function registerUser($mail, $password, $db)
{
    // Create random salt
    $randomSalt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
    // Create salted password
    //$hashedPassword = hash('sha512', $password . $randomSalt);
    $hashedPassword = hash('sha512', $password . $randomSalt);
    // Create randomHash to salt mail for validation-process
    $randomHash = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
    // Created salted mail for validation-process
    $validationHash = hash('sha512', $mail . $randomHash);
    try {
        $db->beginTransaction();
        $stmt = $db->prepare('INSERT INTO users(user_mail, ' . 'user_hash, ' . 'user_salt, ' . 'user_validation, ' . 'user_regDate, ' . 'user_lastLogin, ' . 'user_role, ' . 'user_status, ' . 'user_newsletter) ' . 'VALUES (:mail, :hash, :salt, :validation, NOW(), NOW(), :role, :status, :newsletter)');
        $stmt->execute(array(':mail' => $mail, ':hash' => $hashedPassword, ':salt' => $randomSalt, ':validation' => $validationHash, ':role' => 0, ':status' => 'pending', ':newsletter' => 1));
        $lastUserId = $db->lastInsertId();
        $stmt = $db->query('INSERT INTO contacts (contact_name) VALUES (NULL)');
        $lastContactId = $db->lastInsertId();
        $stmt = $db->prepare('INSERT INTO user_has_contacts (user_id, contact_id) VALUES (:user, :contact)');
        $stmt->execute(array($lastUserId, $lastContactId));
        $db->commit();
    } catch (PDOException $e) {
        $e->getMessage();
        $db->rollBack();
    }
    if (empty($e)) {
        if (sendValidationMail($mail, $validationHash)) {
            return true;
        } else {
            return false;
        }
    } else {
        return false;
    }
}
Exemple #2
0
function registerUser($db)
{
    $username = filterString($_POST['username']);
    $mail = filterEmail($_POST['mail']);
    $cmail = filterEmail($_POST['cmail']);
    $pass = filterPassword($_POST['password']);
    $cpass = filterPassword($_POST['cpassword']);
    $agb = filterString($_POST['cagb']);
    if (!isset($username) || empty($username)) {
        $error['username'] = 1;
        $error['msg']['username'] = '******';
    }
    if (!isset($mail) || empty($mail)) {
        $error['mail'] = 1;
        $error['msg']['mail'] = 'Sie haben keine E-Mail angegeben';
    }
    if (!isset($cmail) || empty($cmail)) {
        $error['cmail'] = 1;
        $error['msg']['cmail'] = 'Bitte bestätigen Sie Ihre E-Mail';
    }
    if ($mail != $cmail) {
        $error['unequal_mail'] = 1;
        $error['msg']['unequal_mail'] = 'Die angegebenen Mails stimmen nicht überein';
    }
    if (!isset($pass) || empty($pass)) {
        $error['pass'] = 1;
        $error['msg']['pass'] = '******';
    }
    if (!isset($cpass) || empty($cpass)) {
        $error['cpass'] = 1;
        $error['msg']['cpass'] = '******';
    }
    if ($pass != $cpass) {
        $error['unequal_pass'] = 1;
        $error['msg']['unequal_pass'] = '******';
    }
    if (!isset($agb) || $agb != 'on') {
        $error['agb'] = 1;
        $error['msg']['agb'] = 'Bitte akzeptieren Sie unsere AGB';
    }
    if (empty($error)) {
        $proofedName = checkIfExists($username, "fr_users", "user_name", $db);
        if ($proofedName) {
            $proofedMail = checkIfExists($mail, "fr_users", "user_mail", $db);
            if ($proofedMail) {
                // User wird angelegt
                // random salt
                $randomSalt = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
                // Create salted password
                //$hashedPassword = hash('sha512', $password . $randomSalt);
                $hashedPassword = hash('sha512', $pass . $randomSalt);
                // Create randomHash to salt mail for validation-process
                $randomHash = hash('sha512', uniqid(mt_rand(1, mt_getrandmax()), true));
                // Created salted mail for validation-process
                $validationHash = hash('sha512', $mail . $randomHash);
                try {
                    $db->beginTransaction();
                    $stmt = $db->prepare('INSERT INTO fr_users(user_name,' . 'user_mail, ' . 'user_hash, ' . 'user_salt, ' . 'user_validation, ' . 'user_regDate, ' . 'user_lastLogin, ' . 'user_role, ' . 'user_status, ' . 'user_base_lang, ' . 'user_newsletter) ' . 'VALUES (:name, :mail, :hash, :salt, :validation, NOW(), NOW(), :role, :status, :base_lang, :newsletter)');
                    $stmt->execute(array(':name' => $username, ':mail' => $mail, ':hash' => $hashedPassword, ':salt' => $randomSalt, ':validation' => $validationHash, ':role' => 0, ':status' => 'pending', ':base_lang' => 'de', ':newsletter' => 1));
                    $db->commit();
                } catch (PDOException $e) {
                    $e->getMessage();
                    $db->rollBack();
                }
                if (empty($e)) {
                    $mail = sendValidationMail($mail, $validationHash);
                    if ($mail) {
                        header('Location:' . createUrl(array("action" => "register", "do" => "success")));
                    } else {
                        $error['mail_error'] = 1;
                        return $error;
                    }
                } else {
                    $error['db_error'] = 1;
                    return $error;
                }
            } else {
                $error['mail_used'] = 1;
                $error['msg']['mail_used'] = 'Die eingegebe E-Mail wird bereits verwendet';
                return $error;
            }
        } else {
            $error['name_used'] = 1;
            $error['msg']['username_used'] = 'Der eingegeben Nutzername wird bereits verwendet';
            return $error;
        }
    } else {
        return $error;
    }
}