUTE_APP;
} else {
$result[] = "Los datos introducidos\nno son válidos.";
}
}
}
return $result;

View File

@ -72,17 +72,20 @@
//Delete user account.
static function delete(){
require_once('./includes/formDeleteAccount.php');
$formDA = new FormDeleteAccount();
$htmlFormDeleteAccount = $formDA->gestiona();
return $reply = '<!-- Delete user account -->
<div class="column middle">
<h2>Eliminar usuario</h2>
'.$htmlFormDeleteAccount.'
</div>'."\n";
return $reply = '<div class="code">
<h2>ELIMINAR CUENTA DE USUARIO</h2><hr />
<div class="column side"></div>
<!-- Delete User Form -->
<div class="column middle">
'.$htmlFormDeleteAccount.'
</div>
<div class="column side"></div>
</div>'."\n";
}
}
?>