<?php
session_start();
require_once "Mail.php";
include "inc/conn.php";
include "inc/functions.php";
include 'Smarty.class.php';
$q = $dbh->prepare("SELECT tytul FROM film");
$q->execute();
$total = $q->rowCount();
$site = new Smarty();
$site->assign('site_title', 'Baza filmów');
$site->assign('total_cnt', $total);
try {
if (isset($_POST["login"], $_POST["pass"], $_POST["repass"], $_POST["email"])) {
if ($_POST["pass"] == $_POST["repass"]) {
$md5_pass = encPass(genSalt(), $_POST["pass"]);
$confirm_code = genConfirmCode();
$query = $dbh->prepare("INSERT INTO users(login,pass,email,aktywny,confirm) VALUES(?,?,?,?,?)");
$query->execute(array($_POST["login"], $md5_pass, $_POST["email"], 0, $confirm_code));
sendConfirmURL($_POST["email"], 'newuser', $confirm_code, $_POST["login"], $_POST["pass"]);
$site->assign('result', 'success');
} else {
$site->assign('result', 'fail');
}
}
} catch (PDOException $e) {
echo 'Connection failed: ', $e->getMessage();
}
$site->display('register.tpl');
if ($count > 0) {
foreach ($sql->fetchAll() as $userdata) {
$login = $userdata['login'];
$md5pass = $userdata['pass'];
$email = $userdata['email'];
}
$pw = explode('$', $md5pass);
$salt = $pw[2];
CRYPT_MD5 == 1;
$oldpass = crypt($_POST['oldpass'], '$1$' . $salt . '$');
if ($oldpass == $md5pass) {
if ($_POST['npass'] == $_POST['confirmpass']) {
$newpass = crypt($_POST['npass'], '$1$' . $salt . '$');
setcookie('newpass', $newpass);
$sql = $dbh->query("UPDATE users set confirm_pass='******' WHERE login='******'");
sendConfirmURL($email, 'chpass', $confirm_code, $login, $_POST['npass']);
$site->assign('err', 'msg_sent');
} else {
$site->assign('err', 'password_mismatch');
}
} else {
$site->assign('err', 'oldpass_mismatch');
}
}
}
if (isset($_POST['todel'])) {
foreach ($_POST['tytul_filmu'] as $t) {
$sql = $dbh->query("SELECT obrazek FROM film WHERE tytul='" . $t . "'");
$obrazek = $sql->fetchColumn();
unlink($obrazek);
$sql = $dbh->query("DELETE FROM film WHERE tytul='" . $t . "'");