/**
* Initialises the userhash from a username/password table
*
* @param string $db Database holding the user table
* @param string $table Table with columns db, username, password
* @param string $user Username for the user database
* @param string $pass Password for the user database
*/
public static function init($db, $table, $user, $pass)
{
// Set the database to the user DB
DB::setDB($db, $user, $pass);
// Clean the table name to prevent injection
$table = DB::clean($table);
$sql = "SELECT db, username, password FROM {$table}";
$result = DB::query($sql);
// If valid result received then loop through and add users
foreach ($result->rows as $row) {
DB::addUser(self::$dbprefix . $row->db, $row->username, $row->password);
}
}
die;
}
if (empty(trim($_POST['password']))) {
$data = array('status' => false, 'errorcode' => 6, 'errorinfo' => 'password can not be empty');
responseClient($data);
die;
}
$username = trim($_POST['username']);
$email = trim($_POST['email']);
$password = trim($_POST['password']);
$user = array('username' => $username, 'email' => $email, 'password' => $password);
$dbc = new DB();
if ($dbc->checkUserExist($username)) {
$data = array('status' => false, 'errorcode' => 1, 'errorinfo' => 'username is exist');
responseClient($data);
die;
}
if ($dbc->checkEmailExist($email)) {
$data = array('status' => false, 'errorcode' => 2, 'errorinfo' => 'user email have been used');
responseClient($data);
die;
}
if ($dbc->addUser($user)) {
$data = array('status' => true, 'errorcode' => 0, 'errorinfo' => 'register succees');
responseClient($data);
} else {
$data = array('status' => false, 'errorcode' => 3, 'errorinfo' => 'database error');
responseClient($data);
die;
}
}
}
//Und strings filtern!
//Ist aber glaubs "unnötig", da mit PDO gearbeitet wird, und diese dort eh gefiltert werden
$username_data = trim($_POST['username']);
$username_data = htmlspecialchars($username_data);
$username_data = mysql_real_escape_string($username_data);
$password_data = sha1($_POST['password']);
//Für Benutzer testen
$db = new DB();
if (!count($db->selectIdFromUsername($username_data)) == 0) {
unset($_SESSION['user_id']);
header("Location: ../index.php?site=createAccount&error=5");
exit;
}
//Benutzer hinzufügen, neue ID holen
$db->addUser($username_data, $password_data);
$result = $db->selectIdFromUsername($username_data);
if (count($result) == 1) {
$_SESSION['user_id'] = $result[0]['user_id'];
header("Location: ../index.php?site=home");
exit;
} else {
if (count($result) == 0) {
//Kein Benutzer gefunden.
unset($_SESSION['user_id']);
header("Location: ../index.php?site=createAccount&error=0");
exit;
} else {
unset($_SESSION['user_id']);
header("Location: ../index.php?site=login&error=0");
exit;
// raw: the raw input from user,
$raw_username = $_POST['username'];
if (!@preg_match("/^[_a-zA-Z0-9]{3,15}\$/", $raw_username)) {
echo $errorResponse = json_encode(array("status" => false, "message" => array("errorCode" => -100, "errorMessage" => "username error.")));
exit(0);
}
$raw_password = $_POST['password'];
if (!@preg_match("/^[_a-zA-Z0-9]{6,16}\$/", $raw_password)) {
echo $errorResponse = json_encode(array("status" => false, "message" => array("errorCode" => -102, "errorMessage" => "password error.")));
exit(0);
}
$raw_sex = $_POST['sex'];
$raw_email = $_POST['email'];
// TODO: verify userinput
// connect to DB
$db = new DB();
$response = $db->addUser($raw_username, $raw_password, $raw_sex, $raw_email, date('Y-m-d H:i:s', time()));
if ($response['status'] === true) {
//success
//login(this user)
echo $response;
// to ajax
$_SESSION['username'] = $response['message']['username'];
header("Location: home.php");
exit(0);
} else {
echo json_encode($response);
}
} else {
echo $errorResponse = json_encode(array("status" => false, "message" => array("errorCode" => -2, "errorMessage" => "input error.")));
}
<label for="">
Password
<input type="password" placeholder="password" name="password" required/>
</label>
</div>
<button name="submit" type="submit">
Sign up
</button>
</form>
<?php
/**
* Created by PhpStorm.
* User: sridharrajs
* Date: 12/30/15
* Time: 5:41 PM
*/
session_start();
include_once 'includes/DB.php';
if ($_POST['email']) {
$email = $_POST['email'];
$password = $_POST['password'];
$isSuccessful = DB::addUser($email, $password);
if ($isSuccessful) {
$_SESSION['email'] = $email;
header('Location: blog.php');
exit;
} else {
echo 'Failed!';
}
}
echo $_POST['macs'] == "" ? "dummy" : $db->getStatusAll($_POST['macs']);
} else {
if (isset($_POST['status'])) {
//Status de un sistema.
echo $_POST['mac'] == "" ? "dummy" : $db->getStatus($_POST['mac']);
} else {
if (isset($_POST['shut'])) {
//Shutdown.
echo shutdown($_POST['userName'], $_POST['pass'], $_POST['hostname']);
} else {
if (isset($_POST['wol'])) {
//WOL.
echo wol($_POST['mac'], $_POST['broad']);
} else {
if (isset($_POST['addUser'])) {
//Add user.
echo $db->addUser($_POST['userName'], $_POST['mail'], $_POST['pass']);
}
}
}
}
}
}
}
} else {
echo "not logged";
}
}
}
$db->close();
#endregion MAIN
