From: Steve Sutton Date: Fri, 16 Nov 2018 21:06:08 +0000 (-0500) Subject: Adding reset password token field to db X-Git-Url: http://cvs2.gaslightmedia.com/gitweb/index.cgi?a=commitdiff_plain;h=8a683c529746e58794725665d7dc2f239e333831;p=WP-Plugins%2Fglm-member-db-itinerary.git Adding reset password token field to db For the forgot password feature. --- diff --git a/index.php b/index.php index c18d816..0f2b44f 100644 --- a/index.php +++ b/index.php @@ -44,7 +44,7 @@ if (!defined('ABSPATH')) { * version from this plugin. */ define('GLM_MEMBERS_ITINERARY_PLUGIN_VERSION', '0.0.1'); -define('GLM_MEMBERS_ITINERARY_PLUGIN_DB_VERSION', '0.0.2'); +define('GLM_MEMBERS_ITINERARY_PLUGIN_DB_VERSION', '0.0.3'); // This is the minimum version of the GLM Members DB plugin require for this plugin. define('GLM_MEMBERS_ITINERARY_PLUGIN_MIN_MEMBERS_REQUIRED_VERSION', '2.8.0'); diff --git a/models/front/itinerary/list.php b/models/front/itinerary/list.php index 28999ce..e4f11f9 100755 --- a/models/front/itinerary/list.php +++ b/models/front/itinerary/list.php @@ -67,14 +67,16 @@ class GlmMembersFront_itinerary_list // extends GlmMembersFront_events_baseActio { $status = true; $view = 'list.html'; - $members = array(); $option = 'list'; - $form_contents = ''; + $formContents = ''; $userLoggedIn = false; + $createSuccess = false; + $members = $membersWithEmails = $memberEmails = $states = - $membersNoEmails = array(); + $membersNoEmails = + $formErrors = array(); if ( isset( $_SESSION['travel-list'] ) ) { foreach ( $_SESSION['travel-list'] as $item ) { @@ -94,35 +96,75 @@ class GlmMembersFront_itinerary_list // extends GlmMembersFront_events_baseActio switch ( $option ) { case 'addAccount': - // Add the account - // Unless email already exists - // echo '
$_REQUEST: ' . print_r( $_REQUEST, true ) . '
'; - $password = md5( filter_var( $_REQUEST['password'], FILTER_SANITIZE_STRING ) ); - $this->wpdb->insert( - GLM_MEMBERS_ITINERARY_PLUGIN_DB_PREFIX . 'user', - array( - 'fname' => filter_var( $_REQUEST['fname'], FILTER_SANITIZE_STRING ), - 'lname' => filter_var( $_REQUEST['lname'], FILTER_SANITIZE_STRING ), - 'addr1' => filter_var( $_REQUEST['addr1'], FILTER_SANITIZE_STRING ), - 'addr2' => filter_var( $_REQUEST['addr2'], FILTER_SANITIZE_STRING ), - 'city' => filter_var( $_REQUEST['city'], FILTER_SANITIZE_STRING ), - 'state' => filter_var( $_REQUEST['state'], FILTER_SANITIZE_STRING ), - 'zip' => filter_var( $_REQUEST['zip'], FILTER_SANITIZE_STRING ), - 'email' => filter_var( $_REQUEST['email'], FILTER_VALIDATE_EMAIL ), - 'password' => $password, - ), - array( - '%s', // fname - '%s', // lname - '%s', // addr1 - '%s', // addr2 - '%s', // city - '%s', // state - '%s', // zip - '%s', // email - '%s', // password + + // Check that the email and verify email matches. + $email = filter_var( $_REQUEST['email'], FILTER_SANITIZE_STRING ); + $verifyEmail = filter_var( $_REQUEST['verify_email'], FILTER_SANITIZE_STRING ); + if ( $email != $verifyEmail ) { + $formErrors['verify_email'] = true; + $createSuccess = false; + } + $password = filter_var( $_REQUEST['password'], FILTER_SANITIZE_STRING ); + $verifyPassword = filter_var( $_REQUEST['verify_password'], FILTER_SANITIZE_STRING ); + if ( $password != $verifyPassword ) { + $formErrors['verify_password'] = true; + $createSuccess = false; + } + // Check if the email already exists. + $currentEmailUsed = $this->wpdb->get_var( + $this->wpdb->prepare( + "SELECT id + FROM " . GLM_MEMBERS_ITINERARY_PLUGIN_DB_PREFIX . "user + WHERE email = %s", + $email ) ); + if ( $currentEmailUsed ) { + $formErrors['email'] = true; + } + + if ( !$formErrors ) { + // Add the account + // Unless email already exists + // echo '
$_REQUEST: ' . print_r( $_REQUEST, true ) . '
'; + $password = md5( filter_var( $_REQUEST['password'], FILTER_SANITIZE_STRING ) ); + $this->wpdb->insert( + GLM_MEMBERS_ITINERARY_PLUGIN_DB_PREFIX . 'user', + array( + 'fname' => filter_var( $_REQUEST['fname'], FILTER_SANITIZE_STRING ), + 'lname' => filter_var( $_REQUEST['lname'], FILTER_SANITIZE_STRING ), + 'addr1' => filter_var( $_REQUEST['addr1'], FILTER_SANITIZE_STRING ), + 'addr2' => filter_var( $_REQUEST['addr2'], FILTER_SANITIZE_STRING ), + 'city' => filter_var( $_REQUEST['city'], FILTER_SANITIZE_STRING ), + 'state' => filter_var( $_REQUEST['state'], FILTER_SANITIZE_STRING ), + 'zip' => filter_var( $_REQUEST['zip'], FILTER_SANITIZE_STRING ), + 'email' => filter_var( $_REQUEST['email'], FILTER_VALIDATE_EMAIL ), + 'password' => $password, + ), + array( + '%s', // fname + '%s', // lname + '%s', // addr1 + '%s', // addr2 + '%s', // city + '%s', // state + '%s', // zip + '%s', // email + '%s', // password + ) + ); + $authUserId = $this->wpdb->insert_id; + if ( $authUserId ) { + $createSuccess = true; + + // Now add the session. + $_SESSION['itinerary-auth'] = $authUserId; + } else { + // Form error no account added. + } + } else { + $states = $this->config['states']; + } $view = 'create.html'; break; case 'create': @@ -179,6 +221,29 @@ class GlmMembersFront_itinerary_list // extends GlmMembersFront_events_baseActio case 'forgot': $view = 'forgot.html'; break; + case 'reset': + // Search for the email. + // If not found then say something about not finding the account and link to the new account form. + // If found then send the email reset. + $email = filter_var( $_REQUEST['username'], FILTER_VALIDATE_EMAIL ); + if ( $email ) { + $emailFound = $this->wpdb->get_var( + $this->wpdb->prepare( + "SELECT id + FROM " . GLM_MEMBERS_ITINERARY_PLUGIN_DB_PREFIX . "user + WHERE email = %s", + $email + ) + ); + if ( $emailFound ) { + // Setup the email message. + // Create the md5 reset token. + // Send email. + } + } else { + // No email given + } + break; case 'moreinfo': // Need to create two list one with emails and one without. foreach ( $members as $member ) { @@ -198,10 +263,10 @@ class GlmMembersFront_itinerary_list // extends GlmMembersFront_events_baseActio $_GET['member_emails'] = implode( ',', $memberEmwails ); $form_id = $this->config['settings']['send_itinerary_form_id']; if ( isset( $form_id ) && filter_var( $form_id, FILTER_VALIDATE_INT ) ) { - $form_contents = do_shortcode( '[gravityform id="' . $form_id . '" title="false" description="false"]' ); + $formContents = do_shortcode( '[gravityform id="' . $form_id . '" title="false" description="false"]' ); } } else { - $form_contents = ''; + $formContents = ''; } break; case 'list': @@ -215,9 +280,11 @@ class GlmMembersFront_itinerary_list // extends GlmMembersFront_events_baseActio 'members' => $members, 'membersWithEmails' => $membersWithEmails, 'membersNoEmails' => $membersNoEmails, - 'formContents' => $form_contents, + 'formContents' => $formContents, 'states' => $states, 'userLoggedIn' => $userLoggedIn, + 'formErrors' => $formErrors, + 'createSuccess' => $createSuccess, ); error_reporting(E_ALL ^ E_NOTICE); diff --git a/setup/databaseScripts/create_database_V0.0.2.sql b/setup/databaseScripts/create_database_V0.0.2.sql deleted file mode 100644 index e0d170d..0000000 --- a/setup/databaseScripts/create_database_V0.0.2.sql +++ /dev/null @@ -1,58 +0,0 @@ --- Gaslight Media Staff Add On --- File Created: 2018-10-24 --- Database Version: 0.0.1 --- Database Creation Script --- --- To permit each query below to be executed separately, --- all queries must be separated by a line with four dashes - --- Itinerary Session -CREATE TABLE {prefix}session ( - id INT NOT NULL AUTO_INCREMENT, - ref_type INT NOT NULL, -- Reference Type (see plugin.ini for ref_types) - ref_dest INT NOT NULL, -- Id from the Reference - contact_type INT NOT NULL, -- Contact Type (see plugin.ini for contact_types) - contact_dest INT NOT NULL, -- Id of the Contact Type - page_url TEXT NOT NULL, -- Page url when this was added. - PRIMARY KEY (id), - INDEX(ref_dest), - INDEX(contact_dest) -); - ----- - --- Itinerary User -CREATE TABLE {prefix}user ( - id INT NOT NULL AUTO_INCREMENT, - fname TINYTEXT NULL, - lname TINYTEXT NULL, - addr1 TINYTEXT NULL, - addr2 TINYTEXT NULL, - city TINYTEXT NULL, - state TINYTEXT NULL, - zip TINYTEXT NULL, - email TINYTEXT NULL, - phone TINYTEXT NULL, - fax TINYTEXT NULL, - password TINYTEXT NULL, - PRIMARY KEY (id), - INDEX(email(20)) -); - ----- - --- Management -CREATE TABLE {prefix}management ( - id INT NOT NULL AUTO_INCREMENT, - send_itinerary_form_id INT NULL, - itinerary_page INT NULL, - itinerary_page_content TEXT NULL, - add_label TINYTEXT NULL, - view_label TINYTEXT NULL, - PRIMARY KEY (id) -); - ----- - --- Add record to management table -INSERT INTO {prefix}management (id, add_label, view_label) VALUES (1, 'Add to Trip Planner', 'View Trip Planner'); diff --git a/setup/databaseScripts/create_database_V0.0.3.sql b/setup/databaseScripts/create_database_V0.0.3.sql new file mode 100644 index 0000000..c658dc4 --- /dev/null +++ b/setup/databaseScripts/create_database_V0.0.3.sql @@ -0,0 +1,59 @@ +-- Gaslight Media Staff Add On +-- File Created: 2018-10-24 +-- Database Version: 0.0.1 +-- Database Creation Script +-- +-- To permit each query below to be executed separately, +-- all queries must be separated by a line with four dashes + +-- Itinerary Session +CREATE TABLE {prefix}session ( + id INT NOT NULL AUTO_INCREMENT, + ref_type INT NOT NULL, -- Reference Type (see plugin.ini for ref_types) + ref_dest INT NOT NULL, -- Id from the Reference + contact_type INT NOT NULL, -- Contact Type (see plugin.ini for contact_types) + contact_dest INT NOT NULL, -- Id of the Contact Type + page_url TEXT NOT NULL, -- Page url when this was added. + PRIMARY KEY (id), + INDEX(ref_dest), + INDEX(contact_dest) +); + +---- + +-- Itinerary User +CREATE TABLE {prefix}user ( + id INT NOT NULL AUTO_INCREMENT, + fname TINYTEXT NULL, + lname TINYTEXT NULL, + addr1 TINYTEXT NULL, + addr2 TINYTEXT NULL, + city TINYTEXT NULL, + state TINYTEXT NULL, + zip TINYTEXT NULL, + email TINYTEXT NULL, + phone TINYTEXT NULL, + fax TINYTEXT NULL, + password TINYTEXT NULL, + reset_token TINYTEXT NULL, + PRIMARY KEY (id), + INDEX(email(20)) +); + +---- + +-- Management +CREATE TABLE {prefix}management ( + id INT NOT NULL AUTO_INCREMENT, + send_itinerary_form_id INT NULL, + itinerary_page INT NULL, + itinerary_page_content TEXT NULL, + add_label TINYTEXT NULL, + view_label TINYTEXT NULL, + PRIMARY KEY (id) +); + +---- + +-- Add record to management table +INSERT INTO {prefix}management (id, add_label, view_label) VALUES (1, 'Add to Trip Planner', 'View Trip Planner'); diff --git a/setup/databaseScripts/dbVersions.php b/setup/databaseScripts/dbVersions.php index 4ecc20c..7eb30bf 100644 --- a/setup/databaseScripts/dbVersions.php +++ b/setup/databaseScripts/dbVersions.php @@ -16,5 +16,6 @@ $glmMembersItineraryDbVersions = array( '0.0.1' => array('version' => '0.0.1', 'tables' => 3, 'date' => '10/31/2018'), '0.0.2' => array('version' => '0.0.2', 'tables' => 3, 'date' => '11/13/2018'), + '0.0.3' => array('version' => '0.0.3', 'tables' => 3, 'date' => '11/16/2018'), ); diff --git a/setup/databaseScripts/update_database_V0.0.3.sql b/setup/databaseScripts/update_database_V0.0.3.sql new file mode 100644 index 0000000..a1eef91 --- /dev/null +++ b/setup/databaseScripts/update_database_V0.0.3.sql @@ -0,0 +1,12 @@ +-- Gaslight Media Members Database - Itinerary Add-On +-- File Created: 2018-11-13 +-- Database Version: 0.0.2 +-- Database Update From Previous Version Script +-- +-- To permit each query below to be executed separately, +-- all queries must be separated by a line with four dashses + + +-- Add Form Id for Itinerary +ALTER TABLE {prefix}user ADD COLUMN reset_token TINYTEXT NULL; + diff --git a/views/front/itinerary/create.html b/views/front/itinerary/create.html index 095e1dc..5f35dfa 100644 --- a/views/front/itinerary/create.html +++ b/views/front/itinerary/create.html @@ -1,86 +1,94 @@ {* Create Account Form *} - +

Create an Account to Save your Trip Planner

- - +{if !$createSuccess} + {if $formErrors}
Form was not submitted. Please check form for any errors!
{/if} +
+
+ - - - - -

Create an Account to Save your Trip Planner

- -
- - - -
-
- - +
+
+ + +
+
+ + +
-
- - -
-
-
-
- - -
-
- - +
+
+ + +
+
+ + +
-
-
-
- - -
-
- - -
-
- - +
+
+ + +
+
+ + +
+
+ + +
-
-
-
- - - +
+
+ + + {if $formErrors.email}There's already an account with that email!{/if} +
+
+ + + {if $formErrors.verify_email}Does not match!{/if} +
-
- - +
+
+ + +
+
+ + + {if $formErrors.verify_password}Does not match!{/if} +
-
-
-
- +
+
+ +
-
- -
+ +
+{else} + Success message here... +

Go to Trip Planner

+{/if} diff --git a/views/front/itinerary/forgot.html b/views/front/itinerary/forgot.html new file mode 100644 index 0000000..33c8cb8 --- /dev/null +++ b/views/front/itinerary/forgot.html @@ -0,0 +1,15 @@ +

Password Recovery

+ +
+ +
+

Enter your email address.

+ +
+ + + +
+
+ +
diff --git a/views/front/itinerary/list.html b/views/front/itinerary/list.html index 8fc5294..de7b24b 100644 --- a/views/front/itinerary/list.html +++ b/views/front/itinerary/list.html @@ -11,22 +11,24 @@

{$settings.itinerary_page_content}

-
+
{if !$userLoggedIn}
-
+

Sign In:

- - + + + + Forgot your Password?
-
+

If you do not have an account

Create Account
By creating an account, you'll be able to save your list for later. @@ -38,17 +40,22 @@ {/if} {if $members} - +
+
+ +
+

{if $members} @@ -81,7 +88,7 @@
{/foreach}
- +