matcha first push

config/conn.php

@@ -0,0 +1,12 @@
+<?php
+
+    include 'database.php';
+
+    try{
+        $conn = new PDO("mysql:host=$DB_DSN;dbname=" . $DB_NAME . "", $DB_USER, $DB_PASSWORD);
+        $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+    }catch(PDOException  $e ){
+        echo "Error: ".$e;
+    }
+
+?>

config/database.php

@@ -0,0 +1,8 @@
+<?php
+
+$DB_DSN = 'localhost';
+$DB_USER = 'root';
+$DB_PASSWORD = 'password';
+$DB_NAME = 'matcha';
+
+?>

config/setup.php

@@ -0,0 +1,80 @@
+<?php
+
+include './database.php';
+
+echo "user: " . $DB_USER . "<br>";
+echo "host: " . $DB_DSN . "<br>";
+
+try {
+	$init = new PDO("mysql:host=$DB_DSN;", $DB_USER, $DB_PASSWORD);
+	$init->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+	$sql = "CREATE DATABASE IF NOT EXISTS matcha;";
+	$init->exec($sql);
+	echo "Database created successfully<br>";
+} catch (PDOException $e) {
+	echo "error: " . $sql . "<br>" . $e->getMessage();
+}
+
+$init = null;
+
+$sql2 = "CREATE TABLE IF NOT EXISTS users ("
+. "id int NOT NULL AUTO_INCREMENT,"
+. "fullname varchar(150),"
+. "name varchar(50),"
+. "email varchar(50),"
+. "gender varchar(7),"
+. "bio varchar(280),"
+. "interests varchar(280),"
+. "preference varchar(7),"
+. "password varchar(1000),"
+. "status varchar(50),"
+. "confirmation_code varchar(1000),"
+. "PRIMARY KEY (id));";
+
+try {
+	$conn = new PDO("mysql:host=$DB_DSN;dbname=matcha", $DB_USER, $DB_PASSWORD);
+	$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+	$conn->exec($sql2);
+	echo "Users created successfully <br>";
+} catch (PDOException $e) {
+	echo "error: " . $sql2 . "<br>" . $e->getMessage();
+}
+
+$sql3 = "CREATE TABLE IF NOT EXISTS images ("
+. "image_id int NOT NULL AUTO_INCREMENT,"
+. "image_name varchar(100),"
+. "image_creator varchar(50),"
+. "image_creator_email varchar(50),"
+. "image_likes int,"
+. "image_url varchar(100),"
+. "image_timestamp timestamp NOT NULL DEFAULT current_timestamp on update current_timestamp,"
+. "PRIMARY KEY (image_id));";
+
+try {
+	$conn->exec($sql3);
+	echo "Images created successfully <br>";
+} catch (PDOException $e) {
+	echo "error: " . $sql3 . "<br>" . $e->getMessage();
+}
+
+$sql4 = "CREATE TABLE IF NOT EXISTS comments ("
+. "comment_id int NOT NULL AUTO_INCREMENT,"
+. "comment_creator varchar(50),"
+. "image_name varchar(100),"
+. "image_id int,"
+. "image_creator varchar(50),"
+. "image_creator_email varchar(50),"
+. "image_url varchar(100),"
+. "comment_timestamp timestamp NOT NULL DEFAULT current_timestamp on update current_timestamp,"
+. "PRIMARY KEY (comment_id));";
+
+try {
+	$conn->exec($sql4);
+	echo "Comments created successfully <br>";
+} catch (PDOException $e) {
+	echo "error: " . $sql4 . "<br>" . $e->getMessage();
+}
+
+$conn = null;
+
+?>

css/main.css

@@ -0,0 +1,15 @@
+#register-group {
+    padding-right: 10;
+}
+
+#login-group {
+    padding-left: 10; 
+}
+
+FOOTER {
+    bottom:0;
+    margin:0px auto;
+    position:absolute;
+    text-align:center;
+    width:100%;
+}

inc/confirmation.php

@@ -0,0 +1,27 @@
+<?php
+
+include '../config/conn.php';
+
+// Passkey that got from link
+$link_address = '../index.php';
+$passkey=$_GET['passkey'];
+
+// prepare sql and bind parameters
+$stmt = $conn->prepare("SELECT * FROM users WHERE confirmation_code=:confirmation_code");
+$stmt->bindParam(':confirmation_code', $passkey);
+$stmt->execute();
+if ($stmt->rowCount() == 1) {
+    $status = "activated";
+    // prepare sql and bind parameters
+    $stmt1 = $conn->prepare("UPDATE users SET status=:status
+    WHERE confirmation_code=:confirmation_code");
+    $stmt1->bindParam(':status', $status);
+    $stmt1->bindParam(':confirmation_code', $passkey);
+    $stmt1->execute();
+    echo "Your account has been activated." . "<br>" . "Sign in to continue!" . "<br>";
+    echo "<a href='$link_address'>Sign In</a>";
+} else{
+    echo "Wrong Confirmation code" . "<br>";
+}
+
+?>

inc/initreset.php

@@ -0,0 +1,82 @@
+<?php
+
+include '../config/conn.php';
+
+// check Login request
+if (!empty($_POST['btnReset'])) {
+
+	$email = trim($_POST['email']);
+
+    if ($email == "") {
+        $login_error_message = 'Email is required!';
+        echo $login_error_message . "<br>";
+    } else {
+    	try {
+            // prepare sql and bind parameters
+                $stmt3 = $conn->prepare("SELECT confirmation_code FROM users WHERE email=:email");
+                $stmt3->bindParam(':email', $email);
+                $stmt3->execute();
+                if ($stmt3->rowCount() > 0) {
+                    $row = $stmt3->fetch();
+                    $confirm_code = $row['confirmation_code'];
+
+                    // ---------------- SEND MAIL FORM ----------------
+
+                    // send e-mail to ...
+                    $to=$email;
+                    // Your subject
+                    $subject="Your Matcha password link is here";
+                    // From
+                    $header="from: Matcha";
+                    // Your message
+                    $message="Your password reset link \r\n";
+                    $message.="Click on this link to reset your password \r\n";
+                    $message.="http://localhost:8080/matcha/inc/resetlink.php?passkey=$confirm_code";
+
+                    // send email
+                    $sentmail = mail($to,$subject,$message,$header);
+
+                    // if your email succesfully sent
+                    if($sentmail){
+                        echo "Your Reset Password Link Has Been Sent To Your Email Address.";
+                    } else {
+                        echo "Cannot send Reset Password Link to your e-mail address";
+                    }
+                } else {
+                    echo "Incorrect Email!" . "<br>";
+                }
+		} catch (PDOException $e) {
+			echo "error: " . $e->getMessage();
+		}
+		$conn = null;
+    }
+
+}
+
+?>
+
+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Matcha - Reset</title>
+</head>
+<body>
+
+<div class="container">
+    <div class="row">
+            <h4>Reset Password</h4>
+            <form action="initreset.php" method="post">
+                <div class="form-group">
+                    <label for="">Email</label>
+                    <input type="email" name="email" class="form-control"/>
+                </div>
+                <div class="form-group">
+                    <input type="submit" name="btnReset" class="btn btn-primary" value="Reset"/>
+                </div>
+            </form>
+    </div>
+</div>
+
+</body>
+</html>

inc/logout.php

@@ -0,0 +1,9 @@
+<?php
+
+session_start();
+unset($_SESSION['status']);
+unset($_SESSION['email']);
+header("Location: ../index.php");
+exit();
+
+?>

inc/reset.php

@@ -0,0 +1,97 @@
+<?php
+
+// Start Session
+session_start();
+
+include '../config/conn.php';
+
+// Passkey that got from link
+$link_address = '../index.php';
+
+// check Login request
+if (!empty($_POST['btnReset'])) {
+
+    if ($_POST['email'] == "") {
+        $register_error_message = 'Email field is required!';
+        echo $register_error_message . "<br>";
+    } else if ($_POST['password'] == "") {
+        $register_error_message = 'Password field is required!';
+        echo $register_error_message . "<br>";
+    } else if ($_POST['repeat_password'] == "") {
+        $register_error_message = 'Repeat Password field is required!';
+        echo $register_error_message . "<br>";
+    } else if ($_POST['repeat_password'] != $_POST['password']) {
+        $register_error_message = 'Passwords don\'t match!';
+        echo $register_error_message . "<br>";
+    } else if (strlen($_POST['repeat_password']) < 6) {
+        $register_error_message = 'Password must be at least 6 characters!';
+        echo $register_error_message . "<br>";
+    } else if (!preg_match('/[^a-zA-Z]+/',($_POST['repeat_password']))) {
+        $register_error_message = 'Passwords must have at least one special character!';
+        echo $register_error_message . "<br>";
+    } else {
+        try {
+        	$email = $_POST['email'];
+        	$password = $_POST['password'];
+            $enc_password = hash('sha256', $password);
+            $confirm_code = $_SESSION['passkey'];
+
+            // prepare sql and bind parameters
+            $stmt = $conn->prepare("UPDATE users SET password=:password
+            WHERE confirmation_code=:confirmation_code");
+            $stmt->bindParam(':password', $enc_password);
+            $stmt->bindParam(':confirmation_code', $confirm_code);
+
+            $stmt1 = $conn->prepare("SELECT id FROM users WHERE email=:email");
+            $stmt1->bindParam(':email', $email);
+            $stmt1->execute();
+            if ($stmt1->rowCount() != 1) {
+                echo "Email Is Incorrect! <br>";
+            } else{
+                $stmt->execute();
+                echo "Password Reset! Login To Continue. <br>";
+                echo "<a href='$link_address'>Sign In</a>";              
+            }
+		} catch (PDOException $e) {
+			echo "error: " . $e->getMessage();
+		}
+        $conn = null;
+    }
+
+}
+
+?>
+
+<!doctype html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Matcha- Reset Password</title>
+</head>
+<body>
+
+<div class="container">
+    <div class="row">
+            <h4>Register</h4>
+            <form action="reset.php" method="post">
+                <div class="form-group">
+                    <label for="">Email</label>
+                    <input type="email" name="email" class="form-control"/>
+                </div>
+                <div class="form-group">
+                    <label for="">Password</label>
+                    <input type="password" name="password" class="form-control"/>
+                </div>
+                <div class="form-group">
+                    <label for="">Repeat Password</label>
+                    <input type="password" name="repeat_password" class="form-control"/>
+                </div>
+                <div class="form-group">
+                    <input type="submit" name="btnReset" class="btn btn-primary" value="Reset"/>
+                </div>
+            </form>
+    </div>
+</div>
+
+</body>
+</html>

inc/resetlink.php

@@ -0,0 +1,10 @@
+<?php
+
+$passkey=$_GET['passkey'];
+
+// Start Session
+session_start();
+$_SESSION['passkey'] = $passkey;
+header("Location: ./reset.php");
+
+?>