function CreateUserPage_CreateUser($databaseConnection)
{
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
$repeatPassword = trim($_POST["repeatPassword"]);
$email = trim($_POST["email"]);
if (empty($username)) {
throw new Exception("You must enter an username.");
}
if (empty($password)) {
throw new Exception("You must enter a password.");
}
if ($password !== $repeatPassword) {
throw new Exception("Repeated password doesn't match with entered password.");
}
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
throw new Exception("You must enter a valid e-mail address.");
}
$salt = GenerateRandomSha224();
$saltedPassword = $password . $salt;
$hashedPassword = hash("sha224", $saltedPassword);
InsertUser($databaseConnection, $username, $hashedPassword, $salt, $email);
}
function CreateSession($dataConnection, $userId)
{
$statement = $dataConnection->prepare("DELETE FROM ffxiv_sessions WHERE userId = ?");
if (!$statement) {
throw new Exception("Failed to create session: " . $dataConnection->error);
}
try {
$statement->bind_param('i', $userId);
if (!$statement->execute()) {
throw new Exception("Failed to create session: " . $dataConnection->error);
}
} finally {
$statement->close();
}
$sessionId = GenerateRandomSha224();
$statement = $dataConnection->prepare("INSERT INTO ffxiv_sessions (id, userid, expiration) VALUES (?, ?, NOW() + INTERVAL " . FFXIV_SESSION_LENGTH . " HOUR)");
if (!$statement) {
throw new Exception("Failed to create session: " . $dataConnection->error);
}
try {
$statement->bind_param('si', $sessionId, $userId);
if (!$statement->execute()) {
throw new Exception("Failed to create session: " . $dataConnection->error);
}
} finally {
$statement->close();
}
return $sessionId;
}
