include_once $curdir . "/../api.lib/api.helpers.php"; include_once $curdir . "/../api.lib/api.security.php"; include_once $curdir . "/../api.lib/api.user.php"; include_once $curdir . "/../../config/config.php"; $result = array('result' => 'fail', 'data' => array()); $token = ''; if (!APIHelpers::issetParam('email')) { APIHelpers::showerror(1001, 'Parameter email was not found'); } if (!APIHelpers::issetParam('password')) { APIHelpers::showerror(1316, 'Parameter password was not found'); } $email = APIHelpers::getParam('email', ''); $password = APIHelpers::getParam('password', ''); $conn = APIHelpers::createConnection($config); $hash_password2 = APISecurity::generatePassword2($email, $password); if (APISecurity::login($conn, $email, $hash_password2)) { $result['result'] = 'ok'; APIHelpers::$TOKEN = APIHelpers::gen_guid(); $result['data']['token'] = APIHelpers::$TOKEN; $result['data']['session'] = APIHelpers::$FHQSESSION; } else { APIHelpers::showerror(1002, 'email or/and password was not found in system '); } if ($result['result'] == 'ok') { APISecurity::insertLastIp($conn, APIHelpers::getParam('client', 'none')); APIUser::loadUserProfile($conn); // APIUser::loadUserScore($conn); APISecurity::saveByToken(); } echo json_encode($result);
APIHelpers::showerror(1012, '[Registration] Captcha is not correct, please "Refresh captcha" and try again'); } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { APIHelpers::showerror(1011, '[Registration] Invalid e-mail address.'); } $conn = APIHelpers::createConnection($config); $stmt = $conn->prepare('select count(*) as cnt from users where email = ?'); $stmt->execute(array($email)); if ($row = $stmt->fetch()) { if (intval($row['cnt']) >= 1) { APIHelpers::showerror(1192, '[Registration] This e-mail was already registered.'); } } $nick = "hacker-" . substr(md5(rand() . rand()), 0, 7); $email = strtolower($email); $uuid = APIHelpers::gen_guid(); $password = substr(md5(rand() . rand()), 0, 8); $password_hash = APISecurity::generatePassword2($email, $password); // same code exists in api/users/insert.php $stmt_insert = $conn->prepare(' INSERT INTO users( uuid, pass, status, email, nick, role, logo, dt_last_login, dt_create )
if (!APIHelpers::issetParam('email')) { APIHelpers::showerror(1031, 'Not found parameter email'); } if (!APIHelpers::issetParam('role')) { APIHelpers::showerror(1032, 'Not found parameter role'); } if (!APIHelpers::issetParam('nick')) { APIHelpers::showerror(1033, 'Not found parameter nick'); } if (!APIHelpers::issetParam('password')) { APIHelpers::showerror(1034, 'Not found parameter password'); } if (!APIHelpers::issetParam('status')) { APIHelpers::showerror(1035, 'Not found parameter status'); } $uuid = APIHelpers::getParam('uuid', APIHelpers::gen_guid()); $logo = APIHelpers::getParam('logo', 'files/users/0.png'); $email = APIHelpers::getParam('email', '1'); $role = APIHelpers::getParam('role', 'user'); $nick = APIHelpers::getParam('nick', '1'); $password = APIHelpers::getParam('password', '1'); $status = APIHelpers::getParam('status', 'activated'); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { APIHelpers::showerror(1036, 'Invalid e-mail address.'); } $stmt = $conn->prepare('select count(*) as cnt from users where email = ?'); $stmt->execute(array($email)); if ($row = $stmt->fetch()) { if (intval($row['cnt']) >= 1) { APIHelpers::showerror(1037, 'This e-mail was already registered.'); }