function saveRegistration($post, $db) { // Store the results into the users table. $query = "\n INSERT INTO user (\n email,\n password,\n password_salt,\n first_name,\n last_name,\n user_type_id,\n picture_url\n ) VALUES (\n :email,\n :password,\n :salt,\n :first_name,\n :last_name,\n :user_type_id,\n :picture_url\n )"; // Security measures $salt = PasswordUtils::generatePasswordSalt(); $password = PasswordUtils::hashPassword($post['password'], $salt); $query_params = array(':email' => $post['email'], ':password' => $password, ':salt' => $salt, ':first_name' => $post['first_name'], ':last_name' => $post['last_name'], ':user_type_id' => '1', ':picture_url' => 'https://s3-us-west-2.amazonaws.com/dbsystems/default-avatar.png'); try { $stmt = $db->prepare($query); $stmt->execute($query_params); } catch (PDOException $ex) { die("Failed to run query: " . $ex->getMessage()); } }
function saveRegistration($post, $hash, $db) { // Store the results into the users table. $query = "\n INSERT INTO users (\n email,\n password,\n salt,\n user_type_id,\n hash,\n picture_url\n ) VALUES (\n :email,\n :password,\n :salt,\n :user_type_id,\n :hash,\n :picture_url\n )\n "; // Security measures $salt = PasswordUtils::generatePasswordSalt(); $password = PasswordUtils::hashPassword($post['password'], $salt); $query_params = array(':email' => $post['email'], ':password' => $password, ':salt' => $salt, ':user_type_id' => $post['user_type_id'], ':hash' => $hash, ':picture_url' => 'http://walphotobucket.s3.amazonaws.com/default.jpg'); try { $stmt = $db->prepare($query); $stmt->execute($query_params); } catch (PDOException $ex) { die("Failed to run query: " . $ex->getMessage()); } }
include_once '../AutoLoader.php'; AutoLoader::registerDirectory('../src/classes'); require "config.php"; require "MailFiles/PHPMailerAutoload.php"; $fp = new ForgotPassword(); if (!empty($_POST)) { // Check if the email is recognized. $fp->checkEmail($_POST['email'], $db); // If the email was recognized, generate a new password and send an email. if (empty($fp->noEmail) && !empty($_POST['challenge_question_answer'])) { if ($fp->checkAnswer(htmlspecialchars($_POST['challenge_question_answer']))) { $newPassword = PasswordUtils::generateNewPassword(); if ($fp->sendNewPassword($newPassword)) { $fp->success = "An email has been sent to the address that you provided. " . "Use the password included in the email to log in."; // Hash the new password and update the tables. $newSalt = PasswordUtils::generatePasswordSalt(); $newPassword = PasswordUtils::hashPassword($newPassword, $newSalt); $fp->updateTables($newPassword, $newSalt, $db); } else { $fp->registrationFailure = "Verification email could not be sent. Please try again later."; } } } } ?> <!doctype html> <html lang="en"> <head> <style>.error {color: #FF0000;}</style> <style>.success {color: #00FF00;</style>