function register_user()
{
$username = $_POST["username"];
$email = $_POST["email"];
$password = $_POST["password"];
$captcha = trim($_POST["captcha"]);
//if not valid captcha()
include_once "/var/www/includes/captch_code.php";
if (check_code($captcha)) {
//sanitize input fields;
$cr = new crypto();
$password_hash = $cr->one_way_crypt($password);
//add new user to database
$u = new user();
try {
if ($u->create_user($username, $password_hash, $email)) {
$uid = $u->get_user_id($email);
$token = base64_encode($cr->encrypt($uid));
//send activation email
$link = "http://punbt090pc/activate.php?u=" . urlencode($token);
include_once "/var/www/includes/email.php";
send_activation_email($email, $link);
set_registration_error("An activation email has been sent to your inbox (Please check your junkbox in case you have not received it).");
} else {
//send back to registration page
header("Location: /register.php");
}
} catch (Exception $e) {
set_registration_error("UserName Or Email is already registered");
}
} else {
set_registration_error("Invalid Captcha");
}
}
public function create_session_id($uid, $uname, $email)
{
$this->session_uid = $uid;
$this->session_uname = $uname;
$this->session_email = $email;
$session_id = $this->session_uid . '&' . $this->session_uname . '&' . $this->session_email;
$cr = new crypto();
return base64_encode($cr->encrypt($session_id));
}
<?php
$msg = "";
$success = false;
if (isset($_POST['reset_submitted'])) {
include_once "/var/www/includes/validation.php";
$email = trim($_POST['email']);
if ($email != "") {
//is_email_valid($email)) {
include_once "/var/www/includes/user.php";
include_once "/var/www/includes/crypt.php";
$u = new user();
$uid = $u->get_user_id($email);
if ($uid != 0) {
$cr = new crypto();
$token = base64_encode($cr->encrypt($uid));
$link = 'http://punbt090pc/reset.php?token=' . urlencode($token);
include_once "/var/www/includes/email.php";
send_reset_email($email, $link);
$msg = "Reset instruction are sent to email - " . $email . " Please check inbox/junkbox.";
$success = true;
} else {
$msg = "Email is not registered";
}
} else {
$msg = "Invalid Email " . $email;
}
} elseif (isset($_POST['resetpwd_submitted'])) {
$token = $_POST['token'];
$new_pwd = trim($_POST['new_password']);
$con_pwd = trim($_POST['con_password']);
