Exemple #1
0
 static function register_user($firstname, $lastname, $email, $password, $confirmpassword)
 {
     // registers a new user
     // if data is invalid the function throws exceptions
     if ($firstname == NULL) {
         throw new Exception('No_first_name_given');
     } else {
         if ($lastname == NULL) {
             throw new Exception('No_last_name_given');
         } else {
             if (!Validation::is_email($email)) {
                 throw new Exception('Invalid_email_address');
             } else {
                 if (!Validation::is_password($password)) {
                     throw new Exception('Invalid_password');
                 } else {
                     if ($password != $confirmpassword) {
                         throw new Exception('Different_passwords');
                     } else {
                         if (!self::email_available($email)) {
                             throw new Exception('Email_alreads_in_use');
                         } else {
                             $salt = rand(0, 999999999);
                             $password = sha1($salt . $password);
                             unset($confirmpassword);
                             $hash = sha1($salt . $email . $password);
                             $reg_time = time();
                             global $con;
                             $sql = "\n        INSERT INTO `user` (`firstname`, `lastname`, `email`, `password`, `salt`, `reg_time`, `hash`)\n\t\t  VALUES ('" . $firstname . "', '" . $lastname . "', '" . $email . "', '" . $password . "', " . $salt . ", " . $reg_time . ", '" . $hash . "');";
                             $query = mysqli_query($con, $sql);
                             $user_id = mysqli_insert_id($con);
                             // create settings table entry
                             $sql = "INSERT INTO `user_settings` (`user`) VALUES (" . $user_id . ");";
                             $query = mysqli_query($con, $sql);
                             // send email to registered user
                             Mail::get_email_confirmation_mail($firstname, $email, $hash)->send();
                             // mail to admin
                             $admin_mail = new Mail("*****@*****.**", Mail::DEFAULT_SENDER_EMAIL, null, "New user", "" . $firstname . " " . $lastname . " has just signed up on Abfrage3!");
                             $admin_mail->send();
                             return TRUE;
                         }
                     }
                 }
             }
         }
     }
 }
Exemple #2
0
 $email = $_POST['email'];
 $password = $_POST['password'];
 $result = Database::check_login_data($email, $password);
 $id = Database::email2id($email);
 // correct combination
 if ($result == 1) {
     session_start();
     $_SESSION['id'] = $id;
     Database::add_login($id, $_POST['stay-logged-in'] == 1);
     header("Location: /#/home");
     exit;
 } else {
     if ($result == 2) {
         // correct combination but email not comfirmed yet
         $user = Database::get_user_by_id($id);
         $mail = Mail::get_email_confirmation_mail($user->firstname, $user->email, $user->hash);
         $mail->send();
         header("Location: /?login_message=" . $l['Email_not_confirmed__'] . "&email=" . $user->email);
         exit;
     } else {
         if ($result == 0) {
             header("Location: /?login_message=" . $l['Password_wrong__'] . "&email=" . $email);
             exit;
         } else {
             if ($result == 3) {
                 header("Location: /?login_message=" . $l['Email_invalid__']);
                 exit;
             }
         }
     }
 }