/** * Initialises the userhash from a username/password table * * @param string $db Database holding the user table * @param string $table Table with columns db, username, password * @param string $user Username for the user database * @param string $pass Password for the user database */ public static function init($db, $table, $user, $pass) { // Set the database to the user DB DB::setDB($db, $user, $pass); // Clean the table name to prevent injection $table = DB::clean($table); $sql = "SELECT db, username, password FROM {$table}"; $result = DB::query($sql); // If valid result received then loop through and add users foreach ($result->rows as $row) { DB::addUser(self::$dbprefix . $row->db, $row->username, $row->password); } }
die; } if (empty(trim($_POST['password']))) { $data = array('status' => false, 'errorcode' => 6, 'errorinfo' => 'password can not be empty'); responseClient($data); die; } $username = trim($_POST['username']); $email = trim($_POST['email']); $password = trim($_POST['password']); $user = array('username' => $username, 'email' => $email, 'password' => $password); $dbc = new DB(); if ($dbc->checkUserExist($username)) { $data = array('status' => false, 'errorcode' => 1, 'errorinfo' => 'username is exist'); responseClient($data); die; } if ($dbc->checkEmailExist($email)) { $data = array('status' => false, 'errorcode' => 2, 'errorinfo' => 'user email have been used'); responseClient($data); die; } if ($dbc->addUser($user)) { $data = array('status' => true, 'errorcode' => 0, 'errorinfo' => 'register succees'); responseClient($data); } else { $data = array('status' => false, 'errorcode' => 3, 'errorinfo' => 'database error'); responseClient($data); die; } }
} //Und strings filtern! //Ist aber glaubs "unnötig", da mit PDO gearbeitet wird, und diese dort eh gefiltert werden $username_data = trim($_POST['username']); $username_data = htmlspecialchars($username_data); $username_data = mysql_real_escape_string($username_data); $password_data = sha1($_POST['password']); //Für Benutzer testen $db = new DB(); if (!count($db->selectIdFromUsername($username_data)) == 0) { unset($_SESSION['user_id']); header("Location: ../index.php?site=createAccount&error=5"); exit; } //Benutzer hinzufügen, neue ID holen $db->addUser($username_data, $password_data); $result = $db->selectIdFromUsername($username_data); if (count($result) == 1) { $_SESSION['user_id'] = $result[0]['user_id']; header("Location: ../index.php?site=home"); exit; } else { if (count($result) == 0) { //Kein Benutzer gefunden. unset($_SESSION['user_id']); header("Location: ../index.php?site=createAccount&error=0"); exit; } else { unset($_SESSION['user_id']); header("Location: ../index.php?site=login&error=0"); exit;
// raw: the raw input from user, $raw_username = $_POST['username']; if (!@preg_match("/^[_a-zA-Z0-9]{3,15}\$/", $raw_username)) { echo $errorResponse = json_encode(array("status" => false, "message" => array("errorCode" => -100, "errorMessage" => "username error."))); exit(0); } $raw_password = $_POST['password']; if (!@preg_match("/^[_a-zA-Z0-9]{6,16}\$/", $raw_password)) { echo $errorResponse = json_encode(array("status" => false, "message" => array("errorCode" => -102, "errorMessage" => "password error."))); exit(0); } $raw_sex = $_POST['sex']; $raw_email = $_POST['email']; // TODO: verify userinput // connect to DB $db = new DB(); $response = $db->addUser($raw_username, $raw_password, $raw_sex, $raw_email, date('Y-m-d H:i:s', time())); if ($response['status'] === true) { //success //login(this user) echo $response; // to ajax $_SESSION['username'] = $response['message']['username']; header("Location: home.php"); exit(0); } else { echo json_encode($response); } } else { echo $errorResponse = json_encode(array("status" => false, "message" => array("errorCode" => -2, "errorMessage" => "input error."))); }
<label for=""> Password <input type="password" placeholder="password" name="password" required/> </label> </div> <button name="submit" type="submit"> Sign up </button> </form> <?php /** * Created by PhpStorm. * User: sridharrajs * Date: 12/30/15 * Time: 5:41 PM */ session_start(); include_once 'includes/DB.php'; if ($_POST['email']) { $email = $_POST['email']; $password = $_POST['password']; $isSuccessful = DB::addUser($email, $password); if ($isSuccessful) { $_SESSION['email'] = $email; header('Location: blog.php'); exit; } else { echo 'Failed!'; } }
echo $_POST['macs'] == "" ? "dummy" : $db->getStatusAll($_POST['macs']); } else { if (isset($_POST['status'])) { //Status de un sistema. echo $_POST['mac'] == "" ? "dummy" : $db->getStatus($_POST['mac']); } else { if (isset($_POST['shut'])) { //Shutdown. echo shutdown($_POST['userName'], $_POST['pass'], $_POST['hostname']); } else { if (isset($_POST['wol'])) { //WOL. echo wol($_POST['mac'], $_POST['broad']); } else { if (isset($_POST['addUser'])) { //Add user. echo $db->addUser($_POST['userName'], $_POST['mail'], $_POST['pass']); } } } } } } } } else { echo "not logged"; } } } $db->close(); #endregion MAIN