$json['response'] = "Passwords do not match!";
     die(json_encode($json));
 }
 $db = new DBObject(CURRENT_DB);
 $username = $db->escape($_POST['username']);
 $timestamp = Crypto::get_timestamp();
 $encpass = Crypto::encrypt_password($_POST['userpass'], $timestamp[0]);
 $regdate = Crypto::create_microdate($timestamp);
 //	$sql = "INSERT INTO userinfo(username, userpass, regdate) VALUES(?, ?, ?)";
 $sql = "INSERT INTO userinfo(username, userpass, regdate) VALUES(?username:s, ?userpass:s, ?regdate:s)";
 sleep(1);
 //	$query = $db->prepare($sql);
 //	$query->bind_param('sss', $username, $encpass, $regdate);
 //	$db->execute($query);
 $db->prepare($sql);
 $db->bind(array("username" => $username, "userpass" => $encpass, "regdate" => $regdate));
 $db->execute();
 if ($db->hasErrno(0)) {
     $json['status'] = 0;
     $json['response'] = 'Registration successful!';
     //	} else if ($db->getErrno() == 1062) {
 } else {
     if ($db->hasErrno(1062)) {
         $json['status'] = 1;
         $json['response'] = 'Username already exists in the database!';
     } else {
         $json['status'] = 3;
         $json['response'] = $db->getError();
     }
 }
 die(json_encode($json));
Beispiel #2
0
require_once 'includes/Crypto.php';
require_once 'includes/constants.php';
if (!empty($_POST['username']) && !empty($_POST['userpass'])) {
    $json = [];
    $db = new DBObject(CURRENT_DB);
    //	$username = $db->escape($_POST['username']);
    $username = $_POST['username'];
    //	$sql = "SELECT * FROM userinfo WHERE userpass = '******' AND username = '******'";
    $sql = "SELECT * FROM userinfo WHERE username = ?username:s";
    $time = rand(1000 * 1000, 1000 * 500);
    usleep($time);
    //	$query = $db->prepare($sql);
    //	error_log('query from login: '******'s', $username);
    $db->prepare($sql);
    $db->bind(array("username" => $username));
    $json['status'] = 1;
    $json['response'] = 'Invalid username/password!';
    foreach ($db->execute() as $row) {
        if ($db->getNumrows() > 1) {
            $json['status'] = 3;
            $json['response'] = 'Duplicate username detected! Please clean the database.';
            die(json_encode($json));
        }
        if ($row['status']) {
            $timestamp = Crypto::create_timestamp($row['regdate']);
            $hashpass = Crypto::encrypt_password($_POST['userpass'], $timestamp[0]);
            error_log($hashpass);
            error_log($row['userpass']);
            if ($hashpass === $row['userpass']) {
                $json['status'] = 0;
<?php

date_default_timezone_set('Asia/Manila');
require_once 'includes/constants.php';
require_once 'includes/MySessions.php';
//DBObject included
require_once 'includes/util.php';
//require_once 'includes/functions.php';
$session = new MySessions(COOKIE_NAME);
$cooking = $session->init();
$db = new DBObject(CURRENT_DB);
$sql = 'SELECT * FROM userinfo WHERE username = ?name:s OR userpass = ?pass:s';
$db->prepare($sql);
$db->bind(array('name' => '001', 'pass' => 'password'));
$db->bind(array('name' => '001'));
foreach ($db->execute(false) as $row) {
    error_log('row:' . print_r($row, true));
}
$sample = '002';
$db->bind(array("name" => $sample));
foreach ($db->execute() as $row) {
    error_log('row:' . print_r($row, true));
}
?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<!--<base href="http://ldc.spumanila.edu.dev" />-->	
	<title>Language Development Center</title>
	<link rel="stylesheet" href="/css/jquery-ui.min.css">