public function addAccount($username, $password, $firstname)
{
// Loop through the current accounts to see if the username already exists
// If the username does not exist, we will push the new account in to the array & return true
// Else, return false
$accountExists = false;
foreach ($this::$data as $account) {
if ($account->getUsername() == $username) {
$accountExists = true;
break;
}
}
if ($accountExists) {
return false;
} else {
$account = new Account();
$account->setUsername($username);
$account->setPassword($password);
$account->setFirstname($firstname);
echo "adding to data..";
array_push(InMemoryDatabase::$data, $account);
var_dump($this::$data);
return true;
}
}
public function loginAccount($username, $password)
{
$this->dbConnect();
//Encrypt the password
$password = Operations::encryptPassword($username, $password);
//Query to get the user's details
$sql = "SELECT * FROM users WHERE username = ? AND password = ?";
$stmt = $this->con->prepare($sql);
$stmt->bindParam(1, $username);
$stmt->bindParam(2, $password);
$stmt->execute();
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$results = $stmt->fetchAll();
//For each of the results (only one) *This will only happen if there is a result, so return inside the foreach*
foreach ($results as $row) {
//Instantiate a new account object
$account = new Account();
//Set the account details
$account->setUsername($row["username"]);
$account->setPassword($row["password"]);
$account->setFirstname($row["firstname"]);
$account->setLastname($row["lastname"]);
$account->setEmail($row["email"]);
$this->dbDisconnect();
//Return the account object
return $account;
}
$this->dbDisconnect();
return null;
}
public function doSignUp($request, $dbConnection)
{
$account = new Account($dbConnection);
$account->setPassword($request['password']);
$account->setUsername($request['username']);
$account->setEmail($request['email']);
$account->insert();
}
public function createAccount(Account $account)
{
$params = array('package_type' => $account->getType(), 'period' => $account->getPeriod(), 'method' => 'create');
$result = $this->_request($params);
$account->setStatus('enabled');
$account->setUsername($result['user']);
$account->setPassword($result['vpn_password']);
return $account;
}
public function LoadAcc($id)
{
$acc = new Account();
$allaccs = file('storage/account.txt');
foreach ($allaccs as $allacc) {
$accarr = explode(':', $allacc);
if ($id == $accarr['0']) {
$acc->setId($accarr['0']);
$acc->setUsername($accarr['1']);
$acc->setPassword($accarr['2']);
$pro = new ProfilController();
$acc->setProfil($pro->GetById($accarr['3']));
$lan = new SpracheController();
$acc->setSprache($lan->GetById($accarr['4']));
return $acc;
}
}
return false;
}
<tr><td>Re-type Password:</td><td> <input size=20 type=text name=repassword><br></td></tr>
<tr><td>Name:</td><td> <input size=20 type=text name=name value=".$_POST['name']."><br></td></tr>
<tr><td>Surname:</td><td> <input size=20 type=text name=surname value=".$_POST['surname']."><br></td></tr>
<tr><td>Phone Number:</td><td> <input type=text name=number value=".$_POST['number']."><br></td></tr>
<tr><td>Region:</td><td> <input type=text name=region value=".$_POST['region']."><br></td></tr>
<tr><td></td><td><input type=submit value='Register'></td></tr>
</form>
</table>
</font>
";
}elseif( $_POST['password'] == $_POST['repassword'] && strlen($_POST['password'])>0 )
{
//account creation
$account = new Account();
$account->setEmail($_POST['email']);
$account->setPassword($_POST['password']);
$account->setName($_POST['name']);
$account->setSurname($_POST['surname']);
$account->setNumber($_POST['number']);
//$account->showVariable(); //this is for debugger
//echo $_POST['email'];
$account->checkemail($_POST['email']);
$account->addAccount( $account->checkemailflag,$_POST['email'],$_POST['password'],$_POST['name'],$_POST['surname'],$_POST['number'],$_POST['region'] );
//password didn't match
}else{
echo " <font size=4>Your account has not been created. Please fill out the form correctly.</font><br>";
}
}else{
?>
<center><h2>SIGN UP</h2></center>
$newpass = trim($_POST['newpass']);
if (!check_password($newpass)) {
echo 'Password contains illegal characters. Please use only a-Z and 0-9. <a href="install.php?page=step&step=5">GO BACK</a> and write other password.';
} else {
//create / set pass to admin account
$account = new Account(1, Account::LOADTYPE_NAME);
if ($account->isLoaded()) {
$account->setPassword($newpass);
// setPassword encrypt it to ots encryption
$account->setPageAccess(3);
$account->setFlag('unknown');
$account->save();
} else {
$newAccount = new Account();
$newAccount->setName(1);
$newAccount->setPassword($newpass);
// setPassword encrypt it to ots encryption
$newAccount->setMail(rand(0, 999999) . '@gmail.com');
$newAccount->setPageAccess(3);
$newAccount->setGroupID(1);
$newAccount->setFlag('unknown');
$newAccount->setCreateIP(Visitor::getIP());
$newAccount->setCreateDate(time());
}
$_SESSION['account'] = 1;
$_SESSION['password'] = $newpass;
$logged = TRUE;
echo '<h1>Admin account login: 1<br>Admin account password: '******'</h1><br/><h3>It\'s end of installation. Installation is blocked!</h3>';
if (!unlink('install.txt')) {
new Error_Critic('', 'Cannot remove file <i>install.txt</i>. You must remove it to disable installer. I recommend you to go to step <i>0</i> and check if any other file got problems with WRITE permission.');
}
$reg_form_errors[] = 'Account with this name already exist.';
}
}
// ----------creates account-------------(save in database)
if (empty($reg_form_errors)) {
//create object 'account' and generate new acc. number
if ($config['site']['create_account_verify_mail']) {
$reg_password = '';
for ($i = 1; $i <= 6; $i++) {
$reg_password .= mt_rand(0, 9);
}
}
$reg_account = new Account();
// saves account information in database
$reg_account->setName($reg_name);
$reg_account->setPassword($reg_password);
$reg_account->setEMail($reg_email);
$reg_account->setCreateDate(time());
$reg_account->setCreateIP(Visitor::getIP());
$reg_account->setFlag(Website::getCountryCode(long2ip(Visitor::getIP())));
if (isset($config['site']['newaccount_premdays']) && $config['site']['newaccount_premdays'] > 0) {
$reg_account->set("premdays", $config['site']['newaccount_premdays']);
$reg_account->set("lastday", time());
}
$reg_account->save();
//show information about registration
if ($config['site']['send_emails'] && $config['site']['create_account_verify_mail']) {
$mailBody = '<html>
<body>
<h3>Your account name and password!</h3>
<p>You or someone else registred on server <a href="' . $config['server']['url'] . '"><b>' . htmlspecialchars($config['server']['serverName']) . '</b></a> with this e-mail.</p>
//CALL CHECKPASSWORD
$database = connectToDatabase();
$new_account = new Account();
$new_account->setFirstName($first_name);
$new_account->setLastName($last_name);
$new_account->setMiddleInitial($middle_initial);
$new_account->setStreetAddress($street_address);
$new_account->setCity($city);
$new_account->setState($state);
$new_account->setZipCode($zip_code);
$new_account->setEmailAddress($email_address);
$new_account->setAreaCode($area_code);
$new_account->setPhoneNumber($phone_number);
$new_account->setUsername($username, $database);
if ($password === $password2) {
$new_account->setPassword($password);
}
if ($new_account->updateDatabase($database) == 0) {
displayForm();
} else {
echo "Account created successfully!<br/>";
}
} else {
displayForm();
}
}
function displayForm()
{
echo "<form method='post'>";
echo "<table>";
echo "<tr><td>Desired Username:</td><td><input type=text name='username' value='" . $_POST['username'] . "'></td></tr>";
public function getFriends($currentUser)
{
$this->dbConnect();
$sql = "SELECT * FROM accounts WHERE username <> ?";
$statement = $this->con->prepare($sql);
$statement->bindParam(1, $currentUser);
$statement->execute();
$statement->setFetchMode(PDO::FETCH_ASSOC);
$results = $statement->fetchAll();
$users = array();
foreach ($results as $row) {
$account = new Account();
$account->setUsername($row["username"]);
$account->setPassword($row["password"]);
$account->setFirstname($row["firstname"]);
array_push($users, $account);
}
$this->dbClose();
return $users;
}
});
$app->options('/register', function ($request, $response, $args) {
$response = $response->withHeader("Allow", "POST,OPTIONS");
$response = $response->withHeader("Access-Control-Allow-Methods", "POST,OPTIONS");
return $response;
});
$app->post('/register', function ($request, $response, $args) {
$parsedBody = $request->getParsedBody();
if ($parsedBody == null) {
return err_general_error($response, "Provide a body to create a new account");
}
$account = new Account();
$account->fromArray($parsedBody);
$account->setSalt(openssl_random_pseudo_bytes(32));
#$account->salt = "123";
$account->setPassword(hash('sha512', $account->getPassword() . $account->getSalt()));
if ($account->validate()) {
if ($account->save()) {
session_start();
#session_unset();
#session_regenerate_id(true);
$_SESSION['Username'] = $account->getUsername();
$_SESSION['Id'] = $account->getId();
$_SESSION['loggedin'] = true;
/* Response with resulting account */
$response->getBody()->write($account->toJSON());
return $response;
}
} else {
return err_general_error($response, "Validation failed");
}
