From a65e9ceec8bd6ea2219404da71fa0d7b59f66700 Mon Sep 17 00:00:00 2001
From: RundelhausCode <jona345e@edu.sde.dk>
Date: Thu, 11 Mar 2021 09:28:30 +0100
Subject: [PATCH] password reset, admin upadte and Camel case update

---
 .gitignore                                   |  2 +
 Backend/Controllers/Admin/Admin.php          |  9 ++++
 Backend/Controllers/Admin/AdminLogin.php     |  8 ++--
 Backend/Controllers/Admin/NewGameJam.php     | 17 ++++---
 Backend/Controllers/Admin/ResetPassword.php  |  9 ++--
 Backend/Controllers/Admin/UpdateGameJam.php  | 15 +++---
 Backend/Controllers/FileHandler/upload.php   |  2 +-
 Backend/Controllers/Group/Group.php          | 27 ++++++++++-
 Backend/Controllers/Group/Login.php          |  6 +--
 Backend/Controllers/Group/SigningUp.php      | 50 ++++++++++----------
 Backend/Controllers/Group/UpdateGruop.php    |  6 +--
 Backend/Controllers/Group/UpdatePassword.php | 14 ++++++
 Backend/Controllers/Group/logout.php         |  2 +
 Backend/Controllers/Polls/1vote.php          |  2 +-
 Backend/Controllers/Polls/321vote.php        |  2 +-
 Backend/Controllers/Polls/VoteChecking.php   |  6 +--
 16 files changed, 117 insertions(+), 60 deletions(-)
 create mode 100644 Backend/Controllers/Admin/Admin.php
 create mode 100644 Backend/Controllers/Group/UpdatePassword.php

diff --git a/.gitignore b/.gitignore
index 84b4ab0..e102757 100644
--- a/.gitignore
+++ b/.gitignore
@@ -109,3 +109,5 @@ composer.phar
 /Backend/Database/test.db
 /Backend/Games/
 /Frontend/images/
+/Test/
+/Test/
diff --git a/Backend/Controllers/Admin/Admin.php b/Backend/Controllers/Admin/Admin.php
new file mode 100644
index 0000000..6b54cc6
--- /dev/null
+++ b/Backend/Controllers/Admin/Admin.php
@@ -0,0 +1,9 @@
+<?php
+/**
+ * @return bool
+ */
+function isAdmin(){
+    session_start();
+    return isset($_SESSION['admin']);
+}
+
diff --git a/Backend/Controllers/Admin/AdminLogin.php b/Backend/Controllers/Admin/AdminLogin.php
index e7e48eb..f5e308a 100644
--- a/Backend/Controllers/Admin/AdminLogin.php
+++ b/Backend/Controllers/Admin/AdminLogin.php
@@ -1,12 +1,13 @@
 <?php
-require "../../../bootstrap.php";
+require_once "../../../bootstrap.php";
+require_once "Admin.php";
 
 use Backend\Models\AdminUser;
 
 //Start the php session
 session_start();
 
-if(isset($_POST['ALogin'])){
+if(isset($_POST['aLogin'])){
 
     $userName = $_POST["userName"];
     $password = $_POST["password"];
@@ -16,8 +17,7 @@ if(isset($_POST['ALogin'])){
         $hashedPassword = $user->password;
         if(password_verify($password, $hashedPassword )){
             $_SESSION['userName'] = $userName;
-            $_SESSION['Admin'] = true;
-            $_SESSION['userId'] = $user->id;
+            $_SESSION['admin'] = true;
             $_SESSION['success'] = "You are now logged in";
             header('location: ../Frontend/index.php?login=success');
         }else{
diff --git a/Backend/Controllers/Admin/NewGameJam.php b/Backend/Controllers/Admin/NewGameJam.php
index e9ce6fd..8735cdc 100644
--- a/Backend/Controllers/Admin/NewGameJam.php
+++ b/Backend/Controllers/Admin/NewGameJam.php
@@ -1,14 +1,19 @@
 <?php
-require "../../../bootstrap.php";
+require_once "../../../bootstrap.php";
+require_once "Admin.php";
 use Backend\Models\GameJam;
 
-if(isset($_SESSION['Admin'])){
-    if(isset($_POST['NewGameJam'])){
+var_dump($_POST);
+
+session_start();
+
+if(isAdmin()){
+    if(isset($_POST['newGameJam'])){
         $gameJam = New GameJam();
 
-        $gameJam->name = $_POST["gameJam_name"];
-        $gameJam->start_time = $_POST["start_time"];
-        $gameJam->end_time = $_POST["end_time"];
+        $gameJam->name = $_POST["gameJamName"];
+        $gameJam->start_time = $_POST["startDate"]."T".$_POST["startTime"];
+        $gameJam->end_time = $_POST["endDate"]."T".$_POST["endTime"];
         $gameJam->description = $_POST["description"];
 
         if($gameJam->save()){
diff --git a/Backend/Controllers/Admin/ResetPassword.php b/Backend/Controllers/Admin/ResetPassword.php
index 1513f73..7765765 100644
--- a/Backend/Controllers/Admin/ResetPassword.php
+++ b/Backend/Controllers/Admin/ResetPassword.php
@@ -1,15 +1,16 @@
 <?php
-require "../../../bootstrap.php";
+require_once "../../../bootstrap.php";
+require_once "Admin.php";
 
 use Backend\Models\Group;
 use Backend\Models\Password;
 
 session_start();
-if(isset($_SESSION['Admin'])){
-    if(isset($_POST['RestPassword'])){
+if(isAdmin()){
+    if(isset($_POST['restPassword'])){
         $group = Group::find($_POST['groupId']);
         if($group){
-            $group->password->password =  password_hash($_POST['NewPassword'], PASSWORD_DEFAULT);
+            $group->password->password =  password_hash($_POST['newPassword'], PASSWORD_DEFAULT);
             if($group->save()){
 
             }
diff --git a/Backend/Controllers/Admin/UpdateGameJam.php b/Backend/Controllers/Admin/UpdateGameJam.php
index ca0f843..60fd307 100644
--- a/Backend/Controllers/Admin/UpdateGameJam.php
+++ b/Backend/Controllers/Admin/UpdateGameJam.php
@@ -1,20 +1,21 @@
 <?php
-require "../../../bootstrap.php";
+require_once "../../../bootstrap.php";
+require_once "Admin.php";
 use Backend\Models\GameJam;
 
-if(isset($_SESSION['Admin'])){
-    if(isset($_POST['UpdateGameJam'])) {
-        $gameJam = GameJam::find($_POST['game_jam_id']);
+if(isAdmin()){
+    if(isset($_POST['updateGameJam'])) {
+        $gameJam = GameJam::find($_POST['gameJamId']);
         if($gameJam){
 
             $gameJam->name = $_POST['name'];
 
-            $gameJam->start_time = $_POST['start_time'];
+            $gameJam->start_time = $_POST["startDate"]."T".$_POST["startTime"];
 
-            $gameJam->end_time = $_POST['start_time'];
+            $gameJam->end_time = $_POST["endDate"]."T".$_POST["endTime"];
 
             if (!empty($_POST['key_word'])) {
-                $gameJam->key_word = $_POST['key_word'];
+                $gameJam->key_word = $_POST['keyWord'];
             }
 
             $gameJam->description = $_POST['description'];
diff --git a/Backend/Controllers/FileHandler/upload.php b/Backend/Controllers/FileHandler/upload.php
index 281c3ea..1b77154 100644
--- a/Backend/Controllers/FileHandler/upload.php
+++ b/Backend/Controllers/FileHandler/upload.php
@@ -10,7 +10,7 @@ $isImages = false;
 
 session_start();
 
-if(isset($_SESSION['token'])){
+if(isLogin()){
 
     $group = groupViaToken($_SESSION['token']);
 
diff --git a/Backend/Controllers/Group/Group.php b/Backend/Controllers/Group/Group.php
index 684609e..73b23af 100644
--- a/Backend/Controllers/Group/Group.php
+++ b/Backend/Controllers/Group/Group.php
@@ -6,10 +6,11 @@ use Backend\Models\Password;
 
 /**
  * @param string $token
- * @return Group;
+ * @return Group|null ;
  */
 
-function groupViaToken(string $token){
+function groupViaToken(string $token): ?Group
+{
 
     if($password = Password::firstWhere('remember_token', $token)){
         return Group::find($password->group_id);
@@ -17,6 +18,28 @@ function groupViaToken(string $token){
     return null;
 }
 
+/**
+ * @return bool
+ */
 function isLogin(){
     return isset($_SESSION["token"]);
+}
+
+/**
+ * @param string $password1
+ * @param string $password2
+ * @return bool
+ */
+function passwordValidate(string $password1, string $password2 ){
+    if($password1 === $password2){
+        $uppercase = preg_match('@[A-Z]@', $password1);
+        $lowercase = preg_match('@[a-z]@', $password1);
+        $number    = preg_match('@[0-9]@', $password1);
+        $specialChars = preg_match('@[^\w]@', $password1);
+
+        if(!$uppercase || !$lowercase || !$number || !$specialChars || (strlen($password1) < 8 && strlen($password1) > 255)) {
+            return true;
+        }
+    }
+    else false;
 }
\ No newline at end of file
diff --git a/Backend/Controllers/Group/Login.php b/Backend/Controllers/Group/Login.php
index 672cd53..d261379 100644
--- a/Backend/Controllers/Group/Login.php
+++ b/Backend/Controllers/Group/Login.php
@@ -19,9 +19,9 @@ if(isset($_POST['login'])){
        $hashedPassword = $group->password->password;
        if(password_verify($password, $hashedPassword )){
            $token = Str::random(100);
-           $grouppassword = Password::firstWhere('group_id', $group->id);
-           $grouppassword->remember_token = $token;
-           if($grouppassword->save()){
+           $groupPassword = Password::firstWhere('group_id', $group->id);
+           $groupPassword->remember_token = $token;
+           if($groupPassword->save()){
                $_SESSION['groupName'] = $groupName;
                $_SESSION['token'] = $token;
                $_SESSION['success'] = "You are now logged in";
diff --git a/Backend/Controllers/Group/SigningUp.php b/Backend/Controllers/Group/SigningUp.php
index e33e527..1807dcc 100644
--- a/Backend/Controllers/Group/SigningUp.php
+++ b/Backend/Controllers/Group/SigningUp.php
@@ -12,38 +12,38 @@ session_start();
 $groupName = "";
 $errors = array();
 
-if(isset($_POST['reg_group'])){
+if(isset($_POST['regGroup'])){
 
 
+    if(passwordValidate($pass = $_POST['password1'], $_POST['password2'])){
+        $group = new Group();
 
+        $group->gameJam()->associate(GameJam::find($_POST['gameJamId']));
 
-    $group = new Group();
+        $group->group_name = $groupName = $_POST['groupName'];
 
-    $group->gameJam()->associate(GameJam::find($_POST['gameJamId']));
+        $group->group_amount = $_POST['groupAmount'];
 
-    $group->group_name = $groupName = $_POST['groupName'];
+        if(!$group->save()){
+            return;
+        }
+        $password = New Password();
 
-    $group->group_amount = $_POST['groupAmount'];
+        $password->group()->associate($group);
 
-    if(!$group->save()){
-        return;
+        $password->password = password_hash($pass ,PASSWORD_DEFAULT);
+
+        $token = Str::random(100);
+
+        $password->remember_token = $token;
+
+        if(!$password->save()){
+            return;
+        }
+
+        $_SESSION['groupName'] = $groupName;
+        $_SESSION['token'] = $token;
+        $_SESSION['success'] = "You are now logged in";
+        header('location: ../../../Frontend/index.php');
     }
-    $password = New Password();
-
-    $password->group()->associate($group);
-
-    $password->password = password_hash($_POST['password'] ,PASSWORD_DEFAULT);
-
-    $token = Str::random(100);
-
-    $password->remember_token = $token;
-
-    if(!$password->save()){
-        return;
-    }
-
-    $_SESSION['groupName'] = $groupName;
-    $_SESSION['token'] = $token;
-    $_SESSION['success'] = "You are now logged in";
-    header('location: ../../../Frontend/index.php');
 }
diff --git a/Backend/Controllers/Group/UpdateGruop.php b/Backend/Controllers/Group/UpdateGruop.php
index 84e763a..f0cb3bf 100644
--- a/Backend/Controllers/Group/UpdateGruop.php
+++ b/Backend/Controllers/Group/UpdateGruop.php
@@ -7,9 +7,9 @@ session_start();
     if (isset($_POST['updateGroup'])) {
         if($group = Group::find($_POST['groupId'])){
             if ($group->password->remember_token === $_SESSION['token']){
-                $group->group_name = $_POST['group_name'];
-                $group->group_amount = $_POST['group_amount'];
-                $group->game_jam_id = $_POST['game_jam_id'];
+                $group->group_name = $_POST['groupName'];
+                $group->group_amount = $_POST['groupAmount'];
+                $group->game_jam_id = $_POST['gameJamId'];
                 $group->save();
             }
         }
diff --git a/Backend/Controllers/Group/UpdatePassword.php b/Backend/Controllers/Group/UpdatePassword.php
new file mode 100644
index 0000000..6c5bd5f
--- /dev/null
+++ b/Backend/Controllers/Group/UpdatePassword.php
@@ -0,0 +1,14 @@
+<?php
+require_once "../../../bootstrap.php";
+require_once "Group.php";
+use Backend\Models\Password;
+
+if(isset($_SESSION['token'])){
+    if(isset($_POST['updatePassword']))
+    $password = Password::firstWhere("group_id", groupViaToken($_SESSION["token"])->id);
+    if(passwordValidate($pass = $_POST['password1'], $_POST['password2'])){
+        $password = password_hash($pass,PASSWORD_DEFAULT);
+        $password->save();
+    }
+
+}
diff --git a/Backend/Controllers/Group/logout.php b/Backend/Controllers/Group/logout.php
index 4cc95b7..ac9b642 100644
--- a/Backend/Controllers/Group/logout.php
+++ b/Backend/Controllers/Group/logout.php
@@ -1,3 +1,5 @@
 <?php
 
+session_start();
+
 session_destroy();
\ No newline at end of file
diff --git a/Backend/Controllers/Polls/1vote.php b/Backend/Controllers/Polls/1vote.php
index 63f7295..7c450d0 100644
--- a/Backend/Controllers/Polls/1vote.php
+++ b/Backend/Controllers/Polls/1vote.php
@@ -5,7 +5,7 @@ use Backend\Models\Vote;
 require "../../../bootstrap.php";
 
 
-if(isset($_POST['1vote_for'])){
+if(isset($_POST['1Vote'])){
     require "VoteChecking.php";
 
     $vote = new Vote();
diff --git a/Backend/Controllers/Polls/321vote.php b/Backend/Controllers/Polls/321vote.php
index 455213d..3d0e86f 100644
--- a/Backend/Controllers/Polls/321vote.php
+++ b/Backend/Controllers/Polls/321vote.php
@@ -5,7 +5,7 @@ use Backend\Models\Vote;
 require "../../../bootstrap.php";
 
 
-if(isset($_POST['321vote_for'])){
+if(isset($_POST['321Vote'])){
     require "VoteChecking.php";
 
     //give 1 point
diff --git a/Backend/Controllers/Polls/VoteChecking.php b/Backend/Controllers/Polls/VoteChecking.php
index c8dbc35..1cd7679 100644
--- a/Backend/Controllers/Polls/VoteChecking.php
+++ b/Backend/Controllers/Polls/VoteChecking.php
@@ -1,10 +1,10 @@
 <?php
 $votes = array();
-if(isset($_COOKIE["Voting_reg"])) {
-    $votes = unserialize($_COOKIE["Voting_reg"]);
+if(isset($_COOKIE["votingReg"])) {
+    $votes = unserialize($_COOKIE["votingReg"]);
     foreach ($votes as $vote){
         if($_POST['gameJamId'] === $vote) return;
     }
 }
 array_push($votes,$_POST['gameJamId']);
-setcookie("Voting_reg", serialize($votes), time() + 86400, "/");
+setcookie("VotingReg", serialize($votes), time() + 86400, "/");