<?php
include "inc/sql_devtools.php";
include "inc/sql_daityo.php";
include "inc/common.php";
$errors = array();
$id = '';
$formData['aid'] = '';
$formData['pwd'] = '';
if (isset($_POST['sbm'])) {
$formData = parseRequest($_POST);
$errors = validateFormData($formData);
if (is_array($errors) && count($errors) > 0) {
} else {
$id = $formData['aid'];
$pw = $formData['pwd'];
setcookie("devid", $id, time() + 60 * 60 * 24 * 5);
// 有効期限5日間
$errors = login_new($id, $pw);
}
} else {
if (isset($_REQUEST['error_msg'])) {
$errors = $_REQUEST['error_msg'];
}
}
$users = list_users();
if (strlen($formData['aid']) > 0 && $formData['aid'] != '') {
$id = $formData['aid'];
} else {
$id = $_COOKIE["devid"];
//まずクッキーを読み出して変数に格納
<?php
if (isset($_POST['login'])) {
// Function for validating data input into form
function validateFormData($formData)
{
$formData = trim(stripslashes(htmlspecialchars($formData)));
return $formData;
}
// Variables for the validated data
$formUser = validateFormData($_POST['username']);
$formPass = validateFormData($_POST['password']);
// Connect to the database
include 'connection.php';
// Query database for users with correct name
$query = "SELECT username, password FROM users WHERE username='******'";
$result = mysqli_query($conn, $query);
if (mysqli_num_rows($result) > 0) {
// Store found user data into variables
while ($row = mysqli_fetch_assoc($result)) {
$user = $row['username'];
$hashedPass = $row['password'];
}
if (password_verify($formPass, $hashedPass)) {
// Correct login details. Start sessions.
session_start();
// Store data in session varaibles
$_SESSION['loggedInUser'] = $user;
header("Location: index.php");
} else {
// Hashed password did not verify
function validateFormData($formData)
{
$formdata = trim(stripslashes(htmlspecialchars($formData)));
return $formData;
}
// Set all variables empty by default
$username = $password = "";
if (!$_POST['username']) {
$nameError = "Please enter a username <br>";
} else {
$username = validateFormData($_POST['username']);
}
if (!$_POST['password']) {
$passwordError = "Please enter a password <br>";
} else {
$password = validateFormData($_POST['password']);
$hashedPass = password_hash($password, PASSWORD_DEFAULT);
}
if ($username && $hashedPass) {
$query = "INSERT INTO users (username, password) VALUES ('{$username}', '{$hashedPass}')";
//$query = "INSERT INTO users (username, password) VALUES ('$username', '$password')";
if (mysqli_query($conn, $query)) {
echo "<div class='alert alert-success'>New record in database!</div>";
} else {
echo "Error: " . $query . "<br>" . mysqli_error($conn);
}
}
}
mysqli_close($conn);
?>
{
$formdata = trim(stripslashes(htmlspecialchars($formData)));
return $formData;
}
// Set all variables empty by default
$titel = $content = "";
if (!$_POST['titel']) {
$titelError = "Please enter a titel <br>";
} else {
$titel = validateFormData($_POST['titel']);
// $titel = mysqli_real_escape_string($conn, $titel)
}
if (!$_POST['content']) {
$contentError = "Please enter some content <br>";
} else {
$content = validateFormData($_POST['content']);
}
if ($titel && $content) {
$user = $_SESSION['loggedInUser'];
$query = "INSERT INTO posts (id, titel, content, user, post_date) VALUES (NULL, '{$titel}', '{$content}', '{$user}', CURRENT_TIMESTAMP)";
if (mysqli_query($conn, $query)) {
echo "<div class='alert alert-success'>New record in database!</div>";
// For some reason redirecting afterward results form it seems
// So if I refresh page I don't get a second post
header("Location: index.php");
} else {
echo "Error: " . $query . "<br>" . mysqli_error($conn);
}
}
}
mysqli_close($conn);
}
//Checks if user hasn't entered username or password otherwise check data.
if (!$_POST["username"]) {
$nameError = "Please enter a username <br />";
} else {
$username = validateFormData($_POST["username"]);
}
if (!$_POST["email"]) {
$emailError = "Please enter your email <br />";
} else {
$email = validateFormData($_POST["email"]);
}
if (!$_POST["password"]) {
$passwordError = "Please enter a valid password <br />";
} else {
$password = validateFormData($_POST["password"]);
}
//Checks if data is not null if isn't inserts data
if ($username != "" && $password != "" && $email != "") {
//Hash Password
$hash = hash('sha256', $password);
$password = $hash;
//Inserts data
$query = "INSERT INTO users (id, username, password, email, signup_date) VALUES (NULL, '{$username}', '{$password}','{$email}', CURRENT_TIMESTAMP);";
if (mysqli_query($conn, $query)) {
echo "<div class='alert alert-success'>new record in database</div>";
} else {
echo "Error in Database" . mysqli_error . "<br/>";
}
mysqli_close($conn);
//Resets Data
* Created by PhpStorm.
* User: daniel
* Date: 2/1/2016
* Time: 9:30 PM
*/
/*
* $form_data se declara e inicializa en el archivo receive.form.data.php
* */
require_once 'receive.form.data.php';
/*
* Funciones auxiliares para el envío de correo
* */
require_once 'mailer.functions.php';
//echo json_encode( $form_data );
$response = array();
//echo json_encode( $response );
$response['received_elements'] = $form_data;
//echo json_encode( $response );
$validation = validateFormData($form_data);
//echo json_encode( $validation );
if ($validation['status']) {
if (sendMail($form_data)) {
$response['status'] = 'Success';
$response['msg'] = 'Solicitud enviada';
} else {
$response['status'] = 'Error';
$response['msg'] = 'No se pudo enviar el mensaje. <strong>Revisa el correo que escribiste.</strong>';
}
}
echo json_encode($response);
//echo json_encode( $response );
