From dd90aa65ff170597e9d1106b95395e3c9f322adc Mon Sep 17 00:00:00 2001
From: Cerys <cerysamberlewis@gmail.com>
Date: Tue, 28 Jan 2025 11:59:53 +0000
Subject: [PATCH] can now create accounts

---
 Public/FormHandling/CreateAccount.php | 61 +++++++++++++++++++++++++++
 Routing/Router.php                    |  3 +-
 composer.json                         |  3 +-
 composer.lock                         |  2 +-
 4 files changed, 66 insertions(+), 3 deletions(-)
 create mode 100644 Public/FormHandling/CreateAccount.php

diff --git a/Public/FormHandling/CreateAccount.php b/Public/FormHandling/CreateAccount.php
new file mode 100644
index 0000000..46088d9
--- /dev/null
+++ b/Public/FormHandling/CreateAccount.php
@@ -0,0 +1,61 @@
+<?php
+
+use App\Enumerators\SessionElement;
+use App\Wrappers\CAPTCHAWrapper;
+use App\Wrappers\DatabaseInteractions;
+use App\Wrappers\SQLQueryBuilderWrapper;
+use Ramsey\Uuid\Uuid;
+
+require_once __DIR__ . "/../../vendor/autoload.php";
+
+
+$captchaResponse = $_POST['g-recaptcha-response'];
+CAPTCHAWrapper::HandleCaptchaResponse($captchaResponse);
+
+if(!isset($_POST['Username'])) die('No username');
+if(!isset($_POST['Password1'])) die('No password');
+if(!isset($_POST['Password2'])) die('No confirm password');
+
+if($_POST['Password1'] != $_POST['Password2']) die('Passwords do not match');
+
+
+
+$sha512Hash = hash(algo: 'sha512', data: $_POST['Password1'], binary: false);
+$hashedPassword = password_hash(password: $sha512Hash, algo: PASSWORD_BCRYPT);
+
+$db = new DatabaseInteractions();
+
+$existingUser = $db->RunSelect(
+    queryBuilder: SQLQueryBuilderWrapper::SELECT(
+        table: 'Users'
+    )
+        ->where(cond: 'T.Username LIKE :__username__')
+        ->bindValue(name: '__username__', value: $_POST['Username'])
+        ->limit(limit: 1)
+);
+
+if (!empty($existingUser)) {
+    echo "Username already exists. Please choose a different username.";
+    die();
+}
+
+$userID = Uuid::uuid4()->toString();
+
+$db->RunInsert(
+    queryBuilder: SQLQueryBuilderWrapper::INSERT(
+        table: 'Users',
+    )
+        ->set(col: 'ID', value: ':__user_id__')
+        ->set(col: 'Username', value: ':__username__')
+        ->set(col: 'PasswordHash', value: ':__password_hash__')
+        ->bindValue(name: '__user_id__', value: $userID)
+        ->bindValue(name: '__username__', value: $_POST['Username'])
+        ->bindValue(name: '__password_hash__', value: $hashedPassword)
+);
+
+$_SESSION[SessionElement::IS_LOGGED_IN->value] = true;
+$_SESSION[SessionElement::USER_ID->value] = $userID;
+$_SESSION[SessionElement::USERNAME->value] = $_POST['Username'];
+
+header("Location: /profile");
+die();
diff --git a/Routing/Router.php b/Routing/Router.php
index 5b059ac..7586fde 100644
--- a/Routing/Router.php
+++ b/Routing/Router.php
@@ -2,11 +2,12 @@
 
 use App\Configuration;
 use App\Enumerators\SessionElement;
+use App\Wrappers\SessionWrapper;
 use App\Wrappers\TwigWrapper;
 
 require_once __DIR__ . "/../vendor/autoload.php";
 
-session_start();
+SessionWrapper::Start();
 
 // Get the request URI and break it into segments
 $requestUri = parse_url($_SERVER["REQUEST_URI"], PHP_URL_PATH);
diff --git a/composer.json b/composer.json
index df55a76..2b8e940 100644
--- a/composer.json
+++ b/composer.json
@@ -29,6 +29,7 @@
     "ext-pdo": "*",
     "aura/sqlquery": "2.8.1",
 
-    "google/cloud-recaptcha-enterprise": "v1.7.0"
+    "google/cloud-recaptcha-enterprise": "v1.7.0",
+    "ramsey/uuid": "*"
   }
 }
diff --git a/composer.lock b/composer.lock
index aa196c4..d5fa915 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "efea1a83885c04fe988e656c653f9f65",
+    "content-hash": "d9cebd28c0a5216d94784b6216be8d80",
     "packages": [
         {
             "name": "algolia/algoliasearch-client-php",