PHP phpFreaksCrypto Examples

Example #1

File: password_reset.php Project: rbianco3/phppickem

<?php

require 'includes/application_top.php';
require 'includes/classes/crypto.php';
$crypto = new phpFreaksCrypto();
include 'includes/classes/class.phpmailer.php';
if ($_GET['reset'] == 'true') {
    $display = '<div class="responseOk">Your password has been reset, and has been sent to you.</div><br/>';
}
if (isset($_POST['submit'])) {
    //create new user, disabled
    $sql = "SELECT * FROM " . $db_prefix . "users WHERE firstname='" . $_POST['firstname'] . "' and email = '" . $_POST['email'] . "';";
    $query = mysql_query($sql);
    if (mysql_numrows($query) == 0) {
        $display = '<div class="responseError">No account matched, please try again.</div><br/>';
    } else {
        $result = mysql_fetch_array($query);
        //generate random password and update the db
        $password = randomString(10);
        $salt = substr($crypto->encrypt(uniqid(mt_rand(), true)), 0, 10);
        $secure_password = $crypto->encrypt($salt . $crypto->encrypt($password));
        $sql = "update " . $db_prefix . "users set salt = '" . $salt . "', password = '******' where firstname='" . $_POST['firstname'] . "' and email = '" . $_POST['email'] . "';";
        mysql_query($sql) or die(mysql_error());
        //send confirmation email
        $mail = new PHPMailer();
        $mail->IsHTML(true);
        $mail->From = $adminUser->email;
        // the email field of the form
        $mail->FromName = 'NFL Pick \'Em Admin';
        // the name field of the form
        $mail->AddAddress($_POST['email']);

Example #2

File: signup.php Project: rbianco3/phppickem

<?php

require 'includes/application_top.php';
require 'includes/classes/crypto.php';
include 'includes/classes/class.formvalidation.php';
include 'includes/classes/class.phpmailer.php';
if (!$allow_signup) {
    header('location: login.php?signup=no');
    exit;
}
if (isset($_POST['submit'])) {
    $my_form = new validator();
    $mail = new PHPMailer();
    $crypto = new phpFreaksCrypto();
    $firstname = $_POST['firstname'];
    $lastname = $_POST['lastname'];
    $email = $_POST['email'];
    $username = $_POST['username'];
    $password = $_POST['password'];
    $password2 = $_POST['password2'];
    if ($my_form->checkEmail($email)) {
        // check for good mail
        if ($my_form->validate_fields('firstname,lastname,email,username,password')) {
            // comma delimited list of the required form fields
            if ($password == $password2) {
                //create new user, disabled
                $username = mysql_real_escape_string(str_replace(' ', '_', $username));
                $sql = "SELECT userName FROM " . $db_prefix . "users WHERE userName='******';";
                $result = mysql_query($sql);
                if (mysql_numrows($result) > 0) {
                    $display = '<div class="responseError">User already exists, please try another username.</div><br/>';