function insertQry($email, $name) { global $con; $expiry = time() + 365 * 24 * 60 * 60; $insertQry = "INSERT INTO webtoleads (email, name) VALUES ('" . $email . "', '" . $name . "')"; mysqli_query($con, $insertQry); createCookie($email, $name); }
function nw_session_start($potential_username = '') { $result = array('cookie_created' => false, 'session_existed' => false, 'cookie_existed' => false); if (!isset($_COOKIE['user_cookie']) || $_COOKIE['user_cookie'] != $potential_username) { // Refresh cookie if the username isn't set in it yet. $result['cookie_created'] = createCookie("user_cookie", $potential_username, time() + 60 * 60 * 24 * 365, "/", WEB_ROOT); // *** 360 days *** } else { $result['cookie_existed'] = true; } if ($potential_username) { SESSION::set('username', $potential_username); } else { SESSION::commence(); } return $result; }
public function vote() { $ID_Poll = POST("ID_Poll"); $ID_Answer = POST("answer"); $IP = getIP(); $date = now(4); $end = $date + 3600; $data = $this->Db->findBySQL("ID_Poll = '{$ID_Poll}' AND IP = '{$IP}' AND End_Date > {$date}", "polls_ips"); if ($data) { showAlert("You've previously voted on this poll", _webBase); } else { $this->Db->table("polls_answers"); $values = "Votes = (Votes) + 1"; $this->Db->values($values); $this->Db->save($ID_Answer); $fields = "ID_Poll, IP, Start_Date, End_Date"; $values = "'{$ID_Poll}', '{$IP}', '{$date}', '{$end}'"; $this->Db->table("polls_ips", $fields); $this->Db->values($values); $insertID2 = $this->Db->save(); createCookie("ZanPoll", $ID_Poll, 3600); showAlert("Thank you for your vote!", _webBase); } return TRUE; }
// data inputten try { $nieuweUserAanmaken = "INSERT INTO users(id, email, salt, hashed_password, last_login_time) VALUES('', :email, '$salt', :hashed_password, NOW())"; $statement = $db->prepare( $nieuweUserAanmaken ); $statement->bindValue( ':email', $ingevoerdEmail ); $statement->bindValue( ':hashed_password', $HashedSaltPlusPaswoord); $statement->execute(); $_SESSION['notification'][] = 'Input geslaagd'; // cookie aanmaken: $HashedSaltPlusEmail = hash('SHA512', $ingevoerdEmail . $salt); createCookie($ingevoerdEmail, $HashedSaltPlusEmail); header('Location: dashboard.php'); break; } catch(PDOException $e){ $_SESSION['notification'][] = 'Er ging iets mis: ' . $e->getMessage(); } } } header('Location: registratie-form.php'); ?>
include 'e_php/constants.php'; //connect to database $dbHandle = dbConnect($dbHandle, $DBHOST, $DBUSER, $DBPASS, $DBNAME); //retrieve data from POST $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; if (validReg($username, $dbHandle, $password, $password2)) { $hash = hash('sha256', $password); $salt = createSalt(); $hash = hash('sha256', $salt . $hash); //DEBUG Might not be needed due to change to alphanum only //$username = $dbHandle->real_escape_string($username); $query = "INSERT INTO user_list (username, password, salt_p, image_url)\n\t\t\tVALUES ('{$username}', '{$hash}', '{$salt}', 'images/default.png');"; $dbHandle->query($query); createCookie($dbHandle, $username, $hash); // print_r($_COOKIE['user_id']); // print_r($_COOKIE['token']); header('Location: index.php'); die; } else { header('Location: register.php'); die; } ob_flush(); function validReg($username, $dbHandle, $password, $password2) { $USERNAME_MIN = 6; $USERNAME_MAX = 30; $PASS_MIN = 0; $valid = false;
$error = "用户名或密码为空"; //return false; } else { $username = $_POST["username"]; $password = $_POST["password"]; if ($username == $U) { if ($password == $P) { $token = mt_rand(); // 生成token $fp = fopen("../temp/session_token", "w+"); fwrite($fp, $token); fclose($fp); $cookieValue = authCode("{$username},{$password},{$token}", $textKey, "ENCODE"); //echo $cookieValue; // 写入cookie createCookie("anehtaDoor", $cookieValue, 0, '/', '', 0, 1); // 跳转url到referer if (isset($_GET["redirect"])) { // 这里没检查跳转的域,有钓鱼的风险 $redirect = $_GET["redirect"]; header("Location: {$redirect}"); } else { header("Location: admin.php"); } } else { // 密码错 $error = "用户名或密码错误"; //return false; } } else { // 用户名错
<?php //加载auth类 include_once "class/auth_Class.php"; header("Content-Type: text/html; charset=utf-8"); checkLoginStatus($U, $P, $textKey); createCookie("anehtaDoor", null, -1, '/', '', 0, 1); unlink("../temp/session_token"); header("Location: login.php"); ?>
function updateCookie($id, $user, $pass) { destroyCookie(); createCookie($id, $user, $pass); }
// check of user wel bestaat in DB if (empty($dezeUser)) { $_SESSION['notification'][] = "Deze user bestaat niet."; header('Location: login-form.php'); break; } // check of paswoord valid is $salt = $dezeUser[0]['salt']; $hashed_password_DB = $dezeUser[0]['hashed_password']; $passwordInput = $_POST['paswoord']; $saltyUserPassword = hash('SHA512', $passwordInput . $salt); // check of deze gelijk zijn: echo $hashed_password_DB . '</br>'; echo $saltyUserPassword; if ($hashed_password_DB === $saltyUserPassword) { createCookie($emailInput, $hashed_password_DB); header('Location: dashboard.php'); break; } } catch (PDOException $e) { $_SESSION['notification'][] = 'Er ging iets mis: ' . $e->getMessage(); header('Location: registratie-form.php'); break; } } ?> <!-- $selecteerUser = '******'; $statement = $db->prepare( $selecteerUser); $statement->bindParam(':email', $cookieEmail);
<?php // Connect to database $con = mysqli_connect("localhost", "root", "root", "webleads"); function createCookie($email) { global $con; $selectQry = "SELECT * FROM webtoleads WHERE email = '" . $email . "'"; // Get the user's record from the db $data = mysqli_query($con, $selectQry); $dataArray = mysqli_fetch_assoc($data); // echo $dataArray["id"]; $expiry = time() + 365 * 24 * 60 * 60; $value = array("id" => $dataArray["id"], "email" => $dataArray["email"]); setcookie("TestCookie", json_encode($value), $expiry); } createCookie("*****@*****.**"); ?>