function vInsertIntoOwnerLoginTable($SafeFirstName, $SafeLastName, $SafeEmail, $SafePWD)
{
global $mysqli;
$UserID = $SafeFirstName . $SafeLastName;
$iOwnerExists = iCheckIfOwnerEmailExists($SafeEmail);
#if this is the first claim.
if ($iOwnerExists == 0) {
#Obtain a cryption and save it in the DB.
$salt = salt();
#Hash a string that is comprised of password and a salt.
#Save it as a password. This will create a second level of security.
$hash = getHash($SafePWD, $salt);
# The folloing is for email activation of validation.
$email_code = md5($SafeEmail + microtime());
if (DEBUG) {
echo "salt =" . $salt . "<br>";
echo "SafePWD =" . $SafePWD . "<br>";
echo "hash =" . $hash . "<br>";
}
#user_id is also email address.
$mysqli->autocommit(FALSE);
$InsertCommand = "INSERT INTO \r\n login_table ( id, user_id, salt, password, email_address, email_code, type )\r\n\t\t\t\t values ( NULL, '" . $SafeEmail . "', '" . $salt . "', '" . $hash . "', '" . $SafeEmail . "', '" . $email_code . "', 'O' )";
$add_post_res = $mysqli->query($InsertCommand);
# or die($mysqli->error);
if (!$mysqli->commit()) {
$mysqli->rollback();
}
SendActivateEmailNotice($SafeEmail, $email_code);
echo "Please activate your email to complete the registration. Please respond to your email. Thanks.";
} else {
/*popup( "You have already registere!", OWNER_LOGIN_PAGE ); */
echo "You have already registered!";
}
}
// All the echo statements will be displayed on the element designated by AJAX.
//
$q = $_REQUEST["q"];
$InputArray = explode("|", $q);
$owner_email = $InputArray[0];
$owner_password = $InputArray[1];
$token = $InputArray[2];
if (DEBUG) {
echo "Hello from owner_login.php <br>";
var_dump($InputArray);
echo "TOKEN: {$token}<br>";
echo "_SESSION['owner_login_token'] = " . $_SESSION['owner_login_token'] . "<br>";
}
//$SafeEmail = mysqli_real_escape_string( $mysqli, $owner_email);
$SafePWD = mysqli_real_escape_string($mysqli, $owner_password);
$iOwnerExists = iCheckIfOwnerEmailExists($SafeEmail, $SafePWD, $ID, $Email_status, $email_code, $Password_status);
#if the owner exists.
if (Token::check("OWNER_LOGIN_FORM", $token)) {
if ($iOwnerExists == 1) {
if (DEBUG) {
echo "TOKEN matches<br>";
}
//If email is already activated.
if ($Email_status == 1) {
$_SESSION['user'] = '******';
$_SESSION['id'] = $ID;
//If owner wants to reset the password.
if ($Password_status == 1) {
// header() function didn't work. header() function displayed a nested website .
// This function worked. I think it has to do with angularJS.
echo '<META HTTP-EQUIV="Refresh" Content="0;URL=owner_reset_password_front_end.php">';
} else {
$Email_Exists = 0;
}
$objGetResult->free_result();
}
return $Email_Exists;
}
/*****************************************************************************/
/* SCRIPT BEGINS HERE */
/*****************************************************************************/
$q = $_REQUEST["q"];
$InputArray = explode("|", $q);
$owner_email = $InputArray[0];
$token = $InputArray[1];
$SafeEmail = mysqli_real_escape_string($mysqli, $owner_email);
$iOwnerExists = iCheckIfOwnerEmailExists($SafeEmail);
if (Token::check("OWNER_RECOVER_PW_FORM", $token)) {
if ($iOwnerExists == 1) {
// This assignment is used at owner_reset_password.php.
$_SESSION['email'] = $SafeEmail;
// Generates a temporary password.
$Temp_PW = substr(md5(rand(999, 999999)), 0, 8);
//Send temporary password via email.
SendTemporaryPWNotice($SafeEmail, $Temp_PW);
//Obtain a encryption and save it in the DB.
$salt = salt();
#Hash a string that is comprised of password and salt and save it as a password.
#This will create a second level of security.
$hash = getHash($Temp_PW, $salt);
// Update password_recover flag to 1. This tells that the user is going thru password recover phase.
$mysqli->autocommit(FALSE);