function register() { $fname = $_POST['reg_first_name']; $lname = $_POST['reg_last_name']; $email = $_POST['reg_email']; $password = $_POST['reg_password']; if (strlen($fname) < 2 || strlen($lname) < 2 || !valid_email($email) || User::emailExists($email) || strlen(trim($password)) < 6) { throw new Exception("Error when registering new user."); } User::add($email, md5($password), $fname, $lname); redirect('/registered'); }
include_once 'objects/user.php'; include_once "libs/php/utils.php"; // get database connection $database = new Database(); $db = $database->getConnection(); // initialize objects $category = new Category($db); $user = new User($db); $utils = new Utils(); // include page header HTML include_once "layout_head.php"; // if the login form was submitted if ($_POST) { // check if username and password are in the database $user->email = $_POST['email']; if ($user->emailExists()) { // update access code for user $access_code = $utils->getToken(); $user->access_code = $access_code; if ($user->updateAccessCode()) { // send reset link $body = "Hi there.<br /><br />"; $body .= "Please click the following link to reset your password: {$home_url}reset_password/?access_code={$access_code}"; $subject = "Reset Password"; $send_to_email = $_POST['email']; if ($utils->sendEmailViaPhpMailerLibrary($send_to_email, $subject, $body)) { echo "<div class=\"alert alert-info alert-dismissable\">"; echo "<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>"; echo "Password reset link was sent to your email. Click that link to reset your password."; echo "</div>"; } else {
/** * this adds a new user to the database * notice this is a static function so this can get called without having to instantiate a new user object * @param STRING $fName First name of the user * @param STRING $lName Last name of the user * @param STRING $creditProvider Credit card provider of the user * @param INT $creditCardNum User's credit card number * @param STRING $email User's email address * @param STRING $password User's password pre-hash */ public static function addUser($fName, $lName, $creditProvider, $creditCardNum, $email, $password) { if (!User::emailExists($email)) { $db = new DB(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); $hashed_pwd = User::securePassword($password); $query = "INSERT INTO users (fName,lName,credit_provider,credit_number,email,pswd) VALUES (?,?,?,?,?,?)"; $user_id = $db->insert($query, array($fName, $lName, $creditProvider, $creditCardNum, $email, $hashed_pwd)); return $user_id; } }
$msg = ''; $msgStatus = ''; if (isset($_POST['subscriberSubmit'])) { $userObj->email = filter_input(INPUT_POST, 'subscriberEmail', FILTER_VALIDATE_EMAIL) ? mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'subscriberEmail', FILTER_VALIDATE_EMAIL)) : ''; if ($userObj->email == "") { array_push($errorArr, "valid email "); } $userObj->name = filter_input(INPUT_POST, 'subscriberName') ? mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'subscriberName')) : ''; if ($userObj->name == "") { array_push($errorArr, " name "); } $userObj->company = filter_input(INPUT_POST, 'subscriberCompany') ? mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'subscriberCompany')) : ''; if ($userObj->company == "") { array_push($errorArr, " company "); } if (count($errorArr) < 1) { if ($userObj->emailExists()) { $msgStatus = 'error'; $msg = '<h3>Subscription failed!</h3><p>REASON: You have already subscribed to our site.</p>'; } else { $msgStatus = $userObj->addRaw(); $msg = $msgStatus == 'success' ? '<h3>SUCCESS</h3><p>You have successfully subscribed to our site.</p>' : '<h3>ERROR</h3><p>Website subscription failed.</p>'; } } else { $msgStatus = 'error'; $msg = $thisPage->showError($errorArr); } $_SESSION['msgStatus'] = $msgStatus; $_SESSION['msg'] = $msg; $thisPage->redirectTo($_SERVER['HTTP_REFERER']); }
<?php include "../conf/topo_basic.php"; header('Content-Type: application/json'); $usr = new User(); //getListState if (isset($_POST['getDrList'])) { echo json_encode($usr->getDrList()); } if (isset($_POST['saveUser'])) { echo json_encode($usr->addUser($_POST)); } if (isset($_POST['emailExists'])) { echo json_encode($usr->emailExists($_POST['emailExists'])); } if (isset($_POST['listAll'])) { echo json_encode($usr->listAllUsers()); } ?>