public function signup($username, $password, $fullname) { $result = array("error" => true, "error_code" => ERROR_UNKNOWN); if (!helper::isCorrectLogin($username)) { $result = array("error" => true, "error_code" => ERROR_UNKNOWN, "error_type" => 0, "error_description" => "Incorrect login"); return $result; } if (!helper::isCorrectPassword($password)) { $result = array("error" => true, "error_code" => ERROR_UNKNOWN, "error_type" => 1, "error_description" => "Incorrect password"); return $result; } $salt = helper::generateSalt(3); $passw_hash = md5(md5($password) . $salt); $currentTime = time(); $stmt = $this->db->prepare("INSERT INTO admins (username, salt, password, fullname, createAt) value (:username, :salt, :password, :fullname, :createAt)"); $stmt->bindParam(":username", $username, PDO::PARAM_STR); $stmt->bindParam(":salt", $salt, PDO::PARAM_STR); $stmt->bindParam(":password", $passw_hash, PDO::PARAM_STR); $stmt->bindParam(":fullname", $fullname, PDO::PARAM_STR); $stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT); if ($stmt->execute()) { $this->setId($this->db->lastInsertId()); $result = array("error" => false, 'accountId' => $this->id, 'username' => $username, 'password' => $password, 'error_code' => ERROR_SUCCESS, 'error_description' => 'SignUp Success!'); return $result; } return $result; }
public function setUsername($username) { $result = array("error" => true, "error_code" => ERROR_UNKNOWN); $helper = new helper($this->db); if (!helper::isCorrectLogin($username)) { return $result; } if ($helper->isLoginExists($username)) { return $result; } $stmt = $this->db->prepare("UPDATE users SET login = (:login) WHERE id = (:accountId)"); $stmt->bindParam(":accountId", $this->id, PDO::PARAM_INT); $stmt->bindParam(":login", $username, PDO::PARAM_STR); if ($stmt->execute()) { $result = array('error' => false, 'error_code' => ERROR_SUCCESS); } return $result; }
$user_fullname = isset($_POST['user_fullname']) ? $_POST['user_fullname'] : ''; $token = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : ''; $user_username = helper::clearText($user_username); $user_fullname = helper::clearText($user_fullname); $user_password = helper::clearText($user_password); $user_password_repeat = helper::clearText($user_password_repeat); $user_username = helper::escapeText($user_username); $user_fullname = helper::escapeText($user_fullname); $user_password = helper::escapeText($user_password); $user_password_repeat = helper::escapeText($user_password_repeat); if (auth::getAuthenticityToken() !== $token) { $error = true; $error_token = true; $error_message[] = 'Error!'; } if (!helper::isCorrectLogin($user_username)) { $error = true; $error_username = true; $error_message[] = 'Incorrect username.'; } if (!helper::isCorrectPassword($user_password)) { $error = true; $error_password = true; $error_message[] = 'Incorrect password.'; } if (!$error) { $admin = new admin($dbo); // Create admin account $result = array(); $result = $admin->signup($user_username, $user_password, $user_fullname); if ($result['error'] === false) {