include_once $curdir . "/../api.lib/api.helpers.php";
include_once $curdir . "/../api.lib/api.security.php";
include_once $curdir . "/../api.lib/api.user.php";
include_once $curdir . "/../../config/config.php";
$result = array('result' => 'fail', 'data' => array());
$token = '';
if (!APIHelpers::issetParam('email')) {
APIHelpers::showerror(1001, 'Parameter email was not found');
}
if (!APIHelpers::issetParam('password')) {
APIHelpers::showerror(1316, 'Parameter password was not found');
}
$email = APIHelpers::getParam('email', '');
$password = APIHelpers::getParam('password', '');
$conn = APIHelpers::createConnection($config);
$hash_password2 = APISecurity::generatePassword2($email, $password);
if (APISecurity::login($conn, $email, $hash_password2)) {
$result['result'] = 'ok';
APIHelpers::$TOKEN = APIHelpers::gen_guid();
$result['data']['token'] = APIHelpers::$TOKEN;
$result['data']['session'] = APIHelpers::$FHQSESSION;
} else {
APIHelpers::showerror(1002, 'email or/and password was not found in system ');
}
if ($result['result'] == 'ok') {
APISecurity::insertLastIp($conn, APIHelpers::getParam('client', 'none'));
APIUser::loadUserProfile($conn);
// APIUser::loadUserScore($conn);
APISecurity::saveByToken();
}
echo json_encode($result);
APIHelpers::showerror(1012, '[Registration] Captcha is not correct, please "Refresh captcha" and try again');
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
APIHelpers::showerror(1011, '[Registration] Invalid e-mail address.');
}
$conn = APIHelpers::createConnection($config);
$stmt = $conn->prepare('select count(*) as cnt from users where email = ?');
$stmt->execute(array($email));
if ($row = $stmt->fetch()) {
if (intval($row['cnt']) >= 1) {
APIHelpers::showerror(1192, '[Registration] This e-mail was already registered.');
}
}
$nick = "hacker-" . substr(md5(rand() . rand()), 0, 7);
$email = strtolower($email);
$uuid = APIHelpers::gen_guid();
$password = substr(md5(rand() . rand()), 0, 8);
$password_hash = APISecurity::generatePassword2($email, $password);
// same code exists in api/users/insert.php
$stmt_insert = $conn->prepare('
INSERT INTO users(
uuid,
pass,
status,
email,
nick,
role,
logo,
dt_last_login,
dt_create
)
if (!APIHelpers::issetParam('email')) {
APIHelpers::showerror(1031, 'Not found parameter email');
}
if (!APIHelpers::issetParam('role')) {
APIHelpers::showerror(1032, 'Not found parameter role');
}
if (!APIHelpers::issetParam('nick')) {
APIHelpers::showerror(1033, 'Not found parameter nick');
}
if (!APIHelpers::issetParam('password')) {
APIHelpers::showerror(1034, 'Not found parameter password');
}
if (!APIHelpers::issetParam('status')) {
APIHelpers::showerror(1035, 'Not found parameter status');
}
$uuid = APIHelpers::getParam('uuid', APIHelpers::gen_guid());
$logo = APIHelpers::getParam('logo', 'files/users/0.png');
$email = APIHelpers::getParam('email', '1');
$role = APIHelpers::getParam('role', 'user');
$nick = APIHelpers::getParam('nick', '1');
$password = APIHelpers::getParam('password', '1');
$status = APIHelpers::getParam('status', 'activated');
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
APIHelpers::showerror(1036, 'Invalid e-mail address.');
}
$stmt = $conn->prepare('select count(*) as cnt from users where email = ?');
$stmt->execute(array($email));
if ($row = $stmt->fetch()) {
if (intval($row['cnt']) >= 1) {
APIHelpers::showerror(1037, 'This e-mail was already registered.');
}
