From 4a050eda84a3fc01591fd4564321850a4fae8ba5 Mon Sep 17 00:00:00 2001
From: Andreas Schaafsma <the.hion.v@gmail.com>
Date: Fri, 17 May 2019 16:33:24 +0200
Subject: [PATCH] Actionhandler geimplementeerd.

---
 dev_mvc/controller/Database.php               | 12 +++++++++-
 dev_mvc/controller/HUtils.php                 | 10 ++++++++-
 dev_mvc/index.php                             | 13 +++++++++--
 dev_mvc/model/actions/model_verify.php        | 12 ++++++++++
 dev_mvc/model/model_create_topic.php          | 11 ++++++++++
 dev_mvc/model/model_do_register.php           | 22 ++++++++++++++++---
 ...atethread.php => content_create_topic.php} |  2 --
 dev_mvc/view/pagecontent/content_login.php    |  2 +-
 .../view/pagecontent/content_showboards.php   |  2 --
 .../view/pagecontent/content_showtopics.php   | 14 ++++++++++++
 dev_mvc/view/pagecontent/content_verify.php   | 16 ++++++++++++++
 .../header/content_header_signedin.php        |  2 +-
 12 files changed, 105 insertions(+), 13 deletions(-)
 create mode 100644 dev_mvc/model/actions/model_verify.php
 create mode 100644 dev_mvc/model/model_create_topic.php
 rename dev_mvc/view/pagecontent/{content_createthread.php => content_create_topic.php} (83%)
 create mode 100644 dev_mvc/view/pagecontent/content_showtopics.php
 create mode 100644 dev_mvc/view/pagecontent/content_verify.php

diff --git a/dev_mvc/controller/Database.php b/dev_mvc/controller/Database.php
index 273b52c..26e9bdb 100644
--- a/dev_mvc/controller/Database.php
+++ b/dev_mvc/controller/Database.php
@@ -140,7 +140,7 @@ Class Database{
     static function doesUserActivationKeyExist($activationKey){
         $con = Database::connectToDB();
         $query = $con->prepare("SELECT * FROM email_activation_keys WHERE activationkey = :activationKey");
-        $query->bindParam(':activationKey', $activationKey, PDO::PARAM_STR, 256);
+        $query->bindParam(':activationKey', $activationKey, PDO::PARAM_STR, 256);        
         $query->execute();
         if($query->rowCount() == 0){
             //bestaat nog niet
@@ -151,6 +151,16 @@ Class Database{
             return true;
         }
     }
+    static function registerActivationKey($users_id, $activationKey){
+        $con = Database::connectToDB();
+        $query = $con->prepare("INSERT INTO email_activation_keys (users_id, activationkey) VALUES (:users_id, :activationkey)");
+        $query->bindParam(':users_id', $users_id);
+        $query->bindParam(':activationkey', $activationKey);
+        $query->execute();
+    }
+
+
+
     //Activeer gebruiker en verwijder activation key uit de activation key tabel
     static function activateUser($activationKey){
         $con = Database::connectToDb();
diff --git a/dev_mvc/controller/HUtils.php b/dev_mvc/controller/HUtils.php
index 46d4e43..1b77853 100644
--- a/dev_mvc/controller/HUtils.php
+++ b/dev_mvc/controller/HUtils.php
@@ -21,7 +21,6 @@ Class HUtils{
         return true;
     }
     static function sqlDateToPhpDate($date){
-        
         return new DateTime($date);
     }
     static function getPage($fetchmethod){
@@ -42,5 +41,14 @@ Class HUtils{
     static function getSiteTitle(){
         return "hPHPForum";
     }
+    static function generateRandomKey(){
+        $token = "";
+        $chars = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
+        $verificationKey = "";
+        for ($i=0; $i < 32 ; $i++) { 
+            $token .= $chars[rand(0, strlen($chars) - 1)];
+        }
+        return $token;
+    }
 }
 ?>
\ No newline at end of file
diff --git a/dev_mvc/index.php b/dev_mvc/index.php
index 1b2c757..393a72b 100644
--- a/dev_mvc/index.php
+++ b/dev_mvc/index.php
@@ -2,19 +2,28 @@
 /*Code door Andreas Schaafsma ITA4-1b
  *
  * Notities voor bij nakijken
- * $_POST[] is gebruikt binnen de model_attempt_login.php en model_attempt_register.php bestanden
+ * Model wordt opgevraagd via POST (of via GET doormiddel van de ActionHandler controller.)
+ * MAIL is werkend en stuurt een verificatiecode op zie: model_do_register
+ * Activeringscode wordt correct opgeslagen in de database maar de pagina voor activeren is nog niet geimplementeerd.
  * Alle regeling van de database connectie zit in ./controller/Database.php doormiddel van static class members om alles makkelijk te groeperen
  * Er is ook een rudimentair login token systeem om ervoor te zorgen dat gebruikers ingelogd blijven zelfs als de $_SESSION[] vervalt.
- * Deze login status verdwijnt weer na ongeveer een uurtje
+ * Deze login status verdwijnt weer na ongeveer een uurtje.
  *
 */
 //include class lib.
 include_once("./controller/Database.php");
 include_once("./controller/UserSession.php");
 include_once("./controller/HUtils.php");
+include_once("./controller/ActionHandler.php");
+
 session_start();
+ActionHandler::doAction();
+
+
+
 //Store de geselecteerde pagina in variabele $page
 $page=HUtils::getPage(HUtils::FETCHPOST);
+
 //Model side operaties die afgerond moeten worden voor de paginacontent in wordt geladen
 $path = "./model/model_".$page.".php";
 if($page != ""){
diff --git a/dev_mvc/model/actions/model_verify.php b/dev_mvc/model/actions/model_verify.php
new file mode 100644
index 0000000..0c2a780
--- /dev/null
+++ b/dev_mvc/model/actions/model_verify.php
@@ -0,0 +1,12 @@
+<?php
+include_once("./controller/Database.php");
+$key = '';
+if(isset($_GET['key'])){
+    $key = $_GET['key'];
+}
+
+if(Database::doesUserActivationKeyExist($key)){
+    Database::activateUser($key);
+}
+$completed = true;
+?>
\ No newline at end of file
diff --git a/dev_mvc/model/model_create_topic.php b/dev_mvc/model/model_create_topic.php
new file mode 100644
index 0000000..ac1dafc
--- /dev/null
+++ b/dev_mvc/model/model_create_topic.php
@@ -0,0 +1,11 @@
+<?php
+//dit bestand bestaat grotendeels uit dummy code.
+//Ik heb onvoldoende tijd gehad tijdens de afgelopen paar weken en het was extreem druk in de klas tijdens de les.
+if(HUtils::issetPost(['topic_title', 'topic_content', 'topic_author']));
+{
+    $topic_title = $_GET['topic_title'];
+    $topic_content = $_GET['topic_content'];
+    $topic_author = $_GET['topic_author'];
+    Database::createThread($topic_title, $topic_content, $topic_author);
+}
+?>
\ No newline at end of file
diff --git a/dev_mvc/model/model_do_register.php b/dev_mvc/model/model_do_register.php
index e6dc73b..8d6cbca 100644
--- a/dev_mvc/model/model_do_register.php
+++ b/dev_mvc/model/model_do_register.php
@@ -3,10 +3,26 @@
 include_once("./controller/Database.php");
 include_once("./controller/HUtils.php");
 if(HUtils::issetPost(['email', 'pass', 'pass2', 'name'])){
-    if($_POST['pass'] == $_POST['pass2']){
+    $email = $_POST['email'];
+    $pass = $_POST['pass'];
+    $pass2 = $_POST['pass2'];
+    $name = $_POST['name'];
+    if($pass == $pass2){
         //Check of email aanwezig is in de database
-        if(!Database::checkUsedEmail($_POST['email']) && !Database::checkUsedUsername($_POST['name'])){
-            Database::registerUser($_POST['email'], $_POST['pass'], $_POST['name']);
+        if(!Database::checkUsedEmail($email) && !Database::checkUsedUsername($name)){
+            $verificationKey = HUtils::generateRandomKey();
+            while(Database::doesUserActivationKeyExist($verificationKey)){
+                $verificationKey = HUtils::generateRandomKey();
+            }
+            //TO DO: Create verification key
+            Database::registerUser($email, $pass, $name);
+            $uid = Database::getUID($email, $pass);
+            Database::registerActivationKey($uid,$verificationKey);
+            $message = 'Please follow the link to verify your account: http://localhost/webforum_redux/index.php?p=verify&key='.$verificationKey;
+            $headers = 'From: webmaster@example.com' . "\r\n" .
+            'Reply-To: webmaster@example.com' . "\r\n" .
+            'X-Mailer: PHP/' . phpversion();
+            mail($email, "Account Verification", $message, $headers);
         }
     }
     else{
diff --git a/dev_mvc/view/pagecontent/content_createthread.php b/dev_mvc/view/pagecontent/content_create_topic.php
similarity index 83%
rename from dev_mvc/view/pagecontent/content_createthread.php
rename to dev_mvc/view/pagecontent/content_create_topic.php
index 176c8a7..dc10d56 100644
--- a/dev_mvc/view/pagecontent/content_createthread.php
+++ b/dev_mvc/view/pagecontent/content_create_topic.php
@@ -1,6 +1,4 @@
 <?php
 
 
-
-
 ?>
\ No newline at end of file
diff --git a/dev_mvc/view/pagecontent/content_login.php b/dev_mvc/view/pagecontent/content_login.php
index 36bc093..fa81455 100644
--- a/dev_mvc/view/pagecontent/content_login.php
+++ b/dev_mvc/view/pagecontent/content_login.php
@@ -1,5 +1,5 @@
 <article>
-    <form action="" method="post">
+    <form action="?p=showtopics" method="post">
         E-mail: <input type="text" name="email"><br>
         Password: <input type="password" name="password"><br>
         <input type="hidden" name="p" value="do_login" />
diff --git a/dev_mvc/view/pagecontent/content_showboards.php b/dev_mvc/view/pagecontent/content_showboards.php
index 4cf8332..3b860be 100644
--- a/dev_mvc/view/pagecontent/content_showboards.php
+++ b/dev_mvc/view/pagecontent/content_showboards.php
@@ -1,10 +1,8 @@
 <?php
-
 if(UserSession::isUserSignedIn()){
     echo "LIST OF BOARDS LMAO";
 }
 else{
     echo "You must be signed in to view this page.";
 }
-
 ?>
\ No newline at end of file
diff --git a/dev_mvc/view/pagecontent/content_showtopics.php b/dev_mvc/view/pagecontent/content_showtopics.php
new file mode 100644
index 0000000..4fe909e
--- /dev/null
+++ b/dev_mvc/view/pagecontent/content_showtopics.php
@@ -0,0 +1,14 @@
+<h1>TOPICS:</h1>
+<?php
+//Gedeeltelijk dummy code omdat de database nog niet zo ver is. Verder al wel functioneel. Gebrukersnamen worden ingeladen.
+if(UserSession::isUserSignedIn()){
+    //$topics = Database::GetTopicList();
+    $topics = [ [0, "Hoeveel ICTers heb je nodig om een forum te bouwen?", 2],
+                [1, "LOREM IPSUM DOLOR", 3]];
+    for($i = 0; $i < sizeof($topics); $i++){
+        echo '<a href="?p=showthread&topic='.$i.'">'.$topics[$i][1].'</a> - Gestart door: '.Database::getUsername($topics[$i][2]);
+        echo '<br>';
+    }
+}
+
+?>
\ No newline at end of file
diff --git a/dev_mvc/view/pagecontent/content_verify.php b/dev_mvc/view/pagecontent/content_verify.php
new file mode 100644
index 0000000..9cc92e0
--- /dev/null
+++ b/dev_mvc/view/pagecontent/content_verify.php
@@ -0,0 +1,16 @@
+<?php
+
+if(isset($completed)){
+    echo("account activated!");
+}
+else{
+    echo("account activation went wrong!
+    <br> Go here: <a href='?p=resend_email'>Resend email verification</a>
+    <br>
+    
+    ");
+}
+
+
+
+?>
\ No newline at end of file
diff --git a/dev_mvc/view/pagecontent/header/content_header_signedin.php b/dev_mvc/view/pagecontent/header/content_header_signedin.php
index 0ba7d68..c1b3e1d 100644
--- a/dev_mvc/view/pagecontent/header/content_header_signedin.php
+++ b/dev_mvc/view/pagecontent/header/content_header_signedin.php
@@ -3,5 +3,5 @@ include_once("./controller/AssetHandler.php");
 AssetHandler::printAsset("logo.png", true, 128);
 ?>
 <nav>
-    <a href="?p=attempt_logout">log out</a> <a href="?p=">home</a> <a href="?p=destroy">simulate $_SESSION expiry</a>
+    <a href="?p=attempt_logout">log out</a> <a href="?p=">home</a> <a href="?p=create_topic">create thread</a> <a href="?p=destroy">simulate $_SESSION expiry</a>
 </nav>
\ No newline at end of file