function LoadPatientTable($truncate_table = false)
{
$MyHash = new PasswordHash();
//Truncate table if needed (empty table, without dropping it.)
if ($truncate_table) {
$trunc = $this->DbConn->rawQuery('truncate patient');
}
$uid = 1;
foreach ($this->Users as $user) {
$picture_name = strrchr($user->picture, '/');
exec("wget {$user->picture} -O /var/www/media/images{$picture_name}");
list($algorithm, $iterations, $salt, $hash) = explode(":", $MyHash->create_hash($user->password));
$data = array('patient_id' => $uid, 'title' => ucfirst(strtolower($user->name->title)), 'fname' => ucfirst(strtolower($user->name->first)), 'middle' => chr(rand(65, 87)) . ".", 'lname' => ucfirst(strtolower($user->name->last)), 'dob' => $user->dob, 'street_address' => ucwords(strtolower($user->location->street)), 'city' => ucwords(strtolower($user->location->city)), 'state' => strtoupper($user->location->state), 'zip' => $user->location->zip, 'email' => strtolower($user->email), 'username' => $user->username, 'sex' => $user->gender, 'race' => $this->RandomRace(), 'bmi' => rand(10, 30), 'height' => rand(48, 78), 'weight' => rand(100, 300), 'salt' => $salt, 'iterations' => $iterations, 'algorithm' => $algorithm, 'hash' => $hash, 'registered' => $user->registered, 'phone' => $user->phone, 'cell' => $user->cell, 'ssn' => $user->SSN, 'picture_path' => '/var/www/media/images' . $picture_name, 'picture_url' => 'http://msu2u.net/media/images' . $picture_name);
$id = $this->DbConn->insert('patient', $data);
if ($id) {
echo 'user was created. Id=' . $id;
}
$uid++;
}
}
if (isset($_POST['user_name']) && isset($_POST['user_password']) && isset($_POST['user_email']) && isset($_POST['Register'])) {
$db = new PDO('mysql:host=' . DB_HOST . ';dbname=' . DB_NAME . ';charset=utf8', DB_USER, DB_PASS);
$userCheck = $db->prepare('SELECT * FROM ovr_lists_login WHERE user_name = :user');
$userCheck->execute(array('user' => $_POST['user_name']));
$emailCheck = $db->prepare('SELECT * FROM ovr_lists_login WHERE user_email = :email');
$emailCheck->execute(array('email' => $_POST['user_email']));
if ($userCheck->rowCount() > 0) {
# No duplicate user names
echo "Sorry, that username is already in use";
} else {
if ($emailCheck->rowCount() > 0) {
# No duplicate emails
echo "Sorry, that email is already in use";
} else {
# Carry on with registration
$passwordHash = PasswordHash::create_hash($_POST['user_password']);
$addUser = $db->prepare("INSERT INTO ovr_lists_login (user_name,user_password_hash,user_email)\n VALUES(:user_name, :user_password_hash, :user_email)");
$addUser->execute(array('user_name' => $_POST['user_name'], 'user_password_hash' => $passwordHash, 'user_email' => $_POST['user_email']));
$userId = $db->lastInsertId();
$activation_hash_string = $userId . $_POST['user_name'] . $_POST['user_email'] . $passwordHash;
$activation = urlencode(hash_hmac('sha256', $activation_hash_string, $passwordHash));
$mandrillAPI = new Mandrill(getenv('MANDRILL_API'));
$textBody = <<<AAA
Lists account request
User: {$_POST['user_name']}
Email: {$_POST['user_email']}
<?php
session_start();
require_once "../../PasswordHashClass.php";
$DB = new DB('sqlite::memory:');
// Replace with your own
if (isset($_POST['username']) && isset($_POST['password'])) {
// Other validation logic can take place here
$hashed = PasswordHash::create_hash($_POST['password']);
$check = $DB->pQuery("SELECT * FROM user_accounts WHERE username = ?", array($_POST['username']));
if (!empty($check)) {
$_SESSION['msg'] = "Username already in use.";
header("Location: /signup.php");
} else {
$res = $DB->pQuery("INSERT INTO user_accounts (username, password) VALUES (?, ?);", array($_POST['username'], $hashed));
if ($res) {
$_SESSION['msg'] = "Your registration was successful!";
header("Location: /login.php");
} else {
$_SESSION['msg'] = "An error has occurred.";
header("Location: /signup.php");
}
}
exit;
} else {
// Just a basic HTML form
?>
<!DOCTYPE html>
<html>
<head>
<title>DEMO</title>
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
require_once 'PasswordHash.php';
$MyHash = new PasswordHash();
echo "Sample hash:\n";
$hash = $MyHash->create_hash("test_password");
echo $hash . "\n";
echo "Sample hash:\n";
$hash = $MyHash->create_hash("rugger31");
echo $hash . "\n";
echo "Sample hash:\n";
$hash = $MyHash->create_hash("Rugger31!");
echo $hash . "\n";
echo "\nTest results:\n";
// Test vector raw output.
$a = bin2hex($MyHash->pbkdf2("sha1", "password", "salt", 2, 20, true));
$b = "ea6c014dc72d6f8ccd1ed92ace1d41f0d8de8957";
if ($a === $b) {
echo "pass\n";
} else {
echo "FAIL\n";
