public function addUser()
{
$success = false;
$username = Helper::trimString($this->username);
$email = Helper::trimString($this->email);
$password = Helper::createPassHash($this->pass);
$phone = filter_var(Helper::filterPhone($this->phone));
$sex = $this->sex;
$city = intval($this->city);
$about = filter_var($this->about);
$user_id = substr(sha1(date('ymdGisa') . rand(30, 6000)) . range('a', 'z')[array_rand(range('a', 'z'))], 0, 34);
$key = Numbers::_randKey();
$sql = 'INSERT INTO users (user_id, alias, email, password, phone, sex, city, about, active, date_joined) VALUES (:user_id, :alias, :email, :password, :phone, :sex, :city, :about, FALSE , NOW())';
$add_key = 'INSERT INTO confirmation (user_id, user_key, expires) VALUES (:user_id, :user_key, DATE_ADD(NOW(), INTERVAL 6 MONTH))';
try {
$dbh = Database::connect();
$dbh->beginTransaction();
$stmt = $dbh->prepare($sql);
$stmt->bindParam(':user_id', $user_id);
$stmt->bindParam(':alias', $username);
$stmt->bindParam(':email', $email);
$stmt->bindParam(':password', $password);
$stmt->bindParam(':phone', $phone);
$stmt->bindParam(':about', $about);
$stmt->bindParam(':sex', $sex);
$stmt->bindParam(':city', $city);
$stmt->execute();
$success = $stmt->rowCount() > 0;
if ($success === true) {
$st = $dbh->prepare($add_key);
$st->bindParam(':user_id', $user_id, PDO::PARAM_STR);
$st->bindParam(':user_key', $key, PDO::PARAM_STR);
$st->execute();
if ($st->rowCount() > 0) {
$dbh->commit();
$success = true;
} else {
$dbh->rollBack();
$success = false;
User::addError('global', '<strong>Error: </strong> Please try again later');
}
} else {
echo "<h1>Key added</h1>";
User::addError('global', '<strong>Error: </strong> Please try again later');
}
} catch (PDOException $e) {
echo $e->getMessage();
} catch (Exception $ex) {
echo $ex->getMessage();
}
if ($success === true) {
P_Mail::sendConfirmation($user_id, $key, $this->username, $this->email);
}
return $success;
}
if (isset($_SESSION['uid'])) {
$debug['COOKIE_OK_l'] = true;
}
header('Location: panel.php');
}
}
$auth = null;
$error = '';
$user = null;
//Post data
if (isset($_POST['email']) && isset($_POST['password'])) {
$email = isset($_POST['email']) ? trim($_POST['email']) : '';
$pass = isset($_POST['password']) ? trim($_POST['password']) : '';
$auth = new Auth($email, $pass);
if ($auth->check() === false) {
$error = $auth->getError();
} else {
if (!empty($_POST['keep_session'])) {
if ($_POST['keep_session'] == 'keep_session') {
$user = DBWorker::getRow('SELECT user_id FROM users WHERE email = :email AND active = 1', ':email', $email);
Session::alter(Numbers::_randKey(), $user_agent_string, 'save', $user['user_id']);
$debug['SaveSession'] = true;
}
}
$debug['login'] = true;
header('Location: panel.php');
}
}
/*var_dump($debug);
var_dump($_SESSION);
var_dump($_COOKIE);*/
$resend = false;
} else {
$error = 'Invalid activation key please enter your email to get your key';
}
}
}
if (isset($_POST['email'])) {
$email = trim($_POST['email']);
if (strlen($email) < 6 || strlen($email) > 32 || preg_match('/[^a-zA-Z0-9_@\\.]/', $email)) {
$error = 'Invalid email';
} else {
$user = DBWorker::getRow('SELECT * FROM users WHERE email = :email AND active = 0', ':email', Helper::filterEmail($email));
if ($user !== false) {
$uid = filter_var($user['user_id'], FILTER_SANITIZE_STRING);
$key = DBWorker::getRow('SELECT * FROM confirmation WHERE user_id = :uid', ':uid', $uid);
if ($key !== false) {
$token = $key['user_key'];
$user_id = $key['user_id'];
P_MAIL::sendConfirmation($user_id, $key['user_key'], $user['alias'], $user['email']);
} else {
//the key is unavailable
DBWorker::insert('INSERT INTO confirmation (user_id, user_key, expires) VALUES (:uid, ' . filter_var(Numbers::_randKey(), FILTER_SANITIZE_NUMBER_INT) . ', DATE_ADD(NOW(), INTERVAL 6 MONTH ))', ':uid', $user['user_id']);
//resend key to user's mail box
P_MAIL::sendConfirmation($user['user_id'], Numbers::_randKey(), $user['alias'], $user['email']);
}
} elseif (DBWorker::getRow('SELECT * FROM users WHERE email = :email AND active = 1', ':email', Helper::filterEmail($_POST['email']))) {
$error = 'Account already activated. Please <a href="../user/login.php?' . $append . '">login</a> to access your panel';
$resend = false;
}
}
}
