/** * Register a user */ public function register($username, $password, $password2, $emailAddress) { $database = new \Database(); // Test if logged in if (isset($_SESSION['userID']) and $database->doesUserExist($_SESSION['userID'])) { $this->registerMessage = ' <div class="alert alert-danger"><strong>You are already logged in.</strong></div>'; return false; } // Test if username already exists if ($database->doesUserNameExist($username)) { $this->registerMessage = '<div class="alert alert-danger"><strong>Username already exists, please choose a different one.</strong></div>'; return false; } // Test if username is too short if (strlen($username) <= 3) { $this->registerMessage = '<div class="alert alert-danger"><strong>Your username must be longer than 3 characters.</strong></div>'; return false; } // Test if passwords are the same if ($password != $password2) { $this->registerMessage = '<div class="alert alert-danger"><strong>Passwords do not match.</strong></div>'; return false; } // Test if password is too short if (strlen($password) <= 3) { $this->registerMessage = '<div class="alert alert-danger"><strong>Your password must be longer than 3 characters.</strong></div>'; return false; } // Test if email address is valid if (!filter_var($emailAddress, FILTER_VALIDATE_EMAIL)) { $this->registerMessage = '<div class="alert alert-danger"><strong>Your emailaddress is invalid.</strong></div>'; return false; } $salt = $this->generateSalt(); $hashedPassword = hashPassword($password, $salt); $id = $database->registerUser($username, $salt, $hashedPassword, $emailAddress); $this->registerMessage = '<div class="alert alert-success">Congratulations, account was successfully created.</strong></div>'; return true; }
require 'include/database.php'; // Set content type for JSON callback header("Content-type:application/json"); if (isset($_POST['username']) && isset($_POST['password'])) { $cfg = (require 'config.php'); $db = new Database($cfg['db_ip'], $cfg['db_database'], $cfg['db_username'], $cfg['db_password']); $db->connect(); // Allow null emails? $email = isset($_POST['email']) ? $_POST['email'] : null; // Check if username is valid if (!preg_match('/\\A[a-z_\\-\\[\\]\\^{}|`][a-z0-9_\\-\\[\\]\\^{}|`]{2,15}\\z/i', $_POST['username'])) { echo json_encode(['success' => false, 'message' => 'invalid_format']); return; } // Check if username already exists $userinfo = $db->getUserInfo($_POST['username']); if ($userinfo) { echo json_encode(['success' => false, 'message' => 'user_exists']); } else { if ($db->registerUser($_POST['username'], password_hash($_POST['password'], PASSWORD_BCRYPT), $email)) { echo json_encode(['success' => true]); } else { echo json_encode(['success' => false, 'message' => 'unknown_error']); } } } else { echo json_encode(['success' => false, 'message' => 'no_input']); } ?>
function handleSubmit() { $host = '127.0.0.1'; $port = '3306'; $database = ''; $username = ''; $password = ''; if (isset($_POST['host'])) { $hostPost = trim($_POST['host']); if ($hostPost != '') { $host = $hostPost; } } if (isset($_POST['port'])) { $portPost = trim($_POST['port']); if ($portPost != '') { $port = $portPost; } } if (!isset($_POST['database'])) { throw new Exception('Database not given'); } else { if ($_POST['database'] == '') { throw new Exception('Invalid database name'); } $database = trim($_POST['database']); } if (isset($_POST['username'])) { $username = trim($_POST['username']); } if (isset($_POST['password'])) { $password = trim($_POST['password']); } if (!isset($_POST['adminUsername'])) { throw new Exception('No admin username given'); } if (!isset($_POST['adminEmail'])) { throw new Exception('No admin email address given'); } if (!isset($_POST['adminPassword'])) { throw new Exception('No admin password given'); } buildDatabase($host, (int) $port, $database, $username, $password); // Write config to directory $fh = fopen('../core/config.php', 'w'); if ($fh === false) { throw new Exception('Database was created but could not create config file'); } fwrite($fh, "<?php\n"); global $config; foreach ($config as $key => $value) { fwrite($fh, "DEFINE('{$key}', {$value});\n"); } fwrite($fh, "DEFINE('DB_HOST', '{$host}');\n"); fwrite($fh, "DEFINE('DB_PORT', {$port});\n"); fwrite($fh, "DEFINE('DB_USER', '{$username}');\n"); fwrite($fh, "DEFINE('DB_PASS', '{$password}');\n"); fwrite($fh, "DEFINE('DB_NAME', '{$database}');\n"); fwrite($fh, '?>'); fclose($fh); require_once dirname(__FILE__) . '../../core/database.php'; $database = new Database(); $salt = uniqid(rand(0, 1000000)); $hashedPassword = hash('sha256', $_POST['adminPassword'] . $salt); $id = $database->registerUser($_POST['adminUsername'], $salt, $hashedPassword, $_POST['adminEmail']); $database->makeAdmin($id); }
<br> <?php $feedback = ""; $showForm = true; $username = ""; $email = ""; $password = ""; $password_confirm = ""; if (isset($_POST["username"]) && isset($_POST["email"]) && isset($_POST["password"]) && isset($_POST["password_confirm"])) { $username = $_POST["username"]; $email = $_POST["email"]; $password = $_POST["password"]; $password_confirm = $_POST["password_confirm"]; $database = new Database(); $isSuccessful = $database->registerUser($username, $email, $password, $password_confirm, $feedback); if ($isSuccessful) { $showForm = false; $feedback = "<b style='color : green'>" . $feedback . "</b>"; } else { $showForm = true; $feedback = "<b style='color : red'>" . $feedback . "</b>"; } } ?> <div class="container text-center"> <p><?php echo $feedback; ?> </p>