<?php

require '../../phpinclude/init.php';
// get, check and clean inputs
$email = check_text_input($_POST['email'], 1, 255, "Email", "/public/signin.php?err");
$password = check_text_input($_POST['password'], 1, 32, "Password", "/public/signin.php?err");
dbconnect(0);
// email exists?
$result = doSQL("select userID, password from users where email=?;", $email) or die("ERR");
if (!is_array($result)) {
    // error, email inexistent
    header("Location: /public/signin.php?err=1");
    exit;
}
// get password
$row = $result[0];
// check hash
$passwordok = 0;
if (crypt($password, $row['password']) === $row['password']) {
    $passwordok = 1;
}
if ($passwordok == 0) {
    // error, password wrong
    header("Location: /public/signin.php?err=1");
    exit;
}
// sign in
sessionstart($row['userID']);
header("Location: /account/index.php?signin=1");
Exemple #2
0
 function setsecurevariable($vn,$vv) {
  if(!isset($_SESSION)) sessionstart();
  $_SESSION[$vn]=$vv;
  return $vv;
 }
    do_err($erraddr3, "Email in use");
}
// check username still available
$result = doSQL("select * from users where username=?;", $username) or do_err($erraddr1, "Database Error");
if (is_array($result)) {
    // no, exists, quit
    do_err($erraddr1, "Username in use");
}
// check recaptcha
$rcc = $_POST["rcc"];
$rcr = $_POST["rcr"];
$rch = base64_decode($_POST["rch"]);
$rcstr = $_SERVER["REMOTE_ADDR"] . "836429" . $rcc . "7364528" . $rcr;
if (!(crypt($rcstr, $rch) === $rch)) {
    do_err($erraddrrc, "The reCAPTCHA was wrong " . $rcerr);
}
// hash password
// create a random salt
$salt = "\$2y\$10\$" . bin2hex(openssl_random_pseudo_bytes(22));
// Hash the password with the salt
$hash = crypt($password, $salt);
// insert user
$result = doSQL("insert into users (username, password, email) values (?, ?, ?);", $username, $hash, $email) or do_err($erraddr3, "Database Error");
$nid = $db->insert_id;
// signin
sessionstart($nid);
// jump
header('Location: ../account/index.php?signup=1');
?>

Exemple #4
0
//////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
/////////↓メイン/////////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($_POST['page'])) {
    $page = $_POST['page'];
} else {
    $page = 1;
}
if (isset($_POST['mode'])) {
    $mode = $_POST['mode'];
} else {
    $mode = "input";
}
if (!isset($_SESSION['name'])) {
    sessionstart();
    session_to_value();
} else {
    //echo($_COOKIE['PHPSESSID'] . "<br>");
    //echo($mode . "<br>");
    //echo($page . "<br>");
    session_to_value();
    post_to_value();
    valuecheck();
    //echo($mode . "<br>");
    //echo($page . "<br>");
}
value_to_session();
showscreen();
//0:input,1:error,3:revise
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////