/** * createAdmin function is used to create Admin user id for MIS system. * * @return 0,1 * @param str $name, str $username, str $password, str $privilege, int $mobile * @author Harsh Vardhan Ladha */ public function createAdmin($name, $username, $password, $mobile) { if (1) { $this->_connect(); $name = $this->_db->real_escape_string(escape($name)); $username = $this->_db->real_escape_string(escape($username)); $mobile = $this->_db->real_escape_string(escape($mobile)); $password = $this->_db->real_escape_string($password); $salt = Hash::salt(24); $hash = Hash::make($password, $salt); $query = "INSERT INTO admin (name,username,password,salt,privilege,mobile) VALUES ('" . $name . "','" . $username . "','" . $hash . "','" . $salt . "','admin','" . $mobile . "')"; $result = $this->_db->query($query); if ($this->_db->affected_rows) { if ($this->_db->error == '') { return 1; } else { die($this->_db->error); } } else { return 0; } } else { return 0; } }
public static function Create($Company = 1, $State = 1, $CustomRef = false) { $referenceKey = $CustomRef != false ? $CustomRef : \Hash::salt(6); if (count(\DB::getInstance()->table("keys")->where("key", $referenceKey)) == 0) { $key = \DB::getInstance()->table("keys")->insert(array("key" => $referenceKey, "companyID" => $Company, "state" => $State, "timeSent" => \Time::get())); return $referenceKey; } return -1; }
public function process() { $user = new Users(); $salt = Hash::salt(32); //generate some tandom salt try { $user->create(array('userid' => Input::get('res-id'), 'password' => Hash::make(Input::get('res-pass'), $salt), 'salt' => $salt, 'joined' => date('Y-m-d H:i:s'))); return 1; } catch (Exception $e) { return 0; } }
public function recovery($type, $email) { $type != 'username' ? $typeMessage = 'password' : ($typeMessage = 'username'); if ($typeMessage == 'password') { $salt = Hash::salt(32); $hash = Hash::unique(); $password = substr($hash, 1, 8); $password_db = Hash::make($password, $salt); Mail::email($email, 'Hello' . $this->data()->username . '!', '<br> Here is your forgotten ' . $typeMessage . ': ' . $password); $this->update(array('password' => $password_db, 'salt' => $salt, 'password_recover' => 1), $this->data()->id); } else { if ($typeMessage == 'username') { Mail::email($email, 'Hello' . Input::get('username') . '!', '<br> Here is your forgotten ' . $typeMessage . ': ' . $this->data()->username); } } }
public function validateInput($Input = array()) { $validater = new \Validation(); if (\Token::check($Input["token"])) { $valid = $validater->Validate($_POST, array('Username' => array('required' => true, 'min' => 3, 'max' => 35, 'unique' => 'Users'), 'Password' => array('required' => true, 'min' => 5, 'differs' => 'Username'), 'Password2' => array('required' => true, 'matches' => 'Password'))); if ($valid === true) { //Register the User $salt = \Hash::salt(); $hashed = \Hash::make($Input["Password"], $salt); $this->User = new \User(); try { $newUser = $this->User->Create(array('Username' => escape($Input["Username"]), 'Password' => $hashed, 'Salt' => $salt)); $this->Registered = $newUser; } catch (\Exception $e) { $this->Errors = array($e->getMessage()); } } else { $this->Errors = $valid; } } }
public function index() { $user1 = new User(); if ($user1->isLoggedIn()) { //would you like to register a new user } else { if (Input::exists()) { if (Token::check(Input::get('token'))) { $validate = new Validation(); $validate->check($_POST, array('username' => array('min' => 2, 'max' => 20, 'required' => true, 'unique' => true), 'name' => array('min' => 2, 'max' => 50, 'required' => true), 'sirname' => array('min' => 2, 'max' => 50, 'required' => true), 'email' => array('min' => 5, 'max' => 64, 'email' => true, 'required' => true, 'unique' => true), 'date_of_birth' => array('min' => 6, 'max' => 10, 'date' => true, 'required' => true), 'password' => array('min' => 6, 'required' => true), 'password_again' => array('min' => 6, 'matches' => 'password', 'required' => true))); if ($validate->passed()) { $user = new User(); $salt = Hash::salt(32); $date_of_birth = new Date(Input::get('date_of_birth')); try { $user->create(array('username' => Input::get('username'), 'name' => Input::get('name'), 'sirname' => Input::get('sirname'), 'email' => Input::get('email'), 'dateofbirth' => $date_of_birth->format('Y-m-d H:i:s'), 'password' => Hash::make(Input::get('password'), $salt), 'salt' => $salt, 'joined' => date('Y-m-d H:i:s'), 'group' => 1)); Session::flash('success', 'You have been registered'); Redirect::to('home'); } catch (Exception $e) { die($e->getMessage()); } } else { $error_string = ''; //there were errors //Create a file that prints errors foreach ($validate->errors() as $error) { $error_string .= $error . '<br>'; } $this->view('register/failed', ['loggedIn' => 0, 'page_name' => 'Login Failed', 'errors' => $error_string]); } } } else { //display form page $this->view('register/register', ['register' => true, 'page_name' => 'Register', 'loggedIn' => 0]); } } }
if ($type == 'log') { $info = array('passed' => false, 'content' => ''); $validation = $validate->check($_POST, array('email' => array('required' => true), 'password' => array('required' => true))); if ($validation->passed()) { if ($validation->login_correct()) { $info['passed'] = true; //$info ['content']=Alert::correct_signup(); } else { $info['content'] = Alert::return_error_div($validation->returnErrors()); } } else { $info['content'] = Alert::return_error_div($validation->returnErrors()); } echo $info['content']; // echo php_encode($info); } else { if ($type == 'sign') { $validation = $validate->check($_POST, array('first_name' => array('required' => true), 'last_name' => array('required' => true), 'email' => array('required' => true, 'unique' => 'email', 'format' => 'email'), 'password' => array('required' => true, 'min' => 6))); //connect to database if there are no errors if ($validation->passed()) { $instance = DB::getInstance(); $salt = Hash::salt(10); $hashed_password = Hash::make($_POST['password'], $salt); $instance->query('INSERT INTO user (email , password , salt , first_name , last_name ) VALUES (? , ? , ? , ? , ? )', array($_POST['email'], $hashed_password, $salt, $_POST['first_name'], $_POST['last_name'])); Alert::correct('You have successfully entered the data. Please check your e-mail to complete the sign-up.'); //send email functionality will come here } else { Alert::return_error_div($validation->returnErrors()); } } }
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { header("Location:" . RESOURCE_PATH_DIY . "login?error=Invalid email."); } $_POST['contact_no'] = $_POST['country_code'] . $_POST['contact_no']; unset($_POST['country_code']); $_POST['dob'] = date("Y-m-d H:i:s", strtotime($_POST['dob'])); $client = new Client(); try { $data = $client->register($_POST); } catch (Exception $e) { /*return with exception */ header("Location:" . RESOURCE_PATH_DIY . "login?error=" . $e->getMessage()); exit; } $_SESSION['client'] = $data; $access_token = Hash::get($_SESSION['client']['client_id'], Hash::salt(10) . time()); Logger::logPlobizUser($data['client_id'], $access_token, 'N/A', uniqid(), 'WEB', 1); $_SESSION['client']['access_token'] = $access_token; /*generate verification link * 26-03-15 :: time() added to make unique everytime * */ $verify = Hash::get($data['email'], 'verify_email' . time()); $crud = CRUD::getInstance(); $crud->insert("client_reset_tokens", array('client_id' => $data['client_id'], 'type' => 'email', 'hash' => $verify)); $mail = new Mail(); $vlink = RESOURCE_PATH . "handlers/verify-client.php?verify=" . $verify; /*email verification link */ $mail->emailVerificationMail(array(array('name' => $data['name'], 'email' => $data['email'])), $vlink); // 03-07-15 : redirect to pending redirectto url $redirectto = isset($_SESSION['redirectto']) && $_SESSION['redirectto'] != '' ? $_SESSION['redirectto'] : RESOURCE_PATH_DIY . "dashboard"; $_SESSION['redirectto'] = '';
*/ require_once 'core/init.php'; $user = new User(); if (!$user->isLoggedIn()) { Redirect::to('index.php'); } if (Input::exists()) { if (Token::check(Input::get('token'))) { $validate = new Validate(); $validation = $validate->check($_POST, array('current_password' => array('required' => true, 'min' => 6), 'new_password' => array('required' => true, 'min' => 6), 'new_password_again' => array('required' => true, 'min' => 6, 'matches' => 'new_password'))); if ($validate->passed()) { if (Hash::make(Input::get('current_password'), $user->data()->salt) !== $user->data()->password) { Session::flash('error', 'Your current password is incorrect.'); Redirect::to('changepassword.php'); } else { $salt = Hash::salt(32); $user->update(array('password' => Hash::make(Input::get('new_password'), $salt), 'salt' => $salt)); Session::flash('success', 'Your password has been changed!'); Redirect::to('index.php'); } } else { foreach ($validate->errors() as $error) { echo $error, '<br>'; } } } } ?> <!DOCTYPE html> <html>
<?php require_once 'core/init.php'; error_reporting(E_ALL & ~E_NOTICE); if (Input::exists() && Input::get('submit') === "register") { if (Token::check(Input::get('token'))) { $val = new Validation(); $directives = array("username" => array("rules" => "required|max_length-20|min_length-5|unique-users.username", "placeholder" => "Username"), "name" => array("rules" => "required|max_length-15|min_length-5", "placeholder" => "Your name"), "password" => array("rules" => "required|max_length-20|min_length-5", "placeholder" => "Password"), "password_2" => array("rules" => "required|match-password", "placeholder" => "Repeating password", "custom_msg" => "Password don't match in two fields")); if ($val->validate($_POST, $directives)) { $user = new User(); $salt = Hash::salt('32'); try { $user->create(array('username' => Input::get('username'), 'password' => Hash::make(Input::get('password'), $salt), 'salt' => $salt, 'name' => Input::get('name'), 'joined' => date('Y-m-d H:i:s'), 'user_group' => 1)); Session::flash('success', 'you have registered successfully!'); Redirect::to('index.php'); } catch (Exception $e) { die($e->getMessage()); } } else { echo $val->errors_html; } } else { echo "cross site request forgery failed"; } } ?> <!DOCTYPE html> <html> <head> <title>Register</title> </head>
<?php require_once 'core/init.php'; $offset = 0; $name = ""; $surname = ""; $phone = ""; $mail = ""; $password = ""; $passwordAgain = ""; if (Input::exists()) { $salt = Hash::salt(20); if (!empty(Input::get('name'))) { $name = Input::get('name'); } if (!empty(Input::get('surname'))) { $surname = Input::get('surname'); } if (!empty(Input::get('mail'))) { $mail = Input::get('mail'); } if (!empty(Input::get('password'))) { $password = Input::get('password'); } if (!empty(Input::get('password_again'))) { $passwordAgain = Input::get('password_again'); } if (!empty(Input::get('phone'))) { $phone = Input::get('phone'); } $remember = Input::get('remember') === 'on' ? true : false;
<?php require_once 'core/init.php'; if (Input::exists()) { if (Token::check(Input::get('token'))) { $validate = new Validate(); $validation = $validate->check($_POST, array('username' => array('required' => TRUE, 'min' => 2, 'max' => 20, 'unique' => 'users'), 'password' => array('required' => TRUE, 'min' => 6), 'password_again' => array('required' => TRUE, 'matches' => 'password'), 'name' => array('required' => TRUE, 'min' => 2, 'max' => 50))); if ($validation->passed()) { //Register User $user = new User(); $salt = Hash::salt(30); try { $user->create(array('username' => Input::get('username'), 'password' => Hash::make(Input::get('password'), $salt), 'salt' => $salt, 'name' => Input::get('name'), 'joined' => date('Y-m-d H:i:s'), 'group' => 1)); Session::flash('home', 'You have been registered and can now log in.'); Redirect::to(404); } catch (Exception $exc) { // catch exception die($exc->getMessage()); } } else { // Output Errors foreach ($validation->errors() as $error) { echo $error . "<br/>"; } } } } ?> <form action="" method="POST" autocomplete="off"> <div class="field">
public function change_password() { $user = new User(); if (!$user->isLoggedIn()) { Redirect::to('home'); } if (Input::exists()) { if (Token::check(Input::get('token'))) { $validate = new Validation(); $validation = $validate->check($_POST, array('password_current' => array('required' => true, 'min' => 6), 'password_new' => array('required' => true, 'min' => 6), 'password_new_again' => array('required' => true, 'min' => 6, 'matches' => 'password_new'))); if ($validation->passed()) { if (Hash::make(Input::get('password_current'), $user->data()->salt) !== $user->data()->password) { //view page error for incorrect password } else { $salt = Hash::salt(32); $user->update(array('password' => Hash::make(Input::get('password_new'), $salt), 'salt' => $salt)); Session::flash('account', 'Your password has been changed'); Redirect::to('account'); } } else { $error_string = ''; foreach ($validation->errors() as $error) { $error_string .= $error . '<br>'; } $this->view('account/change_password', ['register' => true, 'loggedIn' => 1, ['errors' => $error_string], 'name' => $user->data()->name, 'page_name' => 'Change user password', 'flash' => Session::flash('account')]); } } } else { $this->view('account/change_password', ['register' => true, 'loggedIn' => 1, 'name' => $user->data()->name, 'page_name' => 'Change user password', 'flash' => Session::flash('account')]); } }
public function Change_Password($password) { $user_id = $this->data()->ID; $salt = Hash::salt(32); if (!$this->_db->update('users', $user_id, array('Password' => Hash::make($password, $salt), 'salt' => $salt), 'ID')) { throw new Exception("Couldn't update password"); } return true; }
<?php require_once 'core/init.php'; $user = new User(); if (!$user->isLoggedIn()) { Session::flash('home', "danger # Неоторизиран достъп, моля влезте в системата."); Redirect::to('login.php'); } if (Input::exists()) { if (Token::check(Input::get('token'))) { $length = strlen(escape(Input::get('password_new'))); if ($length >= 6) { if (Input::get('password_new') === Input::get('password_new_again')) { if (Hash::make(Input::get('password_current'), $user->data()->salt) !== $user->data()->password) { Session::flash('home', 'danger # Въвели сте грешна текуща парола.'); } else { $salt = Hash::salt(Input::get('password_new')); $user->update(array('password' => Hash::make(Input::get('password_new'), $salt), 'salt' => $salt)); Session::flash('home', 'success # Успешно променихте данните си.'); Redirect::to('profile.php'); } } else { Session::flash('home', 'danger # Новата парола и нейното повторение не съвпадат.'); } } else { Session::flash('home', 'danger # Новата парола трябва да е с дължина поне 6 символа.'); } } } ?> <div class="container"> <div class="page-header">
$response['status'] = 0; $response['message'] = "No record found for this email."; } print_r(json_encode($response)); } // VISHWAS : 4 Dec 2015 :: Commenting following line as this file is already included at top. //require_once '../core/config.php'; if (isset($_POST['reset']) && $_POST['reset'] != "") { $crud = CRUD::getInstance(); $find = $crud->select("client_reset_tokens", "client_id", "where hash='{$_POST['reset']}'"); if ($find) { $client_id = $crud->getFirst()['client_id']; $client = new Client(); $data = $client->get($client_id); if (Hash::get($data['email'], 'reset_password') == $_POST['reset']) { $salt = Hash::salt(6); $password = Hash::get($_POST['new_password'], $salt); $update = $client->edit(array('password' => $password, 'salt' => $salt), $client_id); //var_dump($update); Vishwas : 4 Dec 2015 : Removing previous code. if ($update) { $crud->delete("client_reset_tokens", "where hash='{$_POST['reset']}'"); // Vishwas : 4 Dec 2015 :: Commenting following code as Shrikant have added different code for it. // echo 'Your password has been reset.<br/><a href="' . RESOURCE_PATH_DIY . 'login">Go To Login Page</a>'; // @shrikant:Correct reset password thank you page design echo '<div class="container"><header style="background-color:#fff; height:70px;width:100%;"><img src="http://plobalapps.com/images/plobal_apps_logo.png" height="35" style="margin:10px;"></header><div class="min-container" style="width:1000px; box-shadow: 0 0 3px -1px rgba(0, 0, 0, 0.42); border-radius: 4px; padding: 59px 0; margin:25px auto; text-align:center; background-color:#f1f1ff1; font-family:arial;"><h3 style="font-size:25px; line-height:40px;margin:0px;">Thank You</h3><p style="font-size:16px;padding:8px 0;">Your password has been reset.</p><a style="background-color:#2075f2;border-radius: 4px;color: #fff;padding: 10px 15px;text-decoration: none;" href="' . RESOURCE_PATH_DIY . 'login">Go To Login Page</a></div></div>'; } //VISHWAS : 4 Dec 2015 :: Added missing '}'. This was causing fatal error and resulting into Failure in sending "Reset Password' Mail. } else { // VISHWAS : 4 Dec 2015 :: Matching style with success message. echo '<div class="container"><header style="background-color:#fff; height:70px;width:100%;"><img src="http://plobalapps.com/images/plobal_apps_logo.png" height="35" style="margin:10px;"></header><div class="min-container" style="width:1000px; box-shadow: 0 0 3px -1px rgba(0, 0, 0, 0.42); border-radius: 4px; padding: 59px 0; margin:25px auto; text-align:center; background-color:#f1f1ff1; font-family:arial;"><p style="font-size:16px;padding:8px 0;">Invalid verification code.</p><a style="background-color:#2075f2;border-radius: 4px;color: #fff;padding: 10px 15px;text-decoration: none;" href="' . RESOURCE_PATH_DIY . 'login">Go To Login Page</a></div></div>'; //echo "Invalid verification code";
public function autoRegisterClient($fields = array()) { if ($fields['email']) { $check = $this->get($fields['email']); if (!$check) { $field['email'] = $fields['email']; $field['name'] = $fields['name']; $field['salt'] = Hash::salt(10); $field['password'] = Hash::get($fields['email'], $fields['salt']); $field['status'] = 'Active'; $field['contact_no'] = $fields['phone']; $field['type'] = 'DS'; $field['is_verified'] = 1; unset($fields); $register = $this->_db->insert("client", $field); $registerid = $this->_db->getInsertId(); if ($register) { $Mail = new Mail(); // 4Nov15 :: Sankalp : Getting user information and password reset link $userinfo = $this->resetClientPassword($field); // 4Nov15 :: Sankalp : Sending password reset link and other user details to autoRegisterMail function of mail class to send a mail $mailSend = $Mail->autoRegisterMail(array(array('name' => $field['name'], 'email' => $field['email'])), $userinfo['rlink']); // 4Nov15 :: Sankalp : Storing user info to client and returing the value $client = $userinfo['info']; if ($client) { unset($client['password']); unset($client['salt']); return $client; } else { throw new Exception("Record Not Found."); } } else { throw new Exception("Unable to create account."); } } } }
/** * Register a dietician and store their details in the database. */ function registerDietician($dataDecoded) { $user = new User(); $salt = Hash::salt(32); $regStatus = array("success" => false); try { //Create the user in the database $user->create(array('nhsnumber' => $dataDecoded['nhsnumber'], 'password' => Hash::make($dataDecoded['password'], $salt), 'salt' => $salt, 'registrationtimestamp' => date('Y-m-d H:i:s'), 'group' => $dataDecoded['group'], 'dateofbirth' => null, 'gender' => null, 'activitylevel' => null)); //Now that a user has been created, log them in. $login = $user->login($dataDecoded['nhsnumber'], $dataDecoded['password'], true); //If an exception is not thrown by this point, then the registration was successful. $regStatus['success'] = true; } catch (Exception $e) { echo $e->getMessage(); } finally { echo json_encode($regStatus); } }