コード例 #1
0
			//Check to see if this is the correct token
			$sql = "SELECT email_token FROM users WHERE user_id = '$user_id' AND type != 1";
			$result = $mysqli->query($sql)
			or die ($mysqli->error);

			if ($result->num_rows == 1) {
				$token_hashed = mysqli_fetch_row($result)[0];
				if (password_verify($token, $token_hashed)) {
					//Officiate the user
					$sql = "UPDATE `users` SET type = 1 WHERE user_id ='$user_id'";
					$result = $mysqli->query($sql)
					or die ($mysqli->error);

					//Create a real token and handshake with user
					$token = User::generate_token();
					$hashed_token = Database::sanitize(password_hash($token, PASSWORD_BCRYPT));

					//Send the hashed token to the server
					$sql = "UPDATE `users` SET token = '$hashed_token'";
					$result = $mysqli->query($sql)
					or die ($mysqli->error);

					//Pass to cookies
					$_SESSION['user_id'] = $user_id;
					setcookie('user_id', $user_id, time() + 3600, "/");
					setcookie('token', $token, time() + 3600, "/");
					$_COOKIE['user_id'] = $user_id;
					$_COOKIE['token'] = $token;
					echo 'Account verified';
				}
コード例 #2
0
$data = json_decode($request);
$user = User::get_current_user();
$username = $data->username;
$password = $data->password;
$email = $data->email;
$confirm_password = $data->confirm_password;
/*$email = '*****@*****.**';
$username = '******';
$password = '******';
$confirm_password = '******';*/
$user = User::get_current_user();
try {
	if ($user instanceof User) {
		if (!$user->is_confirmed()) {
			//the user is not confirmed and is requesting confirmation, approve the request
			$email_token = User::generate_token();
			$hashed_email_token = password_hash($token, PASSWORD_BCRYPT);

			//Mail the user the email
			$subject = 'Verify UofT Baddy account';
			$message = "
			<html>
				<body>
					<p>
					Click <a href=\"http://uoftbaddy.ca/register-callback.php?id=$user_id&token=$token\">here</a> to verify your account
					</p>
				</body>
			</html>";
			$headers = "Content-Type: text/html; charset=ISO-8859-1\r\n";
			mail($email, $subject, $message, $headers);
			http_response_code(200);