function insertQry($email, $name)
{
global $con;
$expiry = time() + 365 * 24 * 60 * 60;
$insertQry = "INSERT INTO webtoleads (email, name) VALUES ('" . $email . "', '" . $name . "')";
mysqli_query($con, $insertQry);
createCookie($email, $name);
}
function nw_session_start($potential_username = '')
{
$result = array('cookie_created' => false, 'session_existed' => false, 'cookie_existed' => false);
if (!isset($_COOKIE['user_cookie']) || $_COOKIE['user_cookie'] != $potential_username) {
// Refresh cookie if the username isn't set in it yet.
$result['cookie_created'] = createCookie("user_cookie", $potential_username, time() + 60 * 60 * 24 * 365, "/", WEB_ROOT);
// *** 360 days ***
} else {
$result['cookie_existed'] = true;
}
if ($potential_username) {
SESSION::set('username', $potential_username);
} else {
SESSION::commence();
}
return $result;
}
public function vote()
{
$ID_Poll = POST("ID_Poll");
$ID_Answer = POST("answer");
$IP = getIP();
$date = now(4);
$end = $date + 3600;
$data = $this->Db->findBySQL("ID_Poll = '{$ID_Poll}' AND IP = '{$IP}' AND End_Date > {$date}", "polls_ips");
if ($data) {
showAlert("You've previously voted on this poll", _webBase);
} else {
$this->Db->table("polls_answers");
$values = "Votes = (Votes) + 1";
$this->Db->values($values);
$this->Db->save($ID_Answer);
$fields = "ID_Poll, IP, Start_Date, End_Date";
$values = "'{$ID_Poll}', '{$IP}', '{$date}', '{$end}'";
$this->Db->table("polls_ips", $fields);
$this->Db->values($values);
$insertID2 = $this->Db->save();
createCookie("ZanPoll", $ID_Poll, 3600);
showAlert("Thank you for your vote!", _webBase);
}
return TRUE;
}
// data inputten
try {
$nieuweUserAanmaken = "INSERT INTO users(id, email, salt, hashed_password, last_login_time) VALUES('', :email, '$salt', :hashed_password, NOW())";
$statement = $db->prepare( $nieuweUserAanmaken );
$statement->bindValue( ':email', $ingevoerdEmail );
$statement->bindValue( ':hashed_password',
$HashedSaltPlusPaswoord);
$statement->execute();
$_SESSION['notification'][] = 'Input geslaagd';
// cookie aanmaken:
$HashedSaltPlusEmail = hash('SHA512', $ingevoerdEmail . $salt);
createCookie($ingevoerdEmail, $HashedSaltPlusEmail);
header('Location: dashboard.php');
break;
}
catch(PDOException $e){
$_SESSION['notification'][] = 'Er ging iets mis: ' . $e->getMessage();
}
}
}
header('Location: registratie-form.php');
?>
include 'e_php/constants.php';
//connect to database
$dbHandle = dbConnect($dbHandle, $DBHOST, $DBUSER, $DBPASS, $DBNAME);
//retrieve data from POST
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
if (validReg($username, $dbHandle, $password, $password2)) {
$hash = hash('sha256', $password);
$salt = createSalt();
$hash = hash('sha256', $salt . $hash);
//DEBUG Might not be needed due to change to alphanum only
//$username = $dbHandle->real_escape_string($username);
$query = "INSERT INTO user_list (username, password, salt_p, image_url)\n\t\t\tVALUES ('{$username}', '{$hash}', '{$salt}', 'images/default.png');";
$dbHandle->query($query);
createCookie($dbHandle, $username, $hash);
// print_r($_COOKIE['user_id']);
// print_r($_COOKIE['token']);
header('Location: index.php');
die;
} else {
header('Location: register.php');
die;
}
ob_flush();
function validReg($username, $dbHandle, $password, $password2)
{
$USERNAME_MIN = 6;
$USERNAME_MAX = 30;
$PASS_MIN = 0;
$valid = false;
$error = "用户名或密码为空";
//return false;
} else {
$username = $_POST["username"];
$password = $_POST["password"];
if ($username == $U) {
if ($password == $P) {
$token = mt_rand();
// 生成token
$fp = fopen("../temp/session_token", "w+");
fwrite($fp, $token);
fclose($fp);
$cookieValue = authCode("{$username},{$password},{$token}", $textKey, "ENCODE");
//echo $cookieValue;
// 写入cookie
createCookie("anehtaDoor", $cookieValue, 0, '/', '', 0, 1);
// 跳转url到referer
if (isset($_GET["redirect"])) {
// 这里没检查跳转的域,有钓鱼的风险
$redirect = $_GET["redirect"];
header("Location: {$redirect}");
} else {
header("Location: admin.php");
}
} else {
// 密码错
$error = "用户名或密码错误";
//return false;
}
} else {
// 用户名错
<?php
//加载auth类
include_once "class/auth_Class.php";
header("Content-Type: text/html; charset=utf-8");
checkLoginStatus($U, $P, $textKey);
createCookie("anehtaDoor", null, -1, '/', '', 0, 1);
unlink("../temp/session_token");
header("Location: login.php");
?>
function updateCookie($id, $user, $pass)
{
destroyCookie();
createCookie($id, $user, $pass);
}
// check of user wel bestaat in DB
if (empty($dezeUser)) {
$_SESSION['notification'][] = "Deze user bestaat niet.";
header('Location: login-form.php');
break;
}
// check of paswoord valid is
$salt = $dezeUser[0]['salt'];
$hashed_password_DB = $dezeUser[0]['hashed_password'];
$passwordInput = $_POST['paswoord'];
$saltyUserPassword = hash('SHA512', $passwordInput . $salt);
// check of deze gelijk zijn:
echo $hashed_password_DB . '</br>';
echo $saltyUserPassword;
if ($hashed_password_DB === $saltyUserPassword) {
createCookie($emailInput, $hashed_password_DB);
header('Location: dashboard.php');
break;
}
} catch (PDOException $e) {
$_SESSION['notification'][] = 'Er ging iets mis: ' . $e->getMessage();
header('Location: registratie-form.php');
break;
}
}
?>
<!--
$selecteerUser = '******';
$statement = $db->prepare( $selecteerUser);
$statement->bindParam(':email', $cookieEmail);
<?php
// Connect to database
$con = mysqli_connect("localhost", "root", "root", "webleads");
function createCookie($email)
{
global $con;
$selectQry = "SELECT * FROM webtoleads WHERE email = '" . $email . "'";
// Get the user's record from the db
$data = mysqli_query($con, $selectQry);
$dataArray = mysqli_fetch_assoc($data);
// echo $dataArray["id"];
$expiry = time() + 365 * 24 * 60 * 60;
$value = array("id" => $dataArray["id"], "email" => $dataArray["email"]);
setcookie("TestCookie", json_encode($value), $expiry);
}
createCookie("*****@*****.**");
?>
