* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301, USA.
*
*
*/
require_once __DIR__ . "/../../../../session.php";
require_once __DIR__ . "/../../../../moneyio.php";
require_once __DIR__ . "/../../../../mio-user/show/user_func.php";
require_once __DIR__ . "/../../../../mio-wallet/show/wallet_func.php";
open_session();
$user_id = $_SESSION["mio-username_id"];
if (isset($_SESSION) && !empty($_SESSION)) {
$user_info = show_user_profile($user_id);
$picture = $_SESSION["mio-pic"];
?>
<div class="container-fluid">
<h1 id="show-profile-now">Visualizando tu perfil <strong><?php
echo $user_info->nick;
?>
</strong></h1>
<div class"row">
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-6">
<p><h3>Nombre</h3> <strong><?php
echo $user_info->name;
}
$columns = "registrationDate, email, passwordHash, firstName, lastName, " . "married, city, street, house, education, year";
$values = "NOW(), '{$fieldValues->email}', '{$passwordHash}', '{$fieldValues->firstName}', " . "'{$fieldValues->lastName}', '{$fieldValues->married}', '{$fieldValues->city}', " . "'{$fieldValues->street}', '{$fieldValues->house}', '{$fieldValues->education}', '{$fieldValues->year}'";
$nonRequiredColumns = ["phone", "phone2", "middleName", "apartment", "professionalExperience", "info", "image"];
foreach ($fieldValues as $fieldName => $fieldValue) {
foreach ($nonRequiredColumns as $nonRequiredColumn) {
if ($fieldName == $nonRequiredColumn && $fieldValue) {
$columns .= ", " . $nonRequiredColumn;
$values .= ", '{$fieldValue}'";
}
}
}
$q = "insert into user ({$columns}) values ({$values})";
db_query($dbLink, $q);
$userId = mysqli_insert_id($dbLink);
$sessionUid = open_session($dbLink, $userId, true);
} catch (DbException $e) {
$error = "internalException";
} catch (Exceptioni $e) {
$error = $e->getCode();
} finally {
$responce = [];
if ($error) {
$responce["status"] = "error";
$responce["error"] = $error;
$responce["fieldErrors"] = $errors;
} else {
$responce["status"] = "ok";
$responce["sessionUid"] = $sessionUid;
}
db_close($dbLink);
if ($errors) {
throw new Exceptioni("fieldErrors");
}
$dbLink = db_init();
$uid = $fieldValues->captchaUid;
$captcha = $fieldValues->captcha;
if (!captcha_match($dbLink, $captcha, $uid)) {
$errors["captcha"] = "mismatch";
throw new Exceptioni("fieldErrors");
}
$auth = authenticate_by_password($dbLink, $fieldValues->email, $fieldValues->password);
$status = $auth["status"];
if ($status != "ok") {
throw new Exceptioni($status);
}
$sessionUid = open_session($dbLink, $auth["userId"], $fieldValues->stayLogged);
} catch (DbException $e) {
$error = "internalException";
} catch (Exceptioni $e) {
$error = $e->getCode();
} finally {
db_close($dbLink);
$responce = [];
if ($error) {
$responce["status"] = "error";
$responce["error"] = $error;
$responce["fieldErrors"] = $errors;
} else {
$responce["status"] = "ok";
$responce["sessionUid"] = $sessionUid;
}
function ferina_session()
{
if (get_wp_session('is_open')) {
open_session();
}
}
function getSidInCookie($link)
{
$login = $_COOKIE['login'];
$password = $_COOKIE['password'];
if ($login == null) {
return null;
}
//Если же в куках есть какой-то логин, то ищем его в БД
$user = getByLogin($link, $login);
//Если что-то находится и пароль в базе совпадает с паролем из кук, то заново открываем сессию
if ($user != null && $user['password'] == $password) {
$sid = open_session($link, $user['id_user']);
}
return $sid;
}
if ($login) {
// Decodage de la chaine d'authentification cote serveur avec une cle privee extraction des parametres
$tmp = preg_split ("/[\|]/",decodekey($string_auth),4);
$pass = $tmp[0];
$ip_src = $tmp[1];
$timestamp = $tmp[2];
$timewait = $tmp[3];
$timetotal= $timewait+$timestamp+$MaxLifeTime;
// Verification de la validite de la source IP et du du TimeStamp
if ( $ip_src != remote_ip() && time() < $timetotal ) {
$error = 1;
} elseif ( time() > $timetotal && $ip_src == remote_ip() ) {
$error = 2;
} elseif ( $ip_src != remote_ip() && time() > $timetotal ) {
$error = 3;
} elseif ( !open_session( mb_strtolower($login), $pass, $string_auth) ) {
$error = 4;
}
// Interpretation erreurs
if ($error) {
// Log en cas d'echec
$fp=fopen($logpath."/error.log","a");
if($fp) {
fputs($fp,"[".date("D M d H:i:s Y")."] [".$MsgError[$error]."] [client ".$ip_src."] [remote ip : ".remote_ip()."] [Login : "******"] [TimeStamp srv : ".time()."] [TimeTotal : ".$timetotal."] \n");
fclose($fp);
}
// Redirection vers la page d'authentification
header("Location:auth.php?error=$error");
exit;
} else {
// Log en cas de succes
