echoResponse(200, $response); }); $app->post('/signUp', function () use($app) { $response = array(); $r = json_decode($app->request->getBody()); verifyRequiredParams(array('email', 'name', 'password'), $r->user); require_once 'passwordHash.php'; $db = new DbHandler(); $phone = $r->user->phone; $name = $r->user->name; $email = $r->user->email; $address = $r->user->address; $password = $r->user->password; $isUserExists = $db->getOneRecord("select 1 from users where phone='{$phone}' or email='{$email}'"); if (!$isUserExists) { $r->user->password = passwordHash::hash($password); $tabble_name = "users"; $column_names = array('phone', 'name', 'email', 'password', 'city', 'address'); $result = $db->insertIntoTable($r->user, $column_names, $tabble_name); if ($result != NULL) { $response["status"] = "success"; $response["message"] = "User account created successfully"; $response["uid"] = $result; if (!isset($_SESSION)) { session_start(); } $_SESSION['uid'] = $response["uid"]; $_SESSION['phone'] = $phone; $_SESSION['name'] = $name; $_SESSION['email'] = $email; echoResponse(200, $response);
} }); $app->post('/resetPassword', function () use($app) { require_once 'passwordHash.php'; $response = array(); $r = json_decode($app->request->getBody()); $password_non = $r->password; if (strtolower($password) == $password_non) { $response["status"] = "error"; $response["message"] = "Need at least 1 capital letter in password"; echoResponse(201, $response); $app->stop(); } if (!preg_match('/[0-9]+/', $password_non)) { $response["status"] = "error"; $response["message"] = "Need at least 1 number in password"; echoResponse(201, $response); $app->stop(); } $password = passwordHash::hash($password_non); $key = $r->key; $db = new DbHandler(); $dbemail = $db->getOneRecord("select email from confirm where validation_key='{$key}'"); $email = $dbemail['email']; $dbuid = $db->getOneRecord("select uid from users where email='{$email}'"); $uid = $dbuid['uid']; $db->updateOneRecord("update users set password = '******' where uid='{$uid}'"); $response["status"] = "success"; $response["message"] = "Account password sucessfully reset."; echoResponse(200, $response); });
echoResponse(200, $response); }); $app->post('/signUp', function () use($app) { $response = array(); $r = json_decode($app->request->getBody()); verifyRequiredParams(array('email', 'name', 'password'), $r->customer); require_once 'passwordHash.php'; $db = new DbHandler(); $phone = $r->customer->phone; $name = $r->customer->name; $email = $r->customer->email; $address = $r->customer->address; $password = $r->customer->password; $isUserExists = $db->getOneRecord("select 1 from customers_auth where phone='{$phone}' or email='{$email}'"); if (!$isUserExists) { $r->customer->password = passwordHash::hash($password); $tabble_name = "customers_auth"; $column_names = array('phone', 'name', 'email', 'password', 'city', 'address'); $result = $db->insertIntoTable($r->customer, $column_names, $tabble_name); if ($result != NULL) { $response["status"] = "success"; $response["message"] = "User account created successfully"; $response["uid"] = $result; if (!isset($_SESSION)) { session_start(); } $_SESSION['uid'] = $response["uid"]; $_SESSION['phone'] = $phone; $_SESSION['name'] = $name; $_SESSION['email'] = $email; echoResponse(200, $response);
$query = $query . ", type='{$type}' where id ={$id};"; $response = $db->executeNoResponse($query); echoResponse(201, $response); } }); $app->post('/utilisateur', function () use($app) { $response = array(); $r = json_decode($app->request->getBody()); // verifyRequiredParams(array('email', 'name', 'mdp'),$r->utilisateur); // require_once 'mdpHash.php'; $db = new DbHandler(); $nom = $r->utilisateur->nom; $prenom = $r->utilisateur->prenom; $identifiant = $r->utilisateur->identifiant; $mdp = $r->utilisateur->mdp; $mdp = passwordHash::hash($mdp); $id_etude = 'NULL'; if (isset($r->utilisateur->id_etude)) { $id_etude = $r->utilisateur->id_etude; } $type = $r->utilisateur->type; $id_laboratoire = 'NULL'; if (isset($r->utilisateur->id_laboratoire)) { $id_laboratoire = $r->utilisateur->id_laboratoire; } $query = "select * from utilisateur where identifiant='{$identifiant}'"; $response = $db->execute($query); if ($response) { echoResponse(400, "L'identifiant existe."); } else { $query = "INSERT INTO utilisateur (id, nom, prenom, identifiant, mdp, type, id_laboratoire, id_etude) \r\n\t VALUES (NULL, '{$nom}', '{$prenom}', '{$identifiant}', '{$mdp}', '{$type}', '{$id_laboratoire}','{$id_etude}')";
// Establece la clave del usuario que se solicite. $app->post('/userSetclave', 'sessionAlive', function () use($app) { // Recupera los datos de la forma // $r = json_decode($app->request->getBody()); $user = $r->user->nombreUsuario; $clave1 = $r->user->clave1; $r2 = array(); $response = array(); // $db = new DbHandler(); $usuario = $db->get1Record("call sp_sel_seg_usuario( '{$user}' )"); if ($usuario != NULL) { $column_names = array('id', 'clave2'); $r2['id'] = $usuario['id']; $r2['clave2'] = passwordHash::hash(str_rot13($r->user->clave2)); $resId = $db->updateRecord("call sp_upd_seg_usuario_clave(?,?)", $r2, $column_names, 'is'); if ($resId == 1) { $response['status'] = "info"; $response['message'] = 'La clave ha sido actualizada'; } else { $response['status'] = "error"; $response['message'] = 'No pudo actualizarse la Clave'; } } else { $response['status'] = "error"; $response['message'] = 'No se pudo validar al usuario'; } echoResponse(200, $response); }); $app->get('/userD/:id', 'sessionAlive', function ($id) use($app) {
/** * * @param string $name plain text password * * @dataProvider passwordProvider * @covers el_api_v1\passwordHash::check_password * @todo Implement testCheck_password($password). * */ public function testCheck_password($password) { $originalHash = $this->object->hash($password); $this->assertTrue($this->object->check_password($originalHash, $password)); }
$app = new \Slim\Slim(); //https://en.wikipedia.org/wiki/List_of_HTTP_status_codes // $app->post('/login', 'loginOpn'); $app->post('/signUp', 'authenticate', function () use($app) { // check for required params verifyRequiredParams(array('firstName', 'surName', 'mobileNumber', 'emailId', 'userName', 'Password', 'gender')); $response = array(); // reading post params $firstName = $app->request->post('firstName'); $surName = $app->request->post('surName'); $mobileNumber = $app->request->post('mobileNumber'); $emailId = $app->request->post('emailId'); $userName = $app->request->post('userName'); $password = $app->request->post('password'); $gender = $app->request->post('gender'); $password_hash = passwordHash::hash($password); echo $password_hash; // validating email address // validateEmail($email); $db = new DbHandler(); $profileMaster = new profile_master(); $profileMaster->setFirstName($firstName); $profileMaster->setLastName($surName); $profileMaster->setMobileNumber($mobileNumber); $profileMaster->setEmailId($emailId); $profileMaster->setUserName($userName); $profileMaster->setPassword($password_hash); $profileMaster->setStatus('00'); $profileMaster->setGender($gender); $profileMaster->setLastOpuser('admin'); if (!$db->isUserExists($emailId)) {