function vInsertIntoOwnerLoginTable($SafeFirstName, $SafeLastName, $SafeEmail, $SafePWD) { global $mysqli; $UserID = $SafeFirstName . $SafeLastName; $iOwnerExists = iCheckIfOwnerEmailExists($SafeEmail); #if this is the first claim. if ($iOwnerExists == 0) { #Obtain a cryption and save it in the DB. $salt = salt(); #Hash a string that is comprised of password and a salt. #Save it as a password. This will create a second level of security. $hash = getHash($SafePWD, $salt); # The folloing is for email activation of validation. $email_code = md5($SafeEmail + microtime()); if (DEBUG) { echo "salt =" . $salt . "<br>"; echo "SafePWD =" . $SafePWD . "<br>"; echo "hash =" . $hash . "<br>"; } #user_id is also email address. $mysqli->autocommit(FALSE); $InsertCommand = "INSERT INTO \r\n login_table ( id, user_id, salt, password, email_address, email_code, type )\r\n\t\t\t\t values ( NULL, '" . $SafeEmail . "', '" . $salt . "', '" . $hash . "', '" . $SafeEmail . "', '" . $email_code . "', 'O' )"; $add_post_res = $mysqli->query($InsertCommand); # or die($mysqli->error); if (!$mysqli->commit()) { $mysqli->rollback(); } SendActivateEmailNotice($SafeEmail, $email_code); echo "Please activate your email to complete the registration. Please respond to your email. Thanks."; } else { /*popup( "You have already registere!", OWNER_LOGIN_PAGE ); */ echo "You have already registered!"; } }
function vInsertIntoClientLoginTable($SafeFirstName, $SafeLastName, $SafeEmail, $SafePWD) { global $mysqli; $UserID = $SafeFirstName . $SafeLastName; $iClientExists = iCheckIfClientEmailExists($SafeEmail); #if this is the first claim. if ($iClientExists == 0) { $salt = salt(); $hash = getHash($SafePWD, $salt); $email_code = md5($SafeEmail + microtime()); #user_id is also email address. $mysqli->autocommit(FALSE); $InsertCommand = "INSERT INTO client_login_table \r\n ( id, first_name, last_name, email_address, email_code, salt, password )\r\n values \r\n (NULL,'{$SafeFirstName}', '{$SafeLastName}', '{$SafeEmail}', '{$email_code}', '{$salt}', '{$hash}' )"; $add_post_res = $mysqli->query($InsertCommand) or die($mysqli->error); if (!$mysqli->commit()) { $mysqli->rollback(); } SendActivateEmailNotice($SafeEmail, $email_code); echo "Please activate your email to complete the registration. Please respond to your email. Thanks."; } else { /*popup('You have already registered.', "http://" . IP_ADDRESS . "/member/client_login_register.php");*/ echo "You have already registered"; } }
#if the owner exists. if (Token::check("OWNER_LOGIN_FORM", $token)) { if ($iOwnerExists == 1) { if (DEBUG) { echo "TOKEN matches<br>"; } //If email is already activated. if ($Email_status == 1) { $_SESSION['user'] = '******'; $_SESSION['id'] = $ID; //If owner wants to reset the password. if ($Password_status == 1) { // header() function didn't work. header() function displayed a nested website . // This function worked. I think it has to do with angularJS. echo '<META HTTP-EQUIV="Refresh" Content="0;URL=owner_reset_password_front_end.php">'; } else { $_SESSION['email'] = $SafeEmail; echo "Welcome back!"; } } else { SendActivateEmailNotice($SafeEmail, $email_code); echo "Please activate your email. Please respond to your email. Thanks."; } } else { //popup( "Please register before log in. Thanks.", OWNER_LOGIN_PAGE ); echo "Please register before log in. Thanks."; } } else { //popup( "Token doesn't match.", OWNER_LOGIN_PAGE ); echo "Please refresh the brower by pressing F5 ( Error: Token doesn't match. _SESSION['owner_login_token'] = " . $_SESSION['owner_login_token']; }