function vInsertIntoClientLoginTable($SafeFirstName, $SafeLastName, $SafeEmail, $SafePWD) { global $mysqli; $UserID = $SafeFirstName . $SafeLastName; $iClientExists = iCheckIfClientEmailExists($SafeEmail); #if this is the first claim. if ($iClientExists == 0) { $salt = salt(); $hash = getHash($SafePWD, $salt); $email_code = md5($SafeEmail + microtime()); #user_id is also email address. $mysqli->autocommit(FALSE); $InsertCommand = "INSERT INTO client_login_table \r\n ( id, first_name, last_name, email_address, email_code, salt, password )\r\n values \r\n (NULL,'{$SafeFirstName}', '{$SafeLastName}', '{$SafeEmail}', '{$email_code}', '{$salt}', '{$hash}' )"; $add_post_res = $mysqli->query($InsertCommand) or die($mysqli->error); if (!$mysqli->commit()) { $mysqli->rollback(); } SendActivateEmailNotice($SafeEmail, $email_code); echo "Please activate your email to complete the registration. Please respond to your email. Thanks."; } else { /*popup('You have already registered.', "http://" . IP_ADDRESS . "/member/client_login_register.php");*/ echo "You have already registered"; } }
} return $Email_Exists; } /*************************************************************************************/ // Script starts here. // This script is called from client_login_register.php. // Specifically, it is called from AJAX subroutine called validate_login(). /*************************************************************************************/ $q = $_REQUEST["q"]; $InputArray = explode("|", $q); $client_email = $InputArray[0]; $client_password = $InputArray[1]; $token = $InputArray[2]; $SafeEmail = mysqli_real_escape_string($mysqli, $client_email); $SafePWD = mysqli_real_escape_string($mysqli, $client_password); $iClientExists = iCheckIfClientEmailExists($SafeEmail, $SafePWD, $ID, $Email_status, $email_code, $Password_status); /* ID is a referene */ if (DEBUG) { //There is no POST variables since all the values are sent via AJAX. //The below returns nothing. var_dump($_POST); print_r($token); } #if the client exists. if ($iClientExists == 1) { if (Token::check("MEMBER_LOGIN_FORM", $token)) { if ($Email_status == 1) { // Declare SESSION global. $_SESSION['user'] = '******'; $_SESSION['id'] = $ID; if ($Password_status == 1) {