Commit d1820280 authored by Jeroen's avatar Jeroen

Merge branch 'dev'

parents 1b6bc513 e79afd33
Pipeline #1350 passed with stage
in 3 seconds
#Mapping the Movement
# Mapping the Movement
## What is it?
A web-based platform providing a simple interface to search for and find digital civil rights organisations stationed in countries that make up [The Council of Europe](https://en.wikipedia.org/wiki/Council_of_Europe).
## How do I use it?
The platform strives for ease of use in finding a digital civil rights organisation. To do so, the platform provides a simple-to-use search interface. Via this search interface a user search for organisations. This search query can contain parameters to which the result has to adhere to. This can range from which country the organisation is based in to what expertise the employees have. A full list of search parameters can be found under the _Search parameters_ header.
Example: A user wants to get in contact with a organisation that is stationed in Italy, has at least 1 FTE (Full Time Employee) and a employee of the organisation's expertise is campaigning.
The user would be able to find the relevant organisation(s) with the following query (provided that the relevant organisation(s) is/are stored in the database):
`country=it, fte>=1, expertise=campaigning`.
## Installation
### Software dependencies
The software uses PHP as the server-side language, MySQL as the database and (very little) JavaScript to do some browser stuff. It also uses the [Klein.php](https://github.com/klein/klein.php) router, which should be installed using Composer.
### How to install
Installing the software is relatively easy. Clone the project source to your desired folder ( /var/www/html ) on a web server.
Then import the SQL file `db.sql` in to your database. You can find `db.sql` in the root folder of the project. **Note:** The database name is not specified in `db.sql`, so first create the database (via the terminal or any other way) and then import `db.sql` in your desired database.
When that is done successfully, go to _/resources_ and copy `db-example.php` and rename it to `db.php`. Edit `db.php`: insert your database login credentials and the name of the database in to which `db.sql` was imported.
After that run `composer install` in the project folder. _If you don't have composer installed, please go [here](https://getcomposer.org/doc/00-intro.md) to read about how to install it._
The command `composer install` will install the necessary framework dependencies. When that is finished, copy the file `db-example.php` (found in `/resources`) and rename it to `db.php`. In `db.php`, please enter your MySQL-server login credentials and specify the database name in to which `db.sql` was imported.
## Manage and add organisations
First of all, to do **any** administrative task, you will have to log in as admin.
To do this, you can go to _'/login'_ on the website. Here you can login with the admin credentials.
When/if you're logged in as admin, you can perform the following administrative tasks:
* Add a organisation
* Edit as organisation´s information
* Delete a organisation
### Adding a organisation
To add a organisation, go to _'/admin/addorganisation'_ on the website.
On that page is a form where you can fill in the organisation's information. Besides that there is a functionality that allows you to add employees to the organisation.
When all the information is filled in, you can click the big green 'save' button at the top, and the organisation is added.
## Editing a organisation
To edit a organisation, go to _'/organisation/[ORGANISATION\_ID]/edit'_. Thus, when viewing a organisation's page, you can just add _'edit'_ to the URL and go to the relevant page.
On the page there is a form, similar to the 'Add Organisation' form, but already filled in with the organisation's information. To make changes to this information, just edit the relevant information and then click the 'save' button.
You can also add budgets and employees to the organisation on this page, not only edit already existing information.
## Deleting a organisation
A organisation can be deleted from the _edit_ page. To visit this page, go to _'/organisation/[ORGANISATION\_ID]/edit'_.
There will be a red button with 'DELETE' on it. If you click that button, the organisation **will** be deleted and **can not** be restored (expect for adding the organisation again).
## Parameters
* **show** _Defines what kind of result will be returned. For example country is specified, it will return a list of countries. It is combinable with other parameters. For example, 'show=country, expertise=lobbying' returns a list with countries that have an organisation that has knowledge about lobbying._
* Values: 'country' or 'organisation' - only one of these is allowed
* Operator: '='
* Example: show = country
* **expertise** _The expertise parameter searches for the expertise of the employees._
* Values: A word that describes an activity or expertise like 'Marketing' or 'Campaining'.
The value can contain a wild-card symbol ( \* ) as value, for example expertise = imsi-\*
* Operator: '=' (equal to)
* Example: expertise = imsi-catchers
* **country** _The country in which the organisation is based_
* Values: Country's ISO code ('de', 'at', 'ru', etc.)
* Operator: '=' (equal to)
* Example: country = nl
* **edri-member** _The organisation (result) is, or is not, a member of EDRi_
* Values: 'true' or 'false'
* Operator: '=' (equal to)
* Example: edri-member = true
* **number-of-employees** _The total number of employees working at an organisation_
* Values: A number (integer)
* Operator: '=' (equal to) , '>' (more than) , '<' (less than) ,
'>=' (more than or equal to) , '<=' (less than or equal to)
* Example: number-of-employee > 2
* **noe** _Short for 'Number of employees'_
**See 'number-of-employees'**
* **legal-status** _The organisation's legal status_
* Values: The legal status, like 'NGO'
* Operator: '=' (equal to)
* Example: legal-status = ngo
* **fte** _The number of FTE's (Full Time Employee) at the organisation_
* Values: A number (integer)
* Operator: '=' (equal to)
* Example: fte > 5
This diff is collapsed.
@media all and (max-width: 995px) {
.employee-table{
display: none;
}
.employee-list{
display: block !important;
}
}
.employee-list{
display: none;
}
body{
background-color: white;
font-size: 17px;
......@@ -27,9 +39,12 @@ th, td{
text-align: left;
padding: 8px;
}
tr:nth-child(1) {
th {
background-color: #f2f2f2;
}
.country_table td {
width: 30%;
}
.employee-panel{
width: 50%;
float: left;
......@@ -102,3 +117,23 @@ input[name="searchterm"]{
.save:hover{
color: #009688 !important;
}
.budget_input{
width: 30%;
float: left;
margin: 5px;
}
.budget_group{
width: 70%;
clear: both;
}
.budget_group{
width: 100%;
clear: both;
float: left;
padding-right: 20%;
}
.budget_year{
width: 10%;
float: left;
margin: 10px;
}
// JS
$('.panel2').hide();
$('.panel3').hide();
$('.panel4').hide();
$('.panel5').hide();
$('.panel6').hide();
$('.panel7').hide();
function addEmployee(start){
var employeeNumber = 2;
$('.add_employee').click(function(){
$('.panel'+employeeNumber++).show();
});
$.ajax({
type: 'GET',
url: '/../resources/library/loadEmployeeForm.php',
data: {
index: start,
add_button: true,
},
success: function(data) {
$('.employees').append(data);
}
});
}
......@@ -2,9 +2,15 @@
error_reporting(E_ALL);
ini_set('display_errors', 1);
require_once(__dir__ . '/../vendor/autoload.php');
require(__dir__ . '/../resources/config.php');
require_once(__DIR__ . '/../vendor/autoload.php');
require(__DIR__ . '/../resources/config.php');
require_once(__DIR__ . '/../resources/library/i18n.class.php');
$i18n = new i18n();
$i18n->setFilePath(__DIR__ . '/../resources/library/langfiles/lang/lang_{LANGUAGE}.ini');
$i18n->setCachePath(__DIR__ . '/../resources/library/langcache');
$i18n->setForcedLang('en');
$i18n->init();
$klein = new Klein\Klein;
......@@ -22,6 +28,11 @@ $klein->respond( '/organisation/all' , function ( $request , $response , $servic
$service->render( VIEWS.'/allorganisations.php' );
});
$klein->respond( '/organisation/add' , function ( $request , $response , $service ) {
$service->pageTitle = 'Add organisation | Mapping the Movement';
$service->render( VIEWS.'/addorganisation.php' );
});
$klein->respond( '/organisation/[i:id]' , function ( $request , $response , $service ) {
$service->organisation = $request->id;
$service->pageTitle = 'Organisation | Mapping the Movement';
......@@ -44,27 +55,17 @@ $klein->respond( '/login' , function ( $request , $response , $service ) {
$service->render( VIEWS.'/login.php' );
});
$klein->respond( '/admin/addorganisation' , function ( $request , $response , $service ) {
$service->pageTitle = 'Add organisation | Mapping the Movement';
$service->render( VIEWS.'/addorganisation.php' );
});
$klein->onHttpError(function ($code, $router) {
switch ($code) {
case 404:
$router->response()->body(
'<h1>404 - Pagina niet gevonden.</h1>'
);
echo '<h1>'.L::error_404.'</h1>';
break;
case 405:
$router->response()->body(
'<h1>405 - U heeft geen toestemming hier te komen.</h1>'
);
echo '<h1>'.L::error_405.'</h1>';
break;
default:
$router->response()->body(
'<h1>Oh nee, er is iets ergs gebeurt! Errorcode:'. $code .'</h1>'
);
echo '<h1>'.L::error_default.'</h1>'.$code;
}
});
......
<?php
session_start();
include(__DIR__ . '/../db.php');
foreach(glob(__DIR__.'/../library/*.php') as $file){
include $file;
}
include_once(__DIR__ . '/../library/i18n.class.php');
include_once(__DIR__ . '/../db.php');
$i18n = new i18n();
$i18n->setFilePath(__DIR__ . '/../library/langfiles/lang/lang_{LANGUAGE}.ini');
$i18n->setCachePath(__DIR__ . '/../library/langcache');
$i18n->setForcedLang('en');
$i18n->init();
foreach(glob(__DIR__.'/../library/*.php') as $file){
include_once( $file );
}
?>
<!DOCTYPE html>
......@@ -64,7 +64,7 @@ $i18n->init();
<a class="dropdown-toggle" data-toggle="dropdown"><?php echo L::menu_example ?><span class="caret"></span></button></a>
<ul class="dropdown-menu">
<li><a href="/search?searchterm=show%3Dcountry%2C+edri-member%3Dfalse"><?php echo L::menu_no_edri ?></a></li>
<li><a href="/search?searchterm=show%3Dcountry%2C+edri-member%3Dnone"><?php echo L::menu_no_edri ?></a></li>
<li><a href="/search?searchterm=show%3Dcountry%2C+edri-member%3Dtrue%2C+fte>%3D1"><?php echo L::menu_edri_one_fte ?></a></li>
<li><a href="/search?searchterm=organisation%3Dnone"><?php echo L::menu_no_organisations ?></a></li>
</ul>
......
......@@ -4,7 +4,7 @@ class AddEmployee{
/**
* Insert the employee's information in to the Employee table.
* The employee's 'knowledge' will not be handled by this function, but by insertKnowledge().
* The employee's 'expertise' will not be handled by this function, but by insertExpertise().
* @param inst $organisation Id of the organisation that the employee works for
* @param Array $post The $_POST array send from the form in the addOrganisation view
* @return bool true/false Returns True or False depending on if everything went fine.
......@@ -19,27 +19,27 @@ class AddEmployee{
}
/**
* Insert the employee's 'knowledge' in the database
* Insert the employee's 'expertise' in the database
* The user differentiates the different subject (like programming, designing, etc) with ',' (comma) in the input field.
* The string is converted to an array at every ',', and each array value will be processed independently.
* First the function checks if the 'knowledge' is already in the database, if not, it will insert it to the Knowledge table.
* If it is, or after it has been added to the database, a 'link' will be made between the employee and the knowledge by inserting
* the employee id and the knowledge id to te EmployeeKnowledge table.
* @param string $knowledge The user's input in the knowledge input field in the addOrganisation views
* @param employee $employee The id of the employee to which the knowledge should be link to
* First the function checks if the 'expertise' is already in the database, if not, it will insert it to the Expertise table.
* If it is, or after it has been added to the database, a 'link' will be made between the employee and the expertise by inserting
* the employee id and the expertise id to te EmployeeExpertise table.
* @param string $expertise The user's input in the expertise input field in the addOrganisation views
* @param employee $employee The id of the employee to which the expertise should be link to
* @return [type] [description]
*/
protected function insertKnowledge($knowledge, $employee){
protected function insertExpertise($expertise, $employee){
$knowledge = explode(',', $knowledge);
$knowledge = array_map('trim', $knowledge);
$expertise = explode(',', $expertise);
$expertise = array_map('trim', $expertise);
$id = '';
foreach($knowledge as $k){
foreach($expertise as $k){
$kLower = strtolower($k);
$stmt = DB::conn()->prepare('SELECT id FROM Knowledge WHERE knowledgedescription=?');
$stmt = DB::conn()->prepare('SELECT id FROM Expertise WHERE expertisedescription=?');
$stmt->bind_param('s', $kLower);
$stmt->execute();
$stmt->bind_result($id);
......@@ -48,27 +48,27 @@ class AddEmployee{
if(is_int($id)){
$stmt = DB::conn()->prepare('INSERT INTO KnowledgeEmployee(knowledge, employee) VALUES (?, ?)');
$stmt = DB::conn()->prepare('INSERT INTO ExpertiseEmployee(expertise, employee) VALUES (?, ?)');
$stmt->bind_param('ii', $id, $employee);
$stmt->execute();
$stmt->close();
}else{
$stmt = DB::conn()->prepare('INSERT INTO Knowledge(knowledgeDescription) VALUES (?)');
$stmt = DB::conn()->prepare('INSERT INTO Expertise(expertiseDescription) VALUES (?)');
$stmt->bind_param('s', $kLower);
$stmt->execute();
$stmt->close();
$stmt = DB::conn()->prepare('SELECT id FROM Knowledge WHERE knowledgeDescription=?');
$stmt = DB::conn()->prepare('SELECT id FROM Expertise WHERE expertiseDescription=?');
$stmt->bind_param('s', $kLower);
$stmt->execute();
$stmt->bind_result($knowledgeId);
$stmt->bind_result($expertiseId);
$stmt->fetch();
$stmt->close();
$stmt = DB::conn()->prepare('INSERT INTO KnowledgeEmployee(knowledge, employee) VALUES (?, ?)');
$stmt->bind_param('ii', $knowledgeId, $employee);
$stmt = DB::conn()->prepare('INSERT INTO ExpertiseEmployee(expertise, employee) VALUES (?, ?)');
$stmt->bind_param('ii', $expertiseId, $employee);
$stmt->execute();
$stmt->close();
......@@ -111,11 +111,11 @@ class AddEmployee{
foreach($post as $p){
if($p['email'] !== '' && $p['pgp-id'] !== '' && $p['contract_hours'] !== ''){
$knowledge = $p['knowledge']; // First get the employees 'knowledge' from $_POST
unset($p['knowledge']); // Then remove it from the array
$expertise = $p['expertise']; // First get the employees 'expertise' from $_POST
unset($p['expertise']); // Then remove it from the array
$this->insertEmployeeInfo($organisation, $p);
$this->insertKnowledge($knowledge, $this->getEmployeeId($p['email']));
$this->insertExpertise($expertise, $this->getEmployeeId($p['email']));
}
}
......
......@@ -16,7 +16,7 @@ class AddOrganisation{
* @param int $organisation The id of the organisation to which the activities should be linked to
* @return [type] [description]
*/
protected function insertActivities($activities, $organisation){
private function insertActivities($activities, $organisation){
$activityArray = explode(',', $activities);
$activityArray = array_map('trim', $activityArray);
......@@ -70,7 +70,7 @@ class AddOrganisation{
* @param string $name The name of the organisation whos id we want to get
* @return bool/int false/id If there is a name-match, the id will be returned, else False will be returned
*/
protected function getOrganisationId($name){
private function getOrganisationId($name){
$id = '';
$stmt = DB::conn()->prepare('SELECT id FROM Organisation WHERE name=?');
......@@ -93,29 +93,53 @@ class AddOrganisation{
* @param string $activity A string with the organisation's activities (like lobbying, campaining, etc)
* @return bool True True, if everything works
*/
protected function insertOrganisationInformation($post, $activity){
$stmt = DB::conn()->prepare('INSERT INTO Organisation(name, description, number_of_employees, budget_last_three_years, projected_budget, legal_status, edri_status, country, fte)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)');
$stmt->bind_param('ssiiisiii', $post['name'], $post['description'], $post['number_of_employees'], $post['project_budget_last_three_years'], $post['projected_budget'], $post['legal_status'], $post['edri_member'], $post['country'], $post['fte']);
private function insertOrganisationInformation($post, $activity){
$stmt = DB::conn()->prepare('INSERT INTO Organisation(name, description, number_of_employees, legal_status, edri_status, country, fte)
VALUES (?, ?, ?, ?, ?, ?, ?)');
$stmt->bind_param('ssisiid', $post['name'], $post['description'], $post['number_of_employees'], $post['legal_status'], $post['edri_member'], $post['country'], $post['fte']);
$stmt->execute();
$stmt->close();
if($this->insertActivities($activity, $this->getOrganisationId($post['name']))){
if ( !empty( $activity ) ) {
if(self::insertActivities($activity, self::getOrganisationId($post['name']))){
return true;
}
} else {
return true;
}
}
protected function checkInputFields($post){
return true;
/**
* Insert the budget in to the database and link it to the organisation that is being added
* @param array $post The $_POST array
* @param int $organisation The id of the organisation to which the budget(s) should be linked to
* @return bool Return true if the SQL functions execute correctly
*/
private function insertBudget( $post , $organisation ) {
foreach($post['budget'] as $year => $value){
if ( $value['input'] !== '') {
if ( $value['estimate'] !== 'null' ) {
$stmt = DB::conn()->prepare( 'INSERT INTO OrganisationBudget( organisation , `year` , budget , estimate ) VALUES ( ? , ?, ?, ? )' );
$stmt->bind_param( 'issi' , $organisation, $year, $value['input'] , $value['estimate'] );
$stmt->execute();
$stmt->close();
} else {
$estimate = 0;
$stmt = DB::conn()->prepare( 'INSERT INTO OrganisationBudget( organisation , `year` , budget , estimate ) VALUES ( ? , ? , ? , ?)' );
$stmt->bind_param( 'issi' , $organisation , $year, $value['input'] , $estimate );
$stmt->execute();
$stmt->close();
}
//TODO: Fix this:
// if($post['name'] !== '' && $post['nickname'] !== ''){
// return true;
// } else {
// echo '<div class="warning"><b>'.L::form_fill_in_name_or_nickname.'</b></div>';
// return false;
// }
}
}
return true;
}
......@@ -125,13 +149,16 @@ class AddOrganisation{
* @param string $activity A string with the organisation's activities (like lobbying, campaining, etc)
* @return bool True True, if everything works
*/
public function addInformation($post, $activity){
public function addInformation( $post , $activity ) {
if ( self::insertOrganisationInformation ( $post , $activity ) ) {
if($this->checkInputFields($post)){
if($this->insertOrganisationInformation($post, $activity)){
if (self::insertBudget( $post , self::getOrganisationId($post['name']) ) ) {
return true;
}
}
}
}
This diff is collapsed.
description = "Description"
number_of_employees = "Number of employees"
budgets = "Budgets"
budget_last_three_years = "Budget last three years"
projected_budget = "Projected budget (2017)"
legal_status = "Legal status"
......@@ -10,6 +11,7 @@ nickname = "Nickname"
email = "Email"
pgp_id = "PGP ID"
expertise = "Expertise"
add_organisation = "Add organisation"
contract_hours_per_week = "Contract hours per week available"
usual_hours_per_week = "Usual hours per week available"
edri_bool_true = "Yes"
......@@ -24,7 +26,8 @@ username = "Username"
password = "Password"
login = "Login"
already_logged_in = "You are already logged in"
email_password_mismatch = "This email and password combination is not correct"
username = "Username"
username_password_mismatch = "This username and password combination is not correct"
search_result_error = "No results found"
activities = "Activities"
form_name = "Name"
......@@ -38,6 +41,8 @@ form_country="Country where the organisation is located in"
form_fte="FTE's"
form_no="No"
form_yes="Yes"
form_budgets = "Budgets"
form_estimate = "Estimate?"
form_submit = "Submit"
form_save = "Save"
form_activities = "Activities (Lobbying, campaigning, etc.)"
......@@ -68,3 +73,10 @@ organisation_not_found = "Organisation not found"
delete_organisation_button = "DELETE ORGANISATION"
succesful_organisation_delete = "Organisation deleted successfully"
error_organisation_delete = "An error occured while deleting the organisation"
register_admin = "Register admin account"
organisations_in_country_match_criteria = "Organisations that meet the criteria"
country_code = "Country code"
error_404 = "404 - PAGE NOT FOUND"
error_405 = "405 - NOT AUTHORIZED"
error_default = "An error occurred: "
result_count = "Number of results"
description = "Omschrijving"
number_of_employees = "Aantal medewerkers"
budgets = "Budgets"
budget_last_three_years = "Budget laatste drie jaar"
projected_budget = "Verwacht budget volgend jaar"
legal_status = "Legale status"
......@@ -10,6 +11,7 @@ nickname = "Nicknaam"
email = "Email"
pgp_id = "PGP ID"
expertise = "Expertise"
add_organisation = "Voeg organisatie toe"
contract_hours_per_week = "Contract uren per week"
usual_hours_per_week = "Aantal uur per week meestal beschikbaar"
edri_bool_true = "Ja"
......@@ -24,7 +26,8 @@ username = "Gebruikersnaam"
password = "Wachtwoord"
login = "Login"
already_logged_in = "U bent al ingelogd"
email_password_mismatch = "Deze email en wachtwoord combinatie is niet correct."
username = "Gebruikersnaam"
username_password_mismatch = "Deze gebruikersnaam en wachtwoord combinatie is niet correct."
search_result_error = "Geen resultaten gevonden"
activities = "Activiteiten"
form_name = "Naam"
......@@ -38,6 +41,8 @@ form_country="Land waar de organisatie in gevestigd is"
form_fte="FTE's"
form_no = "Nee"
form_yes = "Ja"
form_budgets = "Budget"
form_estimate = "Schatting?"
form_submit = "Verstuur"
form_save = "Sla op"
form_activities = "Activiteiten (lobbyen, campaigning, etc.)"
......@@ -63,3 +68,10 @@ organisation_not_found = "Organisatie niet gevonden"
delete_organisation_button = "VERWIJDER ORGANISATIE"
succesful_organisation_delete = "Organisatie verwijderd"
error_organisation_delete = "Er deed zich een error voor tijdens het verwijderen van de organisatie"
register_admin = "Registreer admin account"
organisations_in_country_match_criteria = "Organisaties in het land die voldoen aan de kriteria"
country_code = "Land code"
error_404 = "404 - PAGINA NIET GEVONDEN"
error_405 = "405 - GEEN TOEGANG"
error_default = "Er heeft zich een error voorgedaan: "
result_count = "Aantal resultaten"
<?php
if( include_once ( 'i18n.class.php' ) ) {
$i18n = new i18n();
$i18n->setFilePath(__DIR__ . '/../library/langfiles/lang/lang_{LANGUAGE}.ini');
$i18n->setCachePath(__DIR__ . '/../library/langcache');
$i18n->setForcedLang('en');
$i18n->init();
if ( !empty( $_GET ) ) {
if ( !empty( $_GET['add_button'] ) ) {
$index = $_GET['index'];
$form = "<div class=\"panel-body employee-panel panel0\">";
$form .= "<p><b>".L::form_employee_name."</b></p>";
$form .= "<input class=\"form-control\" type=\"text\" autocomplete=\"off\" name=\"employee[$index][name]\"/>";
$form .= "<p><b>".L::form_employee_nickname."</b></p>";
$form .= "<input class=\"form-control\" type=\"text\" autocomplete=\"off\" name=\"employee[$index][nickname]\"/>";
$form .= "<p><b>".L::form_employee_email."</b></p>";
$form .= "<input class=\"form-control\" type=\"email\" autocomplete=\"off\" name=\"employee[$index][email]\"/>";
$form .= "<p><b>".L::form_employee_pgp_id."</b></p>";
$form .= "<input class=\"form-control\" type=\"text\" autocomplete=\"off\" name=\"employee[$index][pgp-id]\"/>";
$form .= "<p><b>".L::form_employee_expertise."</b></p>";
$form .= "<i><b>".L::form_employee_split_expertise."</b></i>";
$form .= "<input class=\"form-control\" type=\"text\" autocomplete=\"off\" name=\"employee[$index][expertise]\"/>";
$form .= "<p><b>".L::form_employee_contract_hours."</b></p>";
$form .= "<input class=\"form-control\" type=\"number\" autocomplete=\"off\" name=\"employee[$index][contract_hours]\"/>";
$form .= "<p><b>".L::form_employee_usual_hours."</b></p>";
$form .= "<input class=\"form-control\" type=\"number\" autocomplete=\"off\" name=\"employee[$index][usual_hours]\"/>";
$form .= "<hr></hr></div>";
echo $form;
}
}
}
......@@ -6,16 +6,16 @@
class Login{
/**
* Get the user id of the account that is associeted with the email adress that the user entered
* Ofcourse only return an id if the email is associeted with an account
* @param string $email The email that the user entered in the login form
* @return int $id The user's id - if the email has one
* Get the user id of the account that is associeted with the username that the user entered
* Ofcourse only return an id if the username is associeted with an account
* @param string $username The username that the user entered in the login form
* @return int $id The user's id - if the username has one
*/
protected function getUserId($email){
private function getUserId($username){
$id = '';
$stmt = DB::conn()->prepare('SELECT id FROM User WHERE email=?');
$stmt->bind_param('s', $email);
$stmt = DB::conn()->prepare('SELECT id FROM User WHERE username=?');
$stmt->bind_param('s', $username);
$stmt->execute();
$stmt->bind_result($id);
$stmt->fetch();
......@@ -31,7 +31,7 @@ class Login{
* @param int $user The user's id
* @return string $passwordHash The user's hashed password
*/
protected function getHash($user){
private function getHash($user){
$passwordHash = '';
$stmt = DB::conn()->prepare('SELECT string FROM Password WHERE user=?');
......@@ -51,7 +51,7 @@ class Login{
* @param int $user The id of the user who's name we want to retreive
* @return string $name The user's name
*/
protected function getUserName($user){
private function getUserName($user){
$name = '';
$stmt = DB::conn()->prepare('SELECT name FROM User WHERE id=?');
......@@ -75,9 +75,9 @@ class Login{
* @param string $passwordHash The hashed password stored in the database that is associeted with the user's id
* @return bool True if everything is correct, false if not
*/
protected function loginSession($userid, $password, $passwordHash){
private function loginSession($userid, $password, $passwordHash){
if(password_verify($password, $passwordHash)){
$username = $this->getUserName($userid);
$username = self::getUserName($userid);
$_SESSION['login'] = array();
$_SESSION['login']['logged_in'] = true;
......@@ -88,26 +88,157 @@ class Login{
}
}
/**
* Check if a user is registered
* @param string $username The username of the user
* @return bool true/false True if user is registered, false if not
*/
private function checkUserInsert( $username ) {
$id = '';
$name = 'Administrator';
$stmt = DB::conn()->prepare( 'SELECT id FROM User WHERE name=? AND username=?' );
$stmt->bind_param( 'ss' , $name , $username );
$stmt->execute();
$stmt->bind_result( $id );
$stmt->fetch();
$stmt->close();
if ( $id !== '' ) {
return true;
} else {
return false;
}
}
/**
* Insert the admin login information in to the User table
* @param string $username The user's inserted username
* @return bool true/false True if the information is added succesfully, false if not
*/
private function insertAdmin( $username ) {
$name = 'Administrator';
$stmt = DB::conn()->prepare( 'INSERT INTO User( name , username ) VALUES ( ? , ? )' );
$stmt->bind_param( 'ss' , $name , $username );
$stmt->execute();
$stmt->close();
if ( self::checkUserInsert( $username ) ) {
return true;
} else {
return false;
}
}
/**
* Get the id of the administrator account
* @param string $username The user's inserted username for the admin account
* @return int/bool $id/false Return the id of the admin account, or false if it can't be found
*/
private function getAdminId( $username ){
$id = '';
$name = 'Administrator';
$stmt = DB::conn()->prepare( 'SELECT id FROM User WHERE name=? AND username=?' );