function CreateUserPage_CreateUser($databaseConnection) { $username = trim($_POST["username"]); $password = trim($_POST["password"]); $repeatPassword = trim($_POST["repeatPassword"]); $email = trim($_POST["email"]); if (empty($username)) { throw new Exception("You must enter an username."); } if (empty($password)) { throw new Exception("You must enter a password."); } if ($password !== $repeatPassword) { throw new Exception("Repeated password doesn't match with entered password."); } if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) { throw new Exception("You must enter a valid e-mail address."); } $salt = GenerateRandomSha224(); $saltedPassword = $password . $salt; $hashedPassword = hash("sha224", $saltedPassword); InsertUser($databaseConnection, $username, $hashedPassword, $salt, $email); }
function CreateSession($dataConnection, $userId) { $statement = $dataConnection->prepare("DELETE FROM ffxiv_sessions WHERE userId = ?"); if (!$statement) { throw new Exception("Failed to create session: " . $dataConnection->error); } try { $statement->bind_param('i', $userId); if (!$statement->execute()) { throw new Exception("Failed to create session: " . $dataConnection->error); } } finally { $statement->close(); } $sessionId = GenerateRandomSha224(); $statement = $dataConnection->prepare("INSERT INTO ffxiv_sessions (id, userid, expiration) VALUES (?, ?, NOW() + INTERVAL " . FFXIV_SESSION_LENGTH . " HOUR)"); if (!$statement) { throw new Exception("Failed to create session: " . $dataConnection->error); } try { $statement->bind_param('si', $sessionId, $userId); if (!$statement->execute()) { throw new Exception("Failed to create session: " . $dataConnection->error); } } finally { $statement->close(); } return $sessionId; }