function register_user() { $username = $_POST["username"]; $email = $_POST["email"]; $password = $_POST["password"]; $captcha = trim($_POST["captcha"]); //if not valid captcha() include_once "/var/www/includes/captch_code.php"; if (check_code($captcha)) { //sanitize input fields; $cr = new crypto(); $password_hash = $cr->one_way_crypt($password); //add new user to database $u = new user(); try { if ($u->create_user($username, $password_hash, $email)) { $uid = $u->get_user_id($email); $token = base64_encode($cr->encrypt($uid)); //send activation email $link = "http://punbt090pc/activate.php?u=" . urlencode($token); include_once "/var/www/includes/email.php"; send_activation_email($email, $link); set_registration_error("An activation email has been sent to your inbox (Please check your junkbox in case you have not received it)."); } else { //send back to registration page header("Location: /register.php"); } } catch (Exception $e) { set_registration_error("UserName Or Email is already registered"); } } else { set_registration_error("Invalid Captcha"); } }
<?php include "/var/www/includes/crypt.php"; $c = new crypto(); $a = 'abc123'; echo $a; echo "<BR/>"; echo $c->one_way_crypt($a); echo "<BR/>"; $u = $_GET['u']; $token = urldecode($u); echo $token; echo "<BR/>"; $t = base64_decode($token); echo $t; echo "<BR/>"; echo $c->decrypt($t);
if (isset($_POST['chpwd_submitted'])) { $old_pwd = $_POST['old_password']; $new_pwd = $_POST['new_password']; $con_pwd = $_POST['confirm_password']; if ($old_pwd === "" || $new_pwd === '' || $con_pwd === '') { $msg = "None of the field should be empty"; } else { if ($new_pwd != $con_pwd) { $msg = "New and confirm password are mismatch"; } elseif (isset($_COOKIE['app_session_id']) && $_COOKIE['app_session_id'] != '') { try { include_once "/var/www/includes/user.php"; include_once "/var/www/includes/session.php"; include_once "/var/www/includes/crypt.php"; $cr = new crypto(); $password = $cr->one_way_crypt($new_pwd); $old_pwd = $cr->one_way_crypt($old_pwd); $cookie_token = $_COOKIE['app_session_id']; $s = new user_session(); if ($s->decode_session($cookie_token)) { $u = new user(); if (!$u->update_password($s->get_uid(), $old_pwd, $password)) { throw new Exception("Password Mismacth: Try Again"); } $msg = "Password Updated Successfully"; } else { $msg = "Session Expired"; } } catch (Exception $e) { $msg = $e->getMesage(); }
$token = $_POST['token']; $new_pwd = trim($_POST['new_password']); $con_pwd = trim($_POST['con_password']); if ($new_pwd == "" || $con_pwd == "") { $msg = "No blank fields allowed"; } elseif ($new_pwd != $con_pwd) { $msg = "Password Mismatch"; } else { include_once "/var/www/includes/user.php"; include_once "/var/www/includes/crypt.php"; $cr = new crypto(); $u = new user(); $uid = urldecode($cr->decrypt(base64_decode($token))); $uid = intval($uid); if ($uid != 0) { if ($u->update_password($uid, NULL, $cr->one_way_crypt($new_pwd))) { $msg = "Password changed successfully"; $success = true; } else { $msg = "Error while changing password"; } } else { $msg = "Something goes wrong while resetting password. Contact Team"; } } } ?> <div class="content"> <h1>Reset Password</h1> <?php