Пример #1
0
$answer = $_POST["answer"];
// check if password matches
if (!password_match($password, $password_confirm)) {
    ?>
        <p>Password doesn't match!</p>
        <?php 
}
if (!check_email_username($email, $username)) {
    ?>
        <p>Email or username already exist!</p>
        <?php 
}
// check if pass all the tests
if (password_match($password, $password_confirm) && check_email_username($email, $username)) {
    print "siginin";
    sign_up($username, $lastname, $email, $password, $gender, $city, $state, $country, $security, $answer);
    // start the session, remember the user name
    session_start();
    $db = new PDO("mysql:dbname=database; host=localhost", "root", "root");
    $email = $db->quote($email);
    $rows = $db->query("SELECT * FROM user WHERE email = {$email}");
    foreach ($rows as $row) {
        $_SESSION["username"] = $row["username"];
    }
    ?>
        <p>Welcome to Foodcart! <?php 
    echo $username;
    ?>
</p>
        <?php 
}
Пример #2
0
<?php

session_start();
include "db.php";
include "templates.php";
echo $index;
echo "<table><tr><th>Войти</th><th>Зарегистрироваться</th></tr><tr><td>" . $sign_in . "</td>";
if (isset($_POST['auth'])) {
    $Login = $_POST['Login'];
    $Password = $_POST['Password'];
    sign_in($Login, $Password, $conn);
}
echo "<td>" . $sign_up . "</td></tr></table>";
if (isset($_POST['reg'])) {
    $FirstName = $_POST['FirstName'];
    $LastName = $_POST['LastName'];
    $Login = $_POST['Login'];
    $Password = $_POST['Password'];
    sign_up($FirstName, $LastName, $Login, $Password, $conn);
}
?>


<?php

session_start();
require_once 'new_connection.php';
//login
if (isset($_POST['action']) && $_POST['action'] == 'login') {
    login($_POST);
    die;
}
//sign up
if (isset($_POST['action']) && $_POST['action'] == 'sign_up') {
    sign_up($_POST);
    die;
}
//post a message
if (isset($_POST['action']) && $_POST['action'] == 'message') {
    message($_POST);
    die;
}
//delete a message
if (isset($_POST['action']) && $_POST['action'] == 'delete') {
    delete($_POST);
    die;
}
//post a comment
if (isset($_POST['action']) && $_POST['action'] == 'comment') {
    comment($_POST);
    die;
}
//logout
if (isset($_POST['action']) && $_POST['action'] == 'logout') {
Пример #4
0
<?php

require 'config.php';
require './src/class.phpmailer.php';
require './src/class.smtp.php';
require './src/security.php';
$action = @$_POST['action'];
if ($action == 'sign_up') {
    sign_up();
}
if ($action == 'get_token') {
    send_token();
}
function sign_up()
{
    $email = validate_email(@$_POST['email']);
    $pass = security_filter(@$_POST['password']);
    $token = security_filter(@$_POST['token']);
    if (email_overlap($email)) {
        echo "email overlap";
        die;
    }
    $count = count($GLOBALS['DB']->query("SELECT * FROM user WHERE email=? and token=?", array($email, $token)));
    if ($count > 0) {
        echo "token auth success";
        $result = $GLOBALS['DB']->query("UPDATE user SET activated='1', enable='1', pass=?, passwd='0000000' WHERE email=? and token=?", array($pass, $email, $token));
    } else {
        echo "token auth fail";
    }
}
function send_token()
Пример #5
0
    
    <body>
        <?php 
if (isset($_POST['submit'])) {
    if (!empty($_POST['name']) && !empty($_POST['username']) && !empty($_POST['password']) && !empty($_POST['email'])) {
        if (strlen($_POST['password']) > 5 && strlen($_POST['password_check']) > 5) {
            $check = restrictUsername($_POST['username']);
            $emailCheck = restrictEmail($_POST['email']);
            if ($check == 0) {
                $i = check_email($_POST['email']);
                $emailCheck = restrictEmail($_POST['email']);
                if ($i == 1) {
                    if ($emailCheck == 0) {
                        if (strcmp($_POST['password'], $_POST['password_check']) == 0) {
                            $dob = isset($_REQUEST["date1"]) ? $_REQUEST["date1"] : "";
                            $p_id = sign_up($_POST['username'], $_POST['name'], $_POST['password'], $_POST['email'], $dob, $_POST['about'], $_POST['sex']);
                            if (isset($_FILES['media'])) {
                                upload_profilepic($_FILES['media'], $p_id);
                            }
                        } else {
                            echo "<script language=\"javascript\" type=\"text/javascript\">";
                            echo "alert('The Passwords not matching! Try again.Thank you')";
                            echo "</script>";
                        }
                    } else {
                        echo "<script language=\"javascript\" type=\"text/javascript\">";
                        echo "alert('Account with this Email already exists')";
                        echo "</script>";
                    }
                } else {
                    echo "<script language=\"javascript\" type=\"text/javascript\">";
Пример #6
0
    unset($_SESSION['name']);
}
//checking if the user logs in
if (!isset($_SESSION['name'])) {
    if (isset($_POST['acuseremail']) && isset($_POST['acpassword']) && $_POST['acuseremail'] != "" && $_POST['acpassword']) {
        $usr_info = sign_in($_POST['acuseremail'], $_POST['acpassword']);
        if ($row = pg_fetch_array($usr_info)) {
            session_regenerate_id();
            //preventing session fixation attack
            $_SESSION['usrid'] = $row['idusuario'];
            $_SESSION['usravatar'] = $row['avatar'];
            //not yet usefull
            $_SESSION['name'] = $row['username'];
        }
    } else {
        if (!isset($_SESSION['name'])) {
            if (isset($_POST['unusername']) && isset($_POST['unuseremail']) && isset($_POST['unpassword']) && $_POST['unusername'] != "" && $_POST['unuseremail'] != "" && $_POST['unuseremail'] != "") {
                sign_up($_POST['unusername'], $_POST['unuseremail'], $_POST['unpassword']);
                $usr_info = sign_in($_POST['unuseremail'], $_POST['unpassword']);
                if ($row = pg_fetch_array($usr_info)) {
                    session_regenerate_id();
                    //preventing session fixation attack
                    $_SESSION['usrid'] = $row['idusuario'];
                    $_SESSION['usravatar'] = $row['avatar'];
                    //not yet usefull
                    $_SESSION['name'] = $row['username'];
                }
            }
        }
    }
}
Пример #7
0
<?php

session_start();
include 'sql_calls.php';
// Set variables from html page
$email_up = $_POST['email_up'];
$password1 = $_POST['password1'];
$hash = password_hash($password1, PASSWORD_DEFAULT);
$first_name = $_POST['first_name'];
$middle_name = $_POST['middle_name'];
$last_name = $_POST['last_name'];
$SSN = $_POST['sign_up_SSN'];
$d_o_b = $_POST['d_o_b'];
$date = date('Y-m-d');
$privilege = 1;
sign_up($email_up, $hash, $first_name, $middle_name, $last_name, $SSN, $d_o_b, $privilege, $date);
sign_in($email_up, $password1);
Пример #8
0
function check()
{
    $script = $_SERVER['PHP_SELF'];
    $user = $_POST["usr"];
    $user = trim($user);
    $passwd = $_POST["passwd"];
    $passwd = trim($passwd);
    # generate user login info
    $user_info = $user . ":" . $passwd;
    # open file for reading
    $file = fopen("./passwd", "r");
    $found = FALSE;
    while (!feof($file)) {
        $line = fgets($file);
        $line = trim($line);
        if ($line == $user_info) {
            $found = TRUE;
            break;
        }
    }
    if ($found) {
        $pre_reader = $_COOKIE["pre_reader"];
        $pre_reader++;
        setcookie("pre_reader", $pre_reader, time() + 120);
        $script = $_SERVER['PHP_SELF'];
        print "Thank you for logging in.";
        $file = fopen("./main_page.html", "r");
        while (!feof($file)) {
            $line = fgets($file);
            print $line;
        }
        fclose($file);
    } else {
        print "Sorry. Login failed. Please try again";
        sign_up();
    }
}
Пример #9
0
        }
    } else {
        $q = sprintf("SELECT * FROM users WHERE username='******' AND password='******'", mysql_real_escape_string($_POST['username']), md5($_POST['password']));
        $res = mysql_query($q, $db);
        if (mysql_num_rows($res) == 1) {
            setcookie("aura", $_POST['username'], time() + 3600);
            mysql_close($db);
            header('Location: index.php');
        } else {
            mysql_close($db);
            login_page();
        }
    }
} else {
    if (isset($_GET['signup'])) {
        sign_up(false, false);
    } else {
        if (isset($_GET['logout'])) {
            setcookie("aura", "", time() - 3600);
            login_page();
        } else {
            if (isset($_GET['delete'])) {
                if ($_GET['delete'] != "true") {
                    delete_page();
                } else {
                    $db = @mysql_connect($dbserv, $dbuser, $dbpass);
                    mysql_select_db($dbdb, $db);
                    $q = sprintf("DELETE FROM users WHERE username='******'", mysql_real_escape_string($_COOKIE['aura']));
                    mysql_query($q, $db);
                    mysql_close($db);
                    setcookie("aura", "", time() - 3600);
Пример #10
0
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . "/reou/includes/const.php";
require_once D_ROOT . "/reou/controllers/users_controller.php";
sign_up($db, $_POST);
?>

<html>

	<head>
		<title> Sign Up </title>

		<link rel="stylesheet" type="text/css" href="<?php 
echo asset_route('css');
?>
main.css">


	</head>

	<body>

	<?php 
require_once $_SERVER['DOCUMENT_ROOT'] . '/reou/views/layouts/header.php';
?>


	<!--

	========== THE PLAN ============