public function __construct($user_id) { $this->uid = $user_id; $user = DBWorker::getRow('SELECT * FROM users WHERE user_id = :uid AND active = 1', ':uid', $user_id); if ($user) { $this->email = $user['email']; $this->alias = $user['alias']; $this->name = $user['name']; $this->city = $user['city']; $this->phone = $user['phone']; $this->about = $user['about']; $this->sex = $user['sex']; $this->date_joined = $user['date_joined']; } }
/** * @return bool *Pull password from schema and check it against user password */ public function check() { if (Helper::validateEmail($this->email) == true) { //if email is invalid don't bother checking in the schema $user = DBWorker::getRow('SELECT password FROM users WHERE email = :email AND active = 1', ':email', $this->email); if (!$user) { $this->valid = false; $this->error = '<p class="warning"><strong>Error :</strong>Username and password do not match </p>'; //email is found. go on to check the password } elseif ($user) { //match user password against the one in the found row in the schema if (crypt($this->pass, $user['password']) === $user['password']) { $this->valid = true; } else { $this->error = '<p class="warning"><strong>Error :</strong>Username and password do not match </p>'; } } } else { $this->error = '<p class="warning"><strong>Error :</strong> Please enter a valid email</p>'; $this->valid = false; } return $this->valid; }
if (isset($_SESSION['uid'])) { $debug['COOKIE_OK_l'] = true; } header('Location: panel.php'); } } $auth = null; $error = ''; $user = null; //Post data if (isset($_POST['email']) && isset($_POST['password'])) { $email = isset($_POST['email']) ? trim($_POST['email']) : ''; $pass = isset($_POST['password']) ? trim($_POST['password']) : ''; $auth = new Auth($email, $pass); if ($auth->check() === false) { $error = $auth->getError(); } else { if (!empty($_POST['keep_session'])) { if ($_POST['keep_session'] == 'keep_session') { $user = DBWorker::getRow('SELECT user_id FROM users WHERE email = :email AND active = 1', ':email', $email); Session::alter(Numbers::_randKey(), $user_agent_string, 'save', $user['user_id']); $debug['SaveSession'] = true; } } $debug['login'] = true; header('Location: panel.php'); } } /*var_dump($debug); var_dump($_SESSION); var_dump($_COOKIE);*/
* User: Peter * Date: 8/14/15 * Time: 6:39 PM * To change this template use File | Settings | File Templates. */ session_start(); if (isset($_SESSION['uid'])) { header('Location: home.php'); exit; } require_once "includes/database/DBWorker.php"; $success = null; if (!empty($_POST['login'])) { $user_name = !empty($_POST['username']) ? trim($_POST['username']) : ''; $password = !empty($_POST['password']) ? $_POST['password'] : ''; $user = DBWorker::getRow('SELECT * FROM users WHERE username = :username', ':username', $user_name); if ($user) { if (md5($password) == $user['password']) { $_SESSION['uid'] = md5($username); $_SESSION['username'] = $username; header('Location: home.php'); exit; } } $success = false; } ?> <!doctype html> <html> <head> <link rel="stylesheet" href="css/header.css" type="text/css"/>
* Created by JetBrains PhpStorm. * User: Peter * Date: 8/9/15 * Time: 11:12 PM * To change this template use File | Settings | File Templates. */ require_once "auth.inc.php"; require_once "includes/database/DBWorker.php"; require_once "includes/utils/helper.class.php"; $error_msg = array(); $success = false; $dbh = new DBWorker(); $app_id = isset($_GET['app']) ? abs($_GET['app']) : null; $app = null; if (isset($app_id)) { $app = DBWorker::getRow('SELECT * FROM apps WHERE id = :id', ':id', $app_id); } if (isset($_POST['add_app'])) { $id = isset($_POST['id']) ? abs($_POST['id']) : -1; $app_date = $_POST['app_date']; $app_summary = trim($_POST['app_summary']); $patient_name = $_POST['patient_name']; if (preg_match('/^\\d{4}-\\d{2}-\\d{2}$/', $app_date) < 1) { $error_msg[] = 'Invalid date'; } if (strlen(trim($patient_name)) < 3) { $error_msg[] = 'Client name too short'; } $add_app = 'INSERT INTO apps (app_date, app_summary, patient_name) VALUES (:app_d, :app_sum, :patient)'; if ($_POST['add_app'] == 'Edit') { $add_app = 'UPDATE apps SET app_date = :app_d, app_summary = :app_sum, patient_name = :patient WHERE id = :id';
$resend = false; } else { $error = 'Invalid activation key please enter your email to get your key'; } } } if (isset($_POST['email'])) { $email = trim($_POST['email']); if (strlen($email) < 6 || strlen($email) > 32 || preg_match('/[^a-zA-Z0-9_@\\.]/', $email)) { $error = 'Invalid email'; } else { $user = DBWorker::getRow('SELECT * FROM users WHERE email = :email AND active = 0', ':email', Helper::filterEmail($email)); if ($user !== false) { $uid = filter_var($user['user_id'], FILTER_SANITIZE_STRING); $key = DBWorker::getRow('SELECT * FROM confirmation WHERE user_id = :uid', ':uid', $uid); if ($key !== false) { $token = $key['user_key']; $user_id = $key['user_id']; P_MAIL::sendConfirmation($user_id, $key['user_key'], $user['alias'], $user['email']); } else { //the key is unavailable DBWorker::insert('INSERT INTO confirmation (user_id, user_key, expires) VALUES (:uid, ' . filter_var(Numbers::_randKey(), FILTER_SANITIZE_NUMBER_INT) . ', DATE_ADD(NOW(), INTERVAL 6 MONTH ))', ':uid', $user['user_id']); //resend key to user's mail box P_MAIL::sendConfirmation($user['user_id'], Numbers::_randKey(), $user['alias'], $user['email']); } } elseif (DBWorker::getRow('SELECT * FROM users WHERE email = :email AND active = 1', ':email', Helper::filterEmail($_POST['email']))) { $error = 'Account already activated. Please <a href="../user/login.php?' . $append . '">login</a> to access your panel'; $resend = false; } } }