<?php
error_reporting(0);
require_once "./vendor/autoload.php";
session_start();
if (isset($_POST['csrf'])) {
$phpSessId = sha1(mcrypt_create_iv(22, MCRYPT_DEV_URANDOM));
$_SESSION['phpsessid'] = $phpSessId;
echo $phpSessId;
} elseif ($_POST['phpsessid'] == $_SESSION['phpsessid'] && isset($_POST['email']) && isset($_POST['phpsessid'])) {
$userEmail = trim($_POST['email']);
$valideEmail = new \Validators\ValidatorService();
$validationStatus = $valideEmail->ValidaMail($userEmail);
$response = new stdClass();
if ($validationStatus === 1) {
$response->code_operation = "recovery";
$response->status = "false";
echo json_encode($response);
} elseif ($validationStatus === 0) {
$dbConnection = new \PhpServicesKit\DbConnection\DbConnection();
$checkUserEmailStatus = $dbConnection->checkUserEmail($userEmail);
if ($checkUserEmailStatus === 1) {
$response->code_operation = "recovery";
$response->status = "false";
echo json_encode($response);
} elseif ($checkUserEmailStatus === 0) {
$newRecoveryRequest = new \PhpServicesKit\PasswordRecovery\RecoveryService();
$newPasswordRequest = $newRecoveryRequest->createNewPasswordRequest($userEmail);
if ($newPasswordRequest === 0) {
$response->code_operation = "recovery";
$response->status = "true";
<?php
error_reporting(0);
require_once "./vendor/autoload.php";
session_start();
if (isset($_POST['csrf_token']) && $_POST['csrf_token'] == "true") {
$csrfToken = sha1(mcrypt_create_iv(22, MCRYPT_DEV_URANDOM));
$_SESSION['csrf_token'] = $csrfToken;
echo $csrfToken;
} elseif (isset($_POST['password']) && isset($_POST['length']) && isset($_POST['email']) && isset($_POST['csrf_token']) && $_POST['csrf_token'] == $_SESSION['csrf_token']) {
$password = trim($_POST['password']);
$length = trim($_POST['length']);
$userEmail = trim($_POST['email']);
$myValidator = new \Validators\ValidatorService();
$validationStatus = $myValidator->loginValidator($userEmail, $password, $length);
$response = new stdClass();
if ($validationStatus === 1) {
$response->code_operation = "login";
$response->status = "false";
$response->description = $myValidator->statusMessage;
echo json_encode($response);
} elseif ($validationStatus === 0) {
$newLogin = new \PhpServicesKit\LoginKit\LogIn();
$responseMessage = $newLogin->doLogin($userEmail, $password);
echo json_encode($responseMessage);
} else {
$response->code_operation = "login";
$response->status = "false";
$response->description = \Messages\MessageService::DEFAULT_ERROR;
echo json_encode($response);
}
<?php
error_reporting(0);
require_once "./vendor/autoload.php";
if (isset($_POST["password"]) && isset($_POST['v_password']) && isset($_POST['v_password_strength']) && isset($_POST['password_strength']) && isset($_POST['password_strength']) && isset($_POST['username']) && isset($_POST['email'])) {
$passwordForm = trim($_POST['password']);
$vPasswordForm = trim($_POST['v_password']);
$vPasswordFormStrength = trim($_POST['v_password_strength']);
$passwordFormStrength = trim($_POST['password_strength']);
$userName = trim($_POST['username']);
$userEmail = trim($_POST['email']);
$myValidator = new \Validators\ValidatorService();
$validationStatus = $myValidator->registerValidator($userName, $userEmail, $passwordForm, $vPasswordForm, $passwordFormStrength, $vPasswordFormStrength);
$response = new stdClass();
if ($validationStatus === 1) {
$response->code_operation = "signup";
$response->status = "false";
$response->description = $myValidator->statusMessage;
echo json_encode($response);
} elseif ($validationStatus === 0) {
$newSignup = new \PhpServicesKit\SignupKit\SignUp();
$responseMessage = $newSignup->doSignup($passwordForm, $userName, $userEmail);
echo json_encode($responseMessage);
} else {
$response->code_operation = "signup";
$response->status = "false";
$response->description = \Messages\MessageService::DEFAULT_ERROR;
echo json_encode($response);
}
} else {
$response->code_operation = "signup";
require_once './libs/csrf-magic/csrf-magic.php';
require_once './vendor/autoload.php';
//if (!isset($_SERVER['HTTPS']) || !$_SERVER['HTTPS']) {
// // request is not using SSL, redirect to https, or fail
// header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
// exit();
//}else
if ($_SERVER['REQUEST_METHOD'] == 'POST' && csrf_check() === true && isset($_POST['userEmail']) && isset($_POST['newPassword']) && isset($_POST['vPassword']) && isset($_GET['token'])) {
echo "<br>";
echo "restoring password...";
echo "<br>";
$password = trim($_POST['newPassword']);
$vPassword = trim($_POST['vPassword']);
$userEmail = trim($_POST['userEmail']);
$token = trim($_GET['token']);
$passwordValidationService = new \Validators\ValidatorService();
$validationStatus = $passwordValidationService->recoveryValidator($userEmail, $password, $vPassword);
if ($validationStatus === 0) {
$restoreService = new \PhpServicesKit\PasswordRecovery\RecoveryService();
$resetPassword = $restoreService->restoreNewPassword($userEmail, $password, $token);
if ($resetPassword === 0) {
echo "\n <meta name='viewport' content='width=device-width'/>\n <p style='color: lawngreen'>Password has been restored successfully</p>\n ";
} else {
echo "\n <meta name='viewport' content='width=device-width'/>\n <p style='color: red'>Error restoring password. Try again</p>\n ";
}
} else {
echo "\n <meta name='viewport' content='width=device-width'/>\n <p style='color: red'>Missing data, incorrect or password too weak. You need at least 8 char password</p>\n ";
}
} elseif (isset($_GET['token'])) {
echo '
<!DOCTYPE html>
