177 lines
4.5 KiB
PHP
177 lines
4.5 KiB
PHP
<?php
|
|
|
|
function processPostData($db, $post, $redirectLocation = "."){
|
|
sleep(1);
|
|
if($post['action']){
|
|
// if there is a redirectlocation, set it
|
|
if($post['redirectLocation']){
|
|
$redirectLocation = $post['redirectLocation'];
|
|
}
|
|
|
|
// change a users password
|
|
if($post['action']=="changePassword"){
|
|
$success = changePassword(
|
|
$db,
|
|
$post['changerId'],
|
|
$post['changeeId'],
|
|
$post['changerPassword'],
|
|
$post['newPassword'],
|
|
$post['newPasswordAgain']
|
|
);
|
|
// append success to the redirectlocation
|
|
if($success){
|
|
$redirectLocation .= "?changePasswordSuccess=true";
|
|
}
|
|
else{
|
|
$redirectLocation .= "?changePasswordSuccess=false";
|
|
}
|
|
}// end changePassword
|
|
|
|
// redirect to the redirectlocation
|
|
header("Location: ".$redirectLocation);
|
|
}// end processing action
|
|
return;
|
|
}
|
|
|
|
function sendEmail($toEmail, $emailText, $emailSubject){
|
|
try{
|
|
$date=new DateTime();
|
|
mail(
|
|
$toEmail,
|
|
$emailSubject,
|
|
$emailText
|
|
);
|
|
}
|
|
catch(Exception $e) {
|
|
echo 'Message: ' .$e->getMessage();
|
|
}
|
|
}
|
|
|
|
function attendancesAssocArray2text($attendancesAssocArray){
|
|
$ret = "";
|
|
foreach($attendancesAssocArray as $date => $attendees){
|
|
$ret .= $date."\n";
|
|
foreach($attendees as $a){
|
|
$ret .= "\n";
|
|
$ret .= "Name: ".$a['name'].", ".$a['vorname']."\n";
|
|
$ret .= "PLZ: ".$a['corona_PLZ']."\n";
|
|
$ret .= "Tel.: ".$a['corona_telephon']."\n";
|
|
$ret .= "eMail: ".$a['corona_eMail']."\n";
|
|
}
|
|
$ret .= "\n";
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
function attendancesAssocArray2mdList($attendancesAssocArray, $date=null){
|
|
if($date == null)
|
|
$date=new DateTime();
|
|
$ret = "# Anwesenheitsliste zur Corona-Kontaktverfolgung der Abteilung Judo des CWSV vom ".$date->format("Y-m-d")."\n\n";
|
|
foreach($attendancesAssocArray as $d => $attendees){
|
|
$ret .= "## ".$d."\n";
|
|
$i=0;
|
|
foreach($attendees as $a){
|
|
$i += 1;
|
|
$ret .= "\n";
|
|
$ret .= $i." ".$a['name'].", ".$a['vorname']."\n";
|
|
$ret .= " - PLZ: ".$a['corona_PLZ']."\n";
|
|
$ret .= " - Tel.: ".$a['corona_telephon']."\n";
|
|
$ret .= " - eMail: ".$a['corona_eMail']."\n";
|
|
}
|
|
$ret .= "\n";
|
|
}
|
|
return $ret;
|
|
}
|
|
|
|
//! Checks if multiple keys exist in an array
|
|
//!
|
|
//! @param array $array array to check for key
|
|
//! @param array|string $keys keys to check for
|
|
//!
|
|
//! @return bool true, if *all* keys are set in the array
|
|
function array_keys_exist( array $array, $keys ) {
|
|
if ( ! is_array( $keys ) ) {
|
|
$keys = func_get_args();
|
|
array_shift( $keys );
|
|
}
|
|
$count = 0;
|
|
foreach ( $keys as $key ) {
|
|
if ( isset( $array[$key] ) || array_key_exists( $key, $array ) ) {
|
|
$count++;
|
|
}
|
|
}
|
|
|
|
return count( $keys ) === $count;
|
|
}
|
|
|
|
/// updates users password without checking any rights
|
|
/// params:
|
|
/// - $db : pdoDbConnection to use
|
|
/// - $userId : id of the user with the password to change
|
|
/// - $password : the password to set
|
|
function updateUserPassword($db, $userId, $password){
|
|
// we don't save the actual password but it's hash
|
|
if($password != ""){
|
|
$password = password_hash( $password, PASSWORD_DEFAULT);
|
|
}
|
|
else{
|
|
$password = NULL;
|
|
}
|
|
|
|
$query = "UPDATE `cwsvjudo`.`wkParticipo_Users` SET `pwHash`=:val WHERE `id`=:id;";
|
|
$params = array(
|
|
':val' => array('value'=>$password, 'data_type'=>PDO::PARAM_STR),
|
|
':id' => array('value'=>$userId, 'data_type'=>PDO::PARAM_INT)
|
|
);
|
|
dbQuery($db, $query, $params);
|
|
|
|
return;
|
|
}
|
|
|
|
/// Change a users password (apiFunction)
|
|
/// params:
|
|
/// - $db: dbConnection to use
|
|
/// - $changerId: userId who changes the password
|
|
/// - $changeeId: userId whose password should be changed
|
|
/// - $ownPassword: password of the user who changes the password
|
|
/// - $newPasword: the new password
|
|
/// - $newPasswordAgain: controllInput of the new password
|
|
function changePassword($db, $changerId, $changeeId, $changerPassword, $newPassword, $newPasswordAgain){
|
|
// we need a dbConnection
|
|
if( !$db ){
|
|
// echo("No DB!");
|
|
return false;
|
|
}
|
|
|
|
$changerInfo = getUserData($db, $changerId);
|
|
|
|
// check the password of the changer
|
|
if( !password_verify( $changerPassword, $changerInfo['pwHash']) ){
|
|
// echo("Wrong changerPasswod");
|
|
return false;
|
|
}
|
|
|
|
// check if the changer is allowed to change the changees password
|
|
if ( $changerId != $changeeId ){
|
|
$changersKidsIds = getUsersKidsIds($db, $changerId);
|
|
|
|
// if( !in_array($changeeId, $changersKidsIds) ){
|
|
if( !isUserInKidIds($changeeId, $changersKidsIds) ){
|
|
// echo("not your child: ".$changeeId." not in "); var_dump($changersKidsIds);
|
|
return false;
|
|
}
|
|
}
|
|
|
|
// check if the two inputs are the same
|
|
if( $newPassword != $newPasswordAgain ){
|
|
// echo("new pw missmatch");
|
|
return false;
|
|
}
|
|
|
|
updateUserPassword($db, $changeeId, $newPassword);
|
|
|
|
return true;
|
|
}
|
|
|
|
?>
|