API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 25th, 2020
221
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.25 KB | None | 0 0
raw download clone embed print report
  1. <!DOCTYPE html>
  2. <html>
  3. <head>
  4. <style>@import url('https://fonts.googleapis.com/css?family=Roboto');</style>
  5. <link rel="stylesheet" href="Style/style.css">
  6. <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
  7. <meta charset="UTF-8">
  8. <title>Endre personopplysninger</title>
  9. </head>
  10. <body>
  11. <?php
  12.  
  13. //bruker sjekk
  14. session_start();
  15. /*if(!$_SESSION['innlogget']){
  16. echo 'Trykk her for å logge på:';
  17. echo '<a href="/oblig2/login.php">login</a>';
  18. die();
  19. }*/
  20.  
  21. $db = mysqli_connect("mysql02.uniweb.no", "d33315", "78ToesSand78", "d33315");
  22. if ($db->connect_error) {
  23. die("Vi har for øyeblikket tekniske problemer");
  24. }
  25.  
  26. $brukernavn = "daniel.brann@hotmail.no";//$_SESSION['epost'];
  27. $fornavn = "";
  28. $etternavn = "";
  29. $tlf = "";
  30. $adresse = "";
  31. $postnummer = "";
  32. $poststed = "";
  33. $bildeOK = 0;
  34.  
  35.  
  36.  
  37. $query = "SELECT * FROM Person WHERE epost LIKE '$brukernavn'";
  38. $result = mysqli_query($db, $query);
  39.  
  40. if (mysqli_num_rows($result) == 1){
  41. $rad = mysqli_fetch_array($result, MYSQLI_ASSOC);
  42. $fornavn = $rad['fornavn'];
  43. $etternavn = $rad['etternavn'];
  44. $tlf = $rad['tlf'];
  45. $adresse = $rad['adresse'];
  46. $postnummer = $rad['postnummer'];
  47.  
  48. $bildeOK = $rad['BilderOK'];
  49. }
  50. $query = "SELECT * FROM Poststed WHERE postnummer LIKE '$postnummer'";
  51. $result2 = mysqli_query($db,$query);
  52. $rad2 = mysqli_fetch_array($result2, MYSQLI_ASSOC);
  53. $poststed = $rad2['poststed'];
  54.  
  55. //TODO regex
  56.  
  57. //TODO onsuccess print "info er nå oppdadert"
  58.  
  59. //TODO ny bruker: create password
  60.  
  61.  
  62. //TODO "vi mangler noe info fra deg." hvis vi mangler noe info
  63.  
  64. ?>
  65. <div class="container">
  66. <h1 class="mb-3 mt-3"><b>Endre personopplysninger</b></h1>
  67. <form action="" method="post">
  68. <label for="brukernavn" class="mt-3">Epost:</label>
  69. <input type="text" name="brukernavn" class="form-control mb-2 formElement" <?php echo "value=".$brukernavn;?>>
  70. <label for="fornavn" class="mt-3">Fornavn:</label>
  71. <input type="text" name="fornavn" class="form-control mb-2 formElement" <?php echo "value=".$fornavn;?>>
  72. <label for="etternavn" class="mt-3">Etternavn:</label>
  73. <input type="text" name="etternavn" class="form-control mb-2 formElement" <?php echo "value=".$etternavn;?>>
  74. <label for="tlf" class="mt-3">Telefonnummer:</label>
  75. <input type="text" name="tlf" class="form-control mb-2 formElement" <?php echo "value=".$tlf;?>>
  76. <label for="adresse" class="mt-3">Adresse:</label>
  77. <input type="text" name="adresse" class="form-control mb-2 formElement" <?php echo "value=".$adresse;?>>
  78. <label for="postnummer" class="mt-3">Postnummer:</label>
  79. <input type="text" name="postnummer" class="form-control mb-2 formElement" <?php echo "value=".$postnummer;?>>
  80. <label for="poststed" class="mt-3">Poststed:</label>
  81. <input type="text" name="poststed" class="form-control mb-2 formElement" <?php echo "value=".$poststed;?>>
  82. <!---->
  83. Samtykker til bruk av bilder på nett:<br>
  84. <input type="radio" name="bildeOK" value=1 <?php if($bildeOK!="0"){echo "checked='checked'";}?>> Ja
  85. <input type="radio" name="bildeOK" value=0 <?php if($bildeOK=="0"){echo "checked='checked'";}?>> Nei<br><br>
  86. <label for="password">Passord: <br><input type="password" name="passord"></label><br>
  87. <label for="nyttPassord1">Nytt passord: (valgfritt) <br><input type="password" name="nyttPassord1"></label><br>
  88. <label for="nyttPassord2">Gjenta nytt passord: <br><input type="password" name="nyttPassord2"></label><br>
  89. <input type="submit" value="Lagre personopplysninger" class="btn btn-dark btn-block btn mt-3" name="update"><br><br>
  90.  
  91.  
  92. </form>
  93. </div>
  94. <?php
  95. $db = mysqli_connect("mysql02.uniweb.no", "d33315", "78ToesSand78", "d33315");
  96. if ($db->connect_error) {
  97. die("databasen er nede");
  98. }
  99.  
  100. //runs after the submit button is pressed. updates the database with the info from the form
  101. if(isset($_POST['update'])){
  102.  
  103.  
  104.  
  105. $epost = mysqli_real_escape_string($db, $_REQUEST['brukernavn']);
  106. $fornavn = mysqli_real_escape_string($db, $_REQUEST['fornavn']);
  107. $etternavn = mysqli_real_escape_string($db, $_REQUEST['etternavn']);
  108. $tlf = mysqli_real_escape_string($db, $_REQUEST['tlf']);
  109. $adresse = mysqli_real_escape_string($db, $_REQUEST['adresse']);
  110. $postnummer = mysqli_real_escape_string($db, $_REQUEST['postnummer']);
  111. $poststed = mysqli_real_escape_string($db, $_REQUEST['poststed']);
  112. $bildeOK = mysqli_real_escape_string($db, $_REQUEST['bildeOK']);
  113.  
  114. //backend regex TODO: Finish
  115. $pass = true;
  116.  
  117. if (!filter_var($epost, FILTER_VALIDATE_EMAIL)) {
  118. //$emailErr = "Invalid email format";
  119. $pass = false;
  120. }
  121.  
  122.  
  123.  
  124. $sqlUpdateDB = "update person where brukernavn=='$brukernavn'
  125. brukernavn='$epost',
  126. fornavn='$fornavn',
  127. etternavn='$etternavn',
  128. telefon='$tlf',
  129. adresse='$adresse',
  130. postnummer='$postnummer',
  131. poststed='$poststed',
  132. bildeOK='$bildeOK'
  133. ";
  134.  
  135. if($_POST['passord']!="" and $_POST['nyttPassord2']==$_POST['nyttPassord1']){
  136. //everything is fine
  137. //TODO: regex passord
  138. $hashedPW = password_hash($_POST['passord'], PASSWORD_DEFAULT);
  139. $query = "select * from person where email like '$epost' and passord like '$hashedPW';";
  140. $result = mysqli_query($db,$query);
  141. $rad = mysqli_fetch_array($result, MYSQLI_ASSOC);
  142. if (mysqli_num_rows($result) == 1){
  143. $sqlUpdateDB .= ", passord = '$hashedPW'";
  144. }
  145. }
  146. elseif($_POST['passord']!="" and $_POST['nyttPassord2']!=$_POST['nyttPassord1']){
  147. //new password isn't a match for the verify password
  148. echo "nytt passord matcher ikke";
  149. }
  150.  
  151.  
  152. mysqli_query($db,$sqlUpdateDB);
  153.  
  154. if(!$result){
  155. echo "Feil i registrering!";
  156. }
  157. elseif (mysqli_affected_rows($db)==0){
  158. echo "Feil i registrering! 0 rows affected";
  159. }
  160. else{
  161. $_SESSION['bruker'] = $username;
  162. echo "registrering success";
  163. }
  164.  
  165.  
  166. }
  167.  
  168.  
  169. ?>
  170.  
  171.  
  172. </body>
  173. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!