<?php include 'inc/header.php'; ?> </div> </div> <div id="content"> <?php if (isset($_SESSION['user'])) { $subject = ''; $message = ''; $recieverId = 1; //Sorry martijn - Geeft niet (Martijn) //Boven aan pagina gezet voor makkelijker lezen if (isset($_POST['send'])) { $dbConnect = portfolio_connect(); $subject = filter_input(INPUT_POST, 'subject'); $message = filter_input(INPUT_POST, 'message'); $recieverId = filter_input(INPUT_POST, 'reciever'); if (empty($subject) || empty($message)) { echo "U heeft geen onderwerp of bericht ingevult."; } else { if (strlen($subject) > 155 || strlen($message) > 65535) { if (strlen($subject) > 155) { echo "<p style='color: red'>Your subject is too long. (max 155 characters)</p>"; } else { echo "<p style='color: red'>Your message is to long. (max 65535 characters)</p>"; echo "<p style='color: red'>Seriously, how did you do that?</p>"; } } else { $senderId = $_SESSION['user']['gebruikersId'];
//Alles echo "<h2>Welkom " . $_SESSION['user']['voornaam'] . " " . $_SESSION['user']['achternaam'] . "</h2>"; $matData = portfolio_get_material($matId); $noteData = portfolio_get_note($matId); if ($matData && $noteData) { echo '<h2>Verwijder cijfer voor ' . $matData['naam'] . '</h2>'; /* * Checks + verwijderen van materiaal. */ if (portfolio_user_is_of_type(array('admin')) || $_SESSION['user']['gebruikersId'] == $noteData['beoordelaarId']) { $pwCorrect = false; $deleted = false; if (isset($_POST['submit']) && isset($_SESSION['user']) && $matId) { $userId = $_SESSION['user']['gebruikersId']; $userPass = filter_input(INPUT_POST, 'userPass'); $link = portfolio_connect(); if ($link) { $sql = "SELECT * FROM " . TABLE_USER . " WHERE gebruikersId='" . mysqli_real_escape_string($link, $userId) . "'"; $result = mysqli_query($link, $sql); if ($result !== false) { if (($array = mysqli_fetch_assoc($result)) != null) { if (password_verify($userPass, $array['wachtwoord'])) { $pwCorrect = true; $deleted = portfolio_delete_note($matId); } } } } } /* * Wachtwoord prompt + teruggave info over succes van verwijderen
function portfolio_reset_pass($userId) { $link = portfolio_connect(); if ($link) { $userData = portfolio_get_user_details($userId); if (count($userData) > 0) { $newPass = dechex(rand(268435456, 4294967295)) . dechex(rand(268435456, 4294967295)); //Will result in 16 hexadecimal 'digits' $hashed = password_hash($newPass, PASSWORD_DEFAULT); $sql = "UPDATE " . TABLE_USER . " \n\t\t\t\t\tSET wachtwoord='" . mysqli_real_escape_string($link, $hashed) . "' \n\t\t\t\t\tWHERE gebruikersId=" . mysqli_real_escape_string($link, $userId); if (mysqli_query($link, $sql)) { mail($userData['eMail'], 'Password reset for portfolio', "Hello " . $userData['voornaam'] . "\r\n\r\nA password reset was requested for your portfolio account.\r\nYour new password is " . $newPass . "\r\n\r\nThe admin team"); return true; } } } return null; }