function verifyEmail()
{
print_r(genRandStr(12, 12));
//mail("*****@*****.**", "i'm cool", "see");
$db = Database::getInstance();
$db->connect();
$query = "insert into person (email,first_name, last_name, password, verified) values ('*****@*****.**','jeremy','patrick','siayer',0)";
$db->executeQuery($query);
}
function newProfileError($email, $pass, $confpass)
{
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
return 'Invalid email.';
}
if ($pass !== $confpass) {
return 'Passwords do not match.';
}
if (strlen($pass) < 8) {
return 'Password too short (must be at least 8 characters).';
}
if (DB::queryFirstRow('SELECT 1 from users WHERE email=%s LIMIT 1', $email)) {
return 'That email already exists.';
}
$permissions = 'u';
//regular user
$salt = genRandStr();
$passhash = saltyStretchyHash($pass, $salt);
//All of this is for nothing without end-to-end SSL.
DB::insert('users', array('email' => $email, 'passhash' => $passhash, 'permissions' => $permissions, 'salt' => $salt));
return false;
//'no error'
}
<?php
session_start();
require_once $_SERVER["DOCUMENT_ROOT"] . "/common/includes/classes.inc";
include_once $_SERVER["DOCUMENT_ROOT"] . "/common/includes/global.inc";
$firstname = $_REQUEST['firstname'];
$lastname = $_REQUEST['lastname'];
$email = $_REQUEST['email'];
$password = $_REQUEST['password'];
$password_verify = $_REQUEST['password_verify'];
$key = genRandStr(12, 12);
mail('*****@*****.**', 'Verify Postneedz.com account', 'http://dev.postneedz.com/app/create_account/verify.php?key=' . $key);
$db = Database::getInstance();
$db->connect();
$query = sprintf("INSERT INTO person (email, first_name, last_name, password, verify_key, verified) VALUES('%s', '%s', '%s', '%s','%s', 0)", mysql_real_escape_string($firstname), mysql_real_escape_string($lastname), mysql_real_escape_string($email), mysql_real_escape_string($password), mysql_real_escape_string($key));
$db->executeQuery($query);
$title = "PostNeedz";
$body = getInclude('body.inc');
$includes_header = getInclude('includes_header.inc');
include $_SERVER["DOCUMENT_ROOT"] . "/content/templates/basic.php";
?>
<?php
if ($_SERVER["HTTP_HOST"] == 'dev.postneedz.com') {
include $_SERVER["DOCUMENT_ROOT"] . "/common/includes/functions/debug.php";
}
?>
public function change_password()
{
$salt = genRandStr();
M('user')->where(array('id' => $_SESSION['uid']))->save(array('password' => sha1($salt . I('password')), 'salt' => $salt));
echo json_encode(array('result' => 'ok'));
}
<?php
require_once "initialize.php";
$json_arr = array("email" => "invalid");
if (isset($_POST['email'])) {
$email = trim($db->escape_value($_POST['email']));
// check email we = wrong email
$email_check = isValidEmail($email) ? true : ($json_arr['email'] = "we");
if ($email_check) {
// when email is correct we check if it is in our database
$query = "SELECT id, email FROM users WHERE email = '{$email}' LIMIT 1";
$result = $database->query($query);
if ($database->num_rows($result) == 1) {
// email found so we generate new password, hash it and insert into database
$password = genRandStr(6, 8);
$hp = sha1($password);
$sql = "UPDATE users SET hashed_password = '******' WHERE email = '{$email}' LIMIT 1";
$result = mysql_query($sql);
if ($result) {
// password succesfully changed and we can send email
// includes swift mailer
include_once '../lib/swift_required.php';
$info = array('email' => $email, 'password' => $password);
//send the email
if (send_email($info, 'recover')) {
//email sent
$json_arr['email'] = "sent";
} else {
// email was not sent
$json_arr['email'] = "failed";
}
function csrfCode()
{
//Returns randomly generated CSRF code. The return value is static.
static $code = '';
if ($_SESSION['ver'] && $code === $_SESSION['ver']) {
return $code;
}
return $code = $_SESSION['ver'] = genRandStr();
}
public function reset_handle()
{
if (I('password') != I('password1')) {
session('reset_error', '两次密码输入不一致');
session('reset_email', I('email'));
session('reset_key', I('reset_key'));
$this->redirect('Index/reset');
} else {
session('reset_email', null);
session('reset_key', null);
session('login_error', '密码找回完成,请登录');
$salt = genRandStr();
M('user')->where(array('email' => I('email'), 'reset_key' => I('reset_key')))->save(array('password' => sha1($salt . I('password')), 'salt' => $salt));
$this->redirect('Index/login');
}
}
public function invitation_add()
{
M('invitation')->data(array('contest_id' => C('CONTESTID'), 'code' => substr(md5(genRandStr()), 0, 12), 'count' => I('count'), 'remain' => I('count'), 'name' => I('name'), 'submissions' => '', 'discount' => 0))->add();
$this->redirect('Admin/invitation');
}
<?php
require_once "functions.php";
$email = $_POST['email'];
$subj = "feelit: New Password";
$str = genRandStr(8);
$body = "Your new password is below. You may change your password after you log in.\n\t\t\t \n\t\t\t Password: " . $str;
if (is_email_in_use($email)) {
if (change_password($email, $str) && mail($email, $subj, $body)) {
return 1;
} else {
return 0;
}
} else {
echo 0;
}
