function register()
{
$fname = $_POST['reg_first_name'];
$lname = $_POST['reg_last_name'];
$email = $_POST['reg_email'];
$password = $_POST['reg_password'];
if (strlen($fname) < 2 || strlen($lname) < 2 || !valid_email($email) || User::emailExists($email) || strlen(trim($password)) < 6) {
throw new Exception("Error when registering new user.");
}
User::add($email, md5($password), $fname, $lname);
redirect('/registered');
}
include_once 'objects/user.php';
include_once "libs/php/utils.php";
// get database connection
$database = new Database();
$db = $database->getConnection();
// initialize objects
$category = new Category($db);
$user = new User($db);
$utils = new Utils();
// include page header HTML
include_once "layout_head.php";
// if the login form was submitted
if ($_POST) {
// check if username and password are in the database
$user->email = $_POST['email'];
if ($user->emailExists()) {
// update access code for user
$access_code = $utils->getToken();
$user->access_code = $access_code;
if ($user->updateAccessCode()) {
// send reset link
$body = "Hi there.<br /><br />";
$body .= "Please click the following link to reset your password: {$home_url}reset_password/?access_code={$access_code}";
$subject = "Reset Password";
$send_to_email = $_POST['email'];
if ($utils->sendEmailViaPhpMailerLibrary($send_to_email, $subject, $body)) {
echo "<div class=\"alert alert-info alert-dismissable\">";
echo "<button type=\"button\" class=\"close\" data-dismiss=\"alert\" aria-hidden=\"true\">×</button>";
echo "Password reset link was sent to your email. Click that link to reset your password.";
echo "</div>";
} else {
/**
* this adds a new user to the database
* notice this is a static function so this can get called without having to instantiate a new user object
* @param STRING $fName First name of the user
* @param STRING $lName Last name of the user
* @param STRING $creditProvider Credit card provider of the user
* @param INT $creditCardNum User's credit card number
* @param STRING $email User's email address
* @param STRING $password User's password pre-hash
*/
public static function addUser($fName, $lName, $creditProvider, $creditCardNum, $email, $password)
{
if (!User::emailExists($email)) {
$db = new DB(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);
$hashed_pwd = User::securePassword($password);
$query = "INSERT INTO users (fName,lName,credit_provider,credit_number,email,pswd) VALUES (?,?,?,?,?,?)";
$user_id = $db->insert($query, array($fName, $lName, $creditProvider, $creditCardNum, $email, $hashed_pwd));
return $user_id;
}
}
$msg = '';
$msgStatus = '';
if (isset($_POST['subscriberSubmit'])) {
$userObj->email = filter_input(INPUT_POST, 'subscriberEmail', FILTER_VALIDATE_EMAIL) ? mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'subscriberEmail', FILTER_VALIDATE_EMAIL)) : '';
if ($userObj->email == "") {
array_push($errorArr, "valid email ");
}
$userObj->name = filter_input(INPUT_POST, 'subscriberName') ? mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'subscriberName')) : '';
if ($userObj->name == "") {
array_push($errorArr, " name ");
}
$userObj->company = filter_input(INPUT_POST, 'subscriberCompany') ? mysqli_real_escape_string($dbObj->connection, filter_input(INPUT_POST, 'subscriberCompany')) : '';
if ($userObj->company == "") {
array_push($errorArr, " company ");
}
if (count($errorArr) < 1) {
if ($userObj->emailExists()) {
$msgStatus = 'error';
$msg = '<h3>Subscription failed!</h3><p>REASON: You have already subscribed to our site.</p>';
} else {
$msgStatus = $userObj->addRaw();
$msg = $msgStatus == 'success' ? '<h3>SUCCESS</h3><p>You have successfully subscribed to our site.</p>' : '<h3>ERROR</h3><p>Website subscription failed.</p>';
}
} else {
$msgStatus = 'error';
$msg = $thisPage->showError($errorArr);
}
$_SESSION['msgStatus'] = $msgStatus;
$_SESSION['msg'] = $msg;
$thisPage->redirectTo($_SERVER['HTTP_REFERER']);
}
<?php
include "../conf/topo_basic.php";
header('Content-Type: application/json');
$usr = new User();
//getListState
if (isset($_POST['getDrList'])) {
echo json_encode($usr->getDrList());
}
if (isset($_POST['saveUser'])) {
echo json_encode($usr->addUser($_POST));
}
if (isset($_POST['emailExists'])) {
echo json_encode($usr->emailExists($_POST['emailExists']));
}
if (isset($_POST['listAll'])) {
echo json_encode($usr->listAllUsers());
}
?>
