From 93b405ab9f69538546165c75a301c0c57a5359cf Mon Sep 17 00:00:00 2001
From: Camil Staps
Date: Tue, 26 Jul 2016 00:16:17 +0200
Subject: User authentication mechanism

---
 include/about.php                |  3 +-
 include/assignments-edit.php     |  1 +
 include/assignments-new.php      |  3 +-
 include/assignments-overview.php |  2 +
 include/assignments-view.php     |  2 +
 include/assignments.php          |  3 +-
 include/clients-edit.php         |  3 +-
 include/clients-new.php          |  3 +-
 include/clients-overview.php     |  4 +-
 include/clients-view.php         |  2 +
 include/clients.php              |  3 +-
 include/contacts-edit.php        |  3 +-
 include/contacts-new.php         |  3 +-
 include/contacts-overview.php    |  4 +-
 include/contacts.php             |  3 +-
 include/discounts-edit.php       |  1 +
 include/discounts-new.php        |  1 +
 include/discounts-overview.php   |  2 +
 include/discounts.php            |  1 +
 include/home.php                 |  5 ++-
 include/offers-edit.php          |  3 +-
 include/offers-new.php           |  3 +-
 include/offers-overview.php      |  2 +
 include/offers-view.php          |  2 +
 include/offers.php               |  3 +-
 include/settings.php             | 84 ++++++++++++++++++++++++++++++++++++++++
 26 files changed, 133 insertions(+), 16 deletions(-)
 create mode 100644 include/settings.php

(limited to 'include')

diff --git a/include/about.php b/include/about.php
index bc93e14..554a80f 100644
--- a/include/about.php
+++ b/include/about.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./index.php');
+require_once('./login.php');
 require('./header.php');
 ?>
 
@@ -104,4 +105,4 @@ info@camilstaps.nl</pre>
 <!-- /#wrapper -->
 <?php
 require('./footer.php');
-?>
\ No newline at end of file
+?>
diff --git a/include/assignments-edit.php b/include/assignments-edit.php
index 4faad64..b52311a 100644
--- a/include/assignments-edit.php
+++ b/include/assignments-edit.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
diff --git a/include/assignments-new.php b/include/assignments-new.php
index 2de3b1f..7898a42 100644
--- a/include/assignments-new.php
+++ b/include/assignments-new.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
@@ -42,4 +43,4 @@ try {
 	$response->success = false;
 	$response->message = "The assignment could not be created due to an error.";
 }
-echo $response->getJson();
\ No newline at end of file
+echo $response->getJson();
diff --git a/include/assignments-overview.php b/include/assignments-overview.php
index 903a772..2de6858 100644
--- a/include/assignments-overview.php
+++ b/include/assignments-overview.php
@@ -16,6 +16,8 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
+
+require_once('./login.php');
 ?>
 
 <div class="col-lg-12">
diff --git a/include/assignments-view.php b/include/assignments-view.php
index ffdc507..7a2923e 100644
--- a/include/assignments-view.php
+++ b/include/assignments-view.php
@@ -17,6 +17,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+require_once('./login.php');
+
 $_assignment = new assignment($_pdo, $_id);
 ?>
 <div class="col-lg-6">
diff --git a/include/assignments.php b/include/assignments.php
index 5ba21c6..eaa7163 100644
--- a/include/assignments.php
+++ b/include/assignments.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./index.php');
+require_once('./login.php');
 require('./header.php');
 ?>
 
@@ -95,4 +96,4 @@ require('./header.php');
 
 <?php
 require('./footer.php');
-?>
\ No newline at end of file
+?>
diff --git a/include/clients-edit.php b/include/clients-edit.php
index c0b83c8..7d8d6fa 100644
--- a/include/clients-edit.php
+++ b/include/clients-edit.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
@@ -39,4 +40,4 @@ try {
 	$response->success = false;
 	$response->message = "The client could not be edited due to an exception.";
 }
-echo $response->message;
\ No newline at end of file
+echo $response->message;
diff --git a/include/clients-new.php b/include/clients-new.php
index 9466638..b073b8e 100644
--- a/include/clients-new.php
+++ b/include/clients-new.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
@@ -35,4 +36,4 @@ try {
 	$response->success = false;
 	$response->message = "The client could not be created due to a PDO error ({$e->getMessage()}).";
 }
-echo $response->getJson();
\ No newline at end of file
+echo $response->getJson();
diff --git a/include/clients-overview.php b/include/clients-overview.php
index f3e2a24..7ce45a6 100644
--- a/include/clients-overview.php
+++ b/include/clients-overview.php
@@ -16,6 +16,8 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
+
+require_once('./login.php');
 ?>
 
 <div class="col-lg-6 col-md-6">
@@ -117,4 +119,4 @@
             </script>
         </div>
     </div>
-</div>
\ No newline at end of file
+</div>
diff --git a/include/clients-view.php b/include/clients-view.php
index 6aa900c..101d530 100644
--- a/include/clients-view.php
+++ b/include/clients-view.php
@@ -17,6 +17,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+require_once('./login.php');
+
 $_client = new client($_pdo, $_id);
 ?>
 <div class="col-lg-12">
diff --git a/include/clients.php b/include/clients.php
index 7248e0c..88608ab 100644
--- a/include/clients.php
+++ b/include/clients.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./index.php');
+require_once('./login.php');
 require('./header.php');
 ?>
 
@@ -95,4 +96,4 @@ require('./header.php');
 
 <?php
 require('./footer.php');
-?>
\ No newline at end of file
+?>
diff --git a/include/contacts-edit.php b/include/contacts-edit.php
index 9e7c606..a2101b2 100644
--- a/include/contacts-edit.php
+++ b/include/contacts-edit.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
@@ -62,4 +63,4 @@ try {
 	$response->success = false;
 	$response->message = "The contact could not be edited due to an exception.";
 }
-echo $response->message;
\ No newline at end of file
+echo $response->message;
diff --git a/include/contacts-new.php b/include/contacts-new.php
index c04fa72..0a72afb 100644
--- a/include/contacts-new.php
+++ b/include/contacts-new.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
@@ -44,4 +45,4 @@ try {
 	$response->success = false;
 	$response->message = "The contact could not be created due to an error.";
 }
-echo $response->getJson();
\ No newline at end of file
+echo $response->getJson();
diff --git a/include/contacts-overview.php b/include/contacts-overview.php
index cd3b1bc..cd7fc47 100644
--- a/include/contacts-overview.php
+++ b/include/contacts-overview.php
@@ -16,6 +16,8 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
+
+require_once('./login.php');
 ?>
 
 <div class="col-lg-7 col-md-7">
@@ -159,4 +161,4 @@
             </script>
         </div>
     </div>
-</div>
\ No newline at end of file
+</div>
diff --git a/include/contacts.php b/include/contacts.php
index 787bd9a..4b35603 100644
--- a/include/contacts.php
+++ b/include/contacts.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./index.php');
+require_once('./login.php');
 require('./header.php');
 ?>
 
@@ -95,4 +96,4 @@ require('./header.php');
 
 <?php
 require('./footer.php');
-?>
\ No newline at end of file
+?>
diff --git a/include/discounts-edit.php b/include/discounts-edit.php
index e6859a1..a760e9c 100644
--- a/include/discounts-edit.php
+++ b/include/discounts-edit.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
diff --git a/include/discounts-new.php b/include/discounts-new.php
index 1900d47..8a5f527 100644
--- a/include/discounts-new.php
+++ b/include/discounts-new.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
diff --git a/include/discounts-overview.php b/include/discounts-overview.php
index 6160a8c..f9a3630 100644
--- a/include/discounts-overview.php
+++ b/include/discounts-overview.php
@@ -16,6 +16,8 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
+
+require_once('./login.php');
 ?>
 
 <div class="col-lg-12">
diff --git a/include/discounts.php b/include/discounts.php
index 83cb1b8..8b160ab 100644
--- a/include/discounts.php
+++ b/include/discounts.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./index.php');
+require_once('./login.php');
 require('./header.php');
 ?>
 
diff --git a/include/home.php b/include/home.php
index 644f2ae..cb624fe 100644
--- a/include/home.php
+++ b/include/home.php
@@ -17,8 +17,9 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-require_once('index.php');
-require('header.php');
+require_once('./index.php');
+require_once('./login.php');
+require('./header.php');
 ?>
 
 <div id="wrapper">
diff --git a/include/offers-edit.php b/include/offers-edit.php
index b2a7156..95de9b3 100644
--- a/include/offers-edit.php
+++ b/include/offers-edit.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
@@ -56,4 +57,4 @@ try {
 	$response->success = false;
 	$response->message = "The offer could not be edited due to an exception.";
 }
-echo $response->message;
\ No newline at end of file
+echo $response->message;
diff --git a/include/offers-new.php b/include/offers-new.php
index 46bec3b..0d86293 100644
--- a/include/offers-new.php
+++ b/include/offers-new.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./conf.php');
+require_once('./login-ajax.php');
 
 $response = new response();
 
@@ -36,4 +37,4 @@ try {
 	$response->success = false;
 	$response->message = "The offer could not be created due to an error.";
 }
-echo $response->getJson();
\ No newline at end of file
+echo $response->getJson();
diff --git a/include/offers-overview.php b/include/offers-overview.php
index 594f01c..7fd2de2 100644
--- a/include/offers-overview.php
+++ b/include/offers-overview.php
@@ -16,6 +16,8 @@
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
+
+require_once('./login.php');
 ?>
 
 <div class="col-lg-12">
diff --git a/include/offers-view.php b/include/offers-view.php
index eec7701..082af35 100644
--- a/include/offers-view.php
+++ b/include/offers-view.php
@@ -17,6 +17,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+require_once('./login.php');
+
 $_offer = new offer($_pdo, $_id);
 ?>
 <div class="col-lg-6">
diff --git a/include/offers.php b/include/offers.php
index 872773d..1aa871a 100644
--- a/include/offers.php
+++ b/include/offers.php
@@ -18,6 +18,7 @@
  */
 
 require_once('./index.php');
+require_once('./login.php');
 require('./header.php');
 ?>
 
@@ -154,4 +155,4 @@ require('./header.php');
 
 <?php
 require('./footer.php');
-?>
\ No newline at end of file
+?>
diff --git a/include/settings.php b/include/settings.php
new file mode 100644
index 0000000..7dfbbc3
--- /dev/null
+++ b/include/settings.php
@@ -0,0 +1,84 @@
+<?php
+/**
+ * BusinessAdmin: administrative software for small companies
+ * Copyright (C) 2015 Camil Staps (ViviSoft)
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+require_once('./index.php');
+require_once('./login.php');
+require('./header.php');
+?>
+
+<div id="wrapper">
+
+	<?php require('nav.php'); ?>
+
+	<!-- Page Content -->
+	<div id="page-wrapper">
+		<div class="row">
+			<div class="col-lg-12">
+				<h1 class="page-header">Settings</h1>
+			</div>
+			<!-- /.col-lg-12 -->
+		</div>
+
+		<div class="row">
+			<div class="col-md-4">
+				<div class="panel panel-default">
+					<div class="panel-heading">Password</div>
+						<div class="panel-body">
+							<?php
+							if (isset($_POST['password_update'])) {
+								if ($_POST['password_update'] != $_POST['password_update2']) {
+									echo '<div class="alert alert-danger">The passwords don\'t match.</div>';
+								} else if (!$_user->verifyPassword($_POST['password_current'])) {
+									echo '<div class="alert alert-danger">The current password was incorrect.</div>';
+								} else {
+									try {
+										$_user->setPassword($_POST['password_update']);
+										echo '<div class="alert alert-success">Password successfully changed.</div>';
+									} catch (PDOException $e) {
+										echo '<div class="alert alert-danger">An unknown error occurred.</div>';
+									}
+								}
+							}
+							?>
+							<form action="" method="post">
+								<div class="form-group">
+									<input class="form-control" type="password" name="password_current" placeholder="Current password"/>
+								</div>
+								<div class="form-group">
+									<input class="form-control" type="password" name="password_update" placeholder="New password"/>
+								</div>
+								<div class="form-group">
+									<input class="form-control" type="password" name="password_update2" placeholder="New password (verification)"/>
+								</div>
+								<input class="btn btn-primary" type="submit" value="Change password"/>
+							</form>
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+		<!-- /.row -->
+	</div>
+	<!-- /#page-wrapper -->
+
+</div>
+<!-- /#wrapper -->
+<?php
+require('./footer.php');
+?>
-- 
cgit v1.2.3