public function changeName() { $Verify = new Verify(); $first = trim(strip_tags($_POST['first'])); $middle = trim(strip_tags($_POST['middle'])); $last = trim(strip_tags($_POST['last'])); if (!$Verify->length($first, 255)) { $_SESSION['alert'] = 'Your first name is too long to store in the database.'; } elseif (!$Verify->length($middle, 255)) { $_SESSION['alert'] = 'Your middle name is too long to store in the database.'; } elseif (!$Verify->length($last, 255)) { $_SESSION['alert'] = 'Your last name is too long to store in the database.'; } else { $Db = new Db(); $query = $Db->query('user_name', array(array('user_id', '=', $_SESSION['user'], ''))); $numrows = mysqli_num_rows($query); if ($numrows != 1) { $_SESSION['alert'] = 'Error, please try again.'; } else { while ($row = mysqli_fetch_assoc($query)) { if ($first == '') { $first = $row['first']; } if ($middle == '') { $middle = $row['middle']; } if ($last == '') { $last = $row['last']; } } $updateFirst = $Db->update('user_name', array('first', '=', $first), array(array('user_id', '=', $_SESSION['user'], ''))); if (!$updateFirst) { $_SESSION['alert'] = 'Error, could not completely update name.'; } else { $updateMiddle = $Db->update('user_name', array('middle', '=', $middle), array(array('user_id', '=', $_SESSION['user'], ''))); if (!$updateMiddle) { $_SESSION['alert'] = 'Error, could not completely update name.'; } else { $updateLast = $Db->update('user_name', array('last', '=', $last), array(array('user_id', '=', $_SESSION['user'], ''))); if (!$updateLast) { $_SESSION['alert'] = 'Error, could not completely update name.'; } else { $_SESSION['alert'] = 'Your name has been updated.'; } } } } } }
public function register() { $Token = new Token(); if (!$Token->check($_POST['token'])) { $_SESSION['alert'] = 'Error, please try again.'; } else { $Verify = new Verify(); $username = trim(strip_tags($_POST['username'])); $password = trim(strip_tags($_POST['password'])); $repassword = trim(strip_tags($_POST['repassword'])); $email = trim(strip_tags($_POST['email'])); $email = explode('@', $email); if (!isset($username) && !isset($password) && !isset($repassword) && !isset($email)) { $_SESSION['alert'] = 'Not all fields have been completed.'; } elseif (!$Verify->length($username, 255)) { $_SESSION['alert'] = 'The username is too long.'; } elseif (!$Verify->same($password, $repassword)) { $_SESSION['alert'] = 'The passwords entered are not the same.'; } elseif (!$Verify->length($email[0], 255)) { $_SESSION['alert'] = 'The email entered is too long.'; } elseif (!$Verify->length($email[1], 255)) { $_SESSION['alert'] = 'The email entered is too long.'; } else { $Db = new Db(); $query = $Db->query('user', array(array('username', '=', $username, ''))); $numrows = mysqli_num_rows($query); if ($numrows > 0) { $_SESSION['alert'] = 'Error, please try again.'; } else { $salt = base64_encode(mcrypt_create_iv(128, MCRYPT_DEV_URANDOM)); $crypt = hash('sha512', $username . $salt . $password); $datetime = date('Y-m-d H:i:s'); $rank = 0; $insert = $Db->insert('user', array('', $username, $crypt, $email[0], $email[1], $salt, $datetime, $rank)); if (!$insert) { $_SESSION['alert'] = 'User could not be registered.'; } else { $_SESSION['alert'] = 'Successfully registered, you can now login with your credentials.'; header('Location: login.php'); } } } } }
public function create() { $Token = new Token(); if (!$Token->check($_POST['token'])) { $_SESSION['alert'] = 'Error, please try again.'; } else { $Verify = new Verify(); $username = trim(strip_tags($_POST['username'])); $email = trim(strip_tags($_POST['email'])); $password = trim(strip_tags($_POST['password'])); $rank = $_POST['rank']; $email = explode('@', $email); if (!isset($username) && !isset($email) && !isset($password) && !isset($rank)) { $_SESSION['alert'] = 'Not all fields have been completed.'; } elseif (!$Verify->length($username, 255)) { $_SESSION['alert'] = 'The username is too long.'; } elseif (!$Verify->length($email[0], 255)) { $_SESSION['alert'] = 'The email entered is too long.'; } elseif (!$Verify->length($email[1], 255)) { $_SESSION['alert'] = 'The email entered is too long.'; } else { $Db = new Db(); $query = $Db->query('user', array(array('username', '=', $username, ''))); $numrows = mysqli_num_rows($query); if ($numrows > 0) { $_SESSION['alert'] = 'Error, please try again.'; } else { $salt = base64_encode(mcrypt_create_iv(128, MCRYPT_DEV_URANDOM)); $crypt = hash('sha512', $username . $salt . $password); $datetime = date('Y-m-d H:i:s'); $insert = $Db->insert('user', array('', $username, $crypt, $email[0], $email[1], $salt, $datetime, $rank)); if (!$insert) { $_SESSION['alert'] = 'User could not be created.'; } else { $_SESSION['alert'] = 'The user "' . $username . '" was created.'; } } } } }