Create an insecure bank application

2024-06-01 15:13:50 +02:00
commit 2133574cae
40 changed files with 1370 additions and 0 deletions
--- a/webroot/lib/View/RegisterPage.php
+++ b/webroot/lib/View/RegisterPage.php
@ -0,0 +1,77 @@
+<?php
+declare(strict_types=1);
+
+namespace View;
+
+use Model\Context;
+
+class RegisterPage extends BankingPage
+{
+    public string $fieldUsername = '';
+    public string $fieldPassword = '';
+    public string $fieldRepeatPassword = '';
+    public bool $formWasSent = false;
+
+    public bool $errorUsernameEmpty = false;
+    public bool $errorUsernameTooLong = false;
+    public bool $errorUsernameInUse = false;
+    public bool $errorPasswordEmpty = false;
+    public bool $errorPasswordsMismatch = false;
+
+    public function __construct(...$args)
+    {
+        parent::__construct(...$args);
+        if (isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])) {
+            $this->formWasSent = true;
+            $this->fieldUsername = (string) $_POST['username'];
+            $this->fieldPassword = (string) $_POST['password'];
+            $this->fieldRepeatPassword = (string) $_POST['repeat_password'];
+        }
+    }
+
+    public function sendTitle(): void
+    {
+        echo 'Registrieren';
+    }
+
+    public function renderErrors(): string
+    {
+        $errors = [];
+        if ($this->errorUsernameEmpty) {
+            $errors[] = '[!] Bitte wähle einen Nutzernamen.';
+        }
+        if ($this->errorUsernameTooLong) {
+            $errors[] = '[!] Der Nutzername darf nicht länger als 20 Zeichen sein.';
+        }
+        if ($this->errorUsernameInUse) {
+            $errors[] = '[!] Der Nutzername wird bereits von einem Account verwendet.';
+        }
+        if ($this->errorPasswordEmpty) {
+            $errors[] = '[!] Bitte wähle ein Passwort.';
+        }
+        if ($this->errorPasswordsMismatch) {
+            $errors[] = '[!] Die beiden Passwörter stimmen nicht überein.';
+        }
+        return implode('<br>', $errors);
+    }
+
+    public function sendMainContent(): void
+    {
+        $username = htmlspecialchars($this->fieldUsername);
+        $password = htmlspecialchars($this->fieldPassword);
+        $repeatPassword = htmlspecialchars($this->fieldRepeatPassword);
+
+        echo '<h1>Registrieren</h1>';
+        echo '<p>Erstelle dir hier einen neuen Banking-Account.</p>';
+        $errors = $this->renderErrors();
+        if (!empty($errors)) {
+            echo "<p class=\"error\">{$errors}</p>";
+        }
+        echo '<form class="register" action="/register.php" method="post">';
+        echo "<label for=\"username\">Nutzername:</label><input type=\"text\" name=\"username\" id=\"username\" maxlength=\"20\" value=\"{$username}\"><br>";
+        echo "<label for=\"password\">Passwort:</label><input type=\"password\" name=\"password\" id=\"password\" value=\"{$password}\"><br>";
+        echo "<label for=\"repeat_password\">Passwort wiederholen:</label><input type=\"password\" name=\"repeat_password\" id=\"repeat_password\" value=\"{$repeatPassword}\"><br>";
+        echo '<input type="submit" value="Jetzt registrieren">';
+        echo '</form>';
+    }
+}