public function testCheckUserExists() { //empty value $this->assertEquals(checkUserExists(''), false); // bad value $this->assertEquals(checkUserExists("baduser"), false); // good value $this->assertEquals(checkUserExists("user_with_allPermissions"), true); }
function checkUserPassword($username, $givenPassword) { $rep = false; if (isset($username) && isset($givenPassword)) { if (checkUserExists($username)) { if (getPassword($username) == hashPassword($username, $givenPassword)) { $rep = true; } } } return $rep; }
function checkFields($category, $title, $owner, $affectedUser, $description) { $ret = false; // check fields not empty if (strlen($title) > 0) { //check user exist if (checkUserExists($affectedUser)) { //check category exist if ($category == "todo" || $category == "inprogress" || $category == "done") { $ret = true; } } } return $ret; }
function register($email, $username) { global $config; $data = array(); $ranpass = '******' . rand(1, 999); $pass_enc = md5($config['private_key'] . $ranpass); // encrypt the password if ($email and $username) { if (checkUserExists($email)) { return 'User exists!'; } $q = "INSERT INTO users (user_name, user_email, user_password, user_status) VALUES ('{$username}', '{$email}', '{$pass_enc}', 1)"; mysql_query($q); /* // append cache $data['user_id'] = mysql_insert_id(); $data['user_name'] = $username; $data['user_fullname'] = ''; $data['user_pic'] = ''; $data['user_password'] = $pass_enc; $data['user_coins'] = 0; $data['user_betting'] = 0; $data['user_email'] = $email; $data['user_lastlogin'] = ''; $data['user_registered'] = date('Y-m-d h:i:s'); $data['user_isadmin'] => 0 $data['user_status'] => 1 $data['user_lang'] => $data['user_timezone'] = $config['time zone']; $data['user_sex'] = ''; $data['user_bio'] = ''; $data['user_website'] = ''; $data['user_notify'] = ''; $data['user_sendmail'] = 0; $data['user_remind'] = 0; $data['user_gamedigest'] = 0; $data['user_sitenews'] = 0; $cachefile = $config['basedir'] . '/temp/all_users.txt'; if (file_exists($cachefile)) { $cache = json_decode(file_get_contents($filename), true); $cache[mysql_insert_id()] = $data; unlink($cachefile); file_put_contents($cachefile, json_encode($cache)); } */ sendUserEmail($email, $username, $ranpass); return 'success'; } }
<?php include_once "loader.php"; $user_id = $_POST['userid']; echo checkUserExists($user_id); function checkUserExists($user_id) { global $mysqli; $query = "select * from users where user_id = " . intval($user_id); $result = $mysqli->query($query); if ($result->num_rows > 0) { return "true"; } else { return "false"; } }
<?php //login_delegate.php session_start(); //require "/home/amcisaor/secure/login_rpc.php"; require $_SERVER['DOCUMENT_ROOT'] . "/secure/login_rpc.php"; //print_r(session_id()); if ($_POST["action"] == "LOGIN") { print_r(checkUserExists($_POST["Matric_NO"], $_POST["Password"])); } elseif ($_POST["action"] == "CHECKLOGINSTATUS") { print_r(checkLoginStatus()); } elseif ($_POST["action"] == "LOGOUT") { print_r(signOutFromSession()); } elseif ($_POST["action"] == "UPDATEINFO") { //REMINDER TO SUBMIT TO DB TO UPDATE //REMINDER TO ESCAPE ALL CHARACTERS print_r(updateUserInfo(dissoc($_POST, "action"))); } //elseif($_POST["action"]=="READUSERNAME_EN"){ //print_r(returnUserNameEnglish()); //}elseif($_POST["action"]=="READUSERNAME_CH"){ //print_r(returnUserNameChinese()); //}
} /* * The following function checks to see if the user_id already exists. It builds a SQL query based off of the userID * provided by the post from create_account.php. It returns the the result of the query to the calling function. */ function checkUserExists($user, $database) { $sql_query = "SELECT * FROM USER WHERE user_id='" . $user . "'"; $result = mysql_query($sql_query, $database); if (!$result) { echo mysql_errno($database) . ": " . mysql_error($database) . "\n"; echo $sql_query; } return $result; } $result = checkUserExists($user, $database); /* * the following only runs if there is no user returned by checkUserExists. It builds the strings/queries to insert * the user into the USER table, creates an entry in the INVENTORY table, queries for the inventory_id of the inventory just * created, and creates an entry in the HASACCESSTO table. It returns "Yes" if all is succesful. */ if (mysql_num_rows($result) == 0) { // Generates the insert into USER table $sql_query = 'INSERT INTO USER (user_id, name_first, name_last, password, phone_num) VALUES ("'; $sql_query .= mysql_real_escape_string($user) . '","' . mysql_real_escape_string($fname) . '","' . mysql_real_escape_string($lname); $sql_query .= '","' . mysql_real_escape_string($pass) . '","' . mysql_real_escape_string($phone) . '")'; // Runs the insert query against the database creating the user. If unsuccessful, returns ERROR. if (!mysql_query($sql_query) && $admin == 1) { echo mysql_errno($database) . ": " . mysql_error($database) . "\n"; echo $sql_query; echo "ERROR!";
<?php include 'init.php'; if (!logged_in()) { header('Location: index.php'); exit; } if (!isset($_GET["uid"]) || empty($_GET["uid"]) || checkUserExists($_GET["uid"]) === false) { header("Location: pagenotfound.php"); exit; } $uid = $_GET["uid"]; $getInfo = getUserInfo($uid); foreach ($getInfo as $info) { $afirstname = $info["firstname"]; $alastname = $info["lastname"]; $ausername = $info["username"]; $apriviledge = $info["priviledge"]; $adatereg = date('F j, Y', strtotime($info['dateregistered'])); $atimereg = date('h:i A T', strtotime($info['dateregistered'])); $adatecurr = date('F j, Y', strtotime($info['lastlogin'])); $atimecurr = date('h:i A T', strtotime($info['lastlogin'])); } ?> <!DOCTYPE HTML> <html> <head> <title>Account Information of <?php echo $afirstname; ?> <?php