public function createAccount($email, $password) { // To protect MySQL injection (more detail about MySQL injection) $dbconn = $this->setupConnection(); $mypassword = stripslashes($password); $myemail = stripslashes($email); $mypassword = mysqli_real_escape_string($dbconn, $mypassword); $myemail = mysqli_real_escape_string($dbconn, $myemail); $sql = "SELECT * FROM accountinfo WHERE emailAddress='{$myemail}'"; $emlTest = $this->executeSqlQuery($sql, $dbconn); $emlTest = $emlTest->num_rows; if ($emlTest > 0) { $result["dataError"] = "email in use"; return $result; } // create random confirmation key for new user: Email Verification $key = $myemail . date('mY'); $key = md5($key); error_log($key); $sql = "INSERT INTO confirm (confirm_key, emailAddress) VALUES ('{$key}', '{$myemail}')"; $confirm = $this->executeSqlQuery($sql, $dbconn); // send email $email = new emailControllerClass(); $response = $email->sendEmail($myemail, "Your confirmation link is: http://127.0.0.1:8080/?id={$key}"); error_log($response); if ($response) { $sql = "INSERT INTO accountinfo (password, emailAddress, credit) VALUES ('{$mypassword}','{$myemail}','1000')"; $result = $this->executeSqlQuery($sql, $dbconn); error_log("if"); } else { error_log("else"); $result['error'] = "Could not send email for verification!!"; } //$customer = new customerControllerClass(); //$result['customer'] = $customer->createCustomer($myemail); return $result; }
} echo json_encode($result); ob_end_flush(); return ""; } if (isset($_GET['cookieMode']) && $_GET['cookieMode'] == "true") { if (!isset($_COOKIE['email'])) { $result["cookie"] = "noCookie"; } else { $result["cookie"] = json_decode($_COOKIE['email'], true); } echo json_encode($result); return ""; } if (isset($_POST['emailMode']) && $_POST['emailMode'] == "true") { $email = new emailControllerClass(); $output = $email->sendEmail($_POST['email'], $_POST['message']); echo json_encode($output); return ""; } if (isset($_POST['createMode']) && $_POST['createMode'] == "true") { $create = new userControllerClass(); $result = $create->createAccount($_POST['email'], $_POST['password']); if (isset($result["dataError"])) { echo json_encode($result); return ""; } if ($result == 1) { $result["success"] = true; error_log("Account created succesfully."); } elseif ($result == 0) {