<?php include "inc/sql_devtools.php"; include "inc/sql_daityo.php"; include "inc/common.php"; $errors = array(); $id = ''; $formData['aid'] = ''; $formData['pwd'] = ''; if (isset($_POST['sbm'])) { $formData = parseRequest($_POST); $errors = validateFormData($formData); if (is_array($errors) && count($errors) > 0) { } else { $id = $formData['aid']; $pw = $formData['pwd']; setcookie("devid", $id, time() + 60 * 60 * 24 * 5); // 有効期限5日間 $errors = login_new($id, $pw); } } else { if (isset($_REQUEST['error_msg'])) { $errors = $_REQUEST['error_msg']; } } $users = list_users(); if (strlen($formData['aid']) > 0 && $formData['aid'] != '') { $id = $formData['aid']; } else { $id = $_COOKIE["devid"]; //まずクッキーを読み出して変数に格納
<?php if (isset($_POST['login'])) { // Function for validating data input into form function validateFormData($formData) { $formData = trim(stripslashes(htmlspecialchars($formData))); return $formData; } // Variables for the validated data $formUser = validateFormData($_POST['username']); $formPass = validateFormData($_POST['password']); // Connect to the database include 'connection.php'; // Query database for users with correct name $query = "SELECT username, password FROM users WHERE username='******'"; $result = mysqli_query($conn, $query); if (mysqli_num_rows($result) > 0) { // Store found user data into variables while ($row = mysqli_fetch_assoc($result)) { $user = $row['username']; $hashedPass = $row['password']; } if (password_verify($formPass, $hashedPass)) { // Correct login details. Start sessions. session_start(); // Store data in session varaibles $_SESSION['loggedInUser'] = $user; header("Location: index.php"); } else { // Hashed password did not verify
function validateFormData($formData) { $formdata = trim(stripslashes(htmlspecialchars($formData))); return $formData; } // Set all variables empty by default $username = $password = ""; if (!$_POST['username']) { $nameError = "Please enter a username <br>"; } else { $username = validateFormData($_POST['username']); } if (!$_POST['password']) { $passwordError = "Please enter a password <br>"; } else { $password = validateFormData($_POST['password']); $hashedPass = password_hash($password, PASSWORD_DEFAULT); } if ($username && $hashedPass) { $query = "INSERT INTO users (username, password) VALUES ('{$username}', '{$hashedPass}')"; //$query = "INSERT INTO users (username, password) VALUES ('$username', '$password')"; if (mysqli_query($conn, $query)) { echo "<div class='alert alert-success'>New record in database!</div>"; } else { echo "Error: " . $query . "<br>" . mysqli_error($conn); } } } mysqli_close($conn); ?>
{ $formdata = trim(stripslashes(htmlspecialchars($formData))); return $formData; } // Set all variables empty by default $titel = $content = ""; if (!$_POST['titel']) { $titelError = "Please enter a titel <br>"; } else { $titel = validateFormData($_POST['titel']); // $titel = mysqli_real_escape_string($conn, $titel) } if (!$_POST['content']) { $contentError = "Please enter some content <br>"; } else { $content = validateFormData($_POST['content']); } if ($titel && $content) { $user = $_SESSION['loggedInUser']; $query = "INSERT INTO posts (id, titel, content, user, post_date) VALUES (NULL, '{$titel}', '{$content}', '{$user}', CURRENT_TIMESTAMP)"; if (mysqli_query($conn, $query)) { echo "<div class='alert alert-success'>New record in database!</div>"; // For some reason redirecting afterward results form it seems // So if I refresh page I don't get a second post header("Location: index.php"); } else { echo "Error: " . $query . "<br>" . mysqli_error($conn); } } } mysqli_close($conn);
} //Checks if user hasn't entered username or password otherwise check data. if (!$_POST["username"]) { $nameError = "Please enter a username <br />"; } else { $username = validateFormData($_POST["username"]); } if (!$_POST["email"]) { $emailError = "Please enter your email <br />"; } else { $email = validateFormData($_POST["email"]); } if (!$_POST["password"]) { $passwordError = "Please enter a valid password <br />"; } else { $password = validateFormData($_POST["password"]); } //Checks if data is not null if isn't inserts data if ($username != "" && $password != "" && $email != "") { //Hash Password $hash = hash('sha256', $password); $password = $hash; //Inserts data $query = "INSERT INTO users (id, username, password, email, signup_date) VALUES (NULL, '{$username}', '{$password}','{$email}', CURRENT_TIMESTAMP);"; if (mysqli_query($conn, $query)) { echo "<div class='alert alert-success'>new record in database</div>"; } else { echo "Error in Database" . mysqli_error . "<br/>"; } mysqli_close($conn); //Resets Data
* Created by PhpStorm. * User: daniel * Date: 2/1/2016 * Time: 9:30 PM */ /* * $form_data se declara e inicializa en el archivo receive.form.data.php * */ require_once 'receive.form.data.php'; /* * Funciones auxiliares para el envío de correo * */ require_once 'mailer.functions.php'; //echo json_encode( $form_data ); $response = array(); //echo json_encode( $response ); $response['received_elements'] = $form_data; //echo json_encode( $response ); $validation = validateFormData($form_data); //echo json_encode( $validation ); if ($validation['status']) { if (sendMail($form_data)) { $response['status'] = 'Success'; $response['msg'] = 'Solicitud enviada'; } else { $response['status'] = 'Error'; $response['msg'] = 'No se pudo enviar el mensaje. <strong>Revisa el correo que escribiste.</strong>'; } } echo json_encode($response); //echo json_encode( $response );