function register_user()
{
$username = $_POST["username"];
$email = $_POST["email"];
$password = $_POST["password"];
$captcha = trim($_POST["captcha"]);
//if not valid captcha()
include_once "/var/www/includes/captch_code.php";
if (check_code($captcha)) {
//sanitize input fields;
$cr = new crypto();
$password_hash = $cr->one_way_crypt($password);
//add new user to database
$u = new user();
try {
if ($u->create_user($username, $password_hash, $email)) {
$uid = $u->get_user_id($email);
$token = base64_encode($cr->encrypt($uid));
//send activation email
$link = "http://punbt090pc/activate.php?u=" . urlencode($token);
include_once "/var/www/includes/email.php";
send_activation_email($email, $link);
set_registration_error("An activation email has been sent to your inbox (Please check your junkbox in case you have not received it).");
} else {
//send back to registration page
header("Location: /register.php");
}
} catch (Exception $e) {
set_registration_error("UserName Or Email is already registered");
}
} else {
set_registration_error("Invalid Captcha");
}
}
<?php include "/var/www/includes/crypt.php"; $c = new crypto(); $a = 'abc123'; echo $a; echo "<BR/>"; echo $c->one_way_crypt($a); echo "<BR/>"; $u = $_GET['u']; $token = urldecode($u); echo $token; echo "<BR/>"; $t = base64_decode($token); echo $t; echo "<BR/>"; echo $c->decrypt($t);
if (isset($_POST['chpwd_submitted'])) {
$old_pwd = $_POST['old_password'];
$new_pwd = $_POST['new_password'];
$con_pwd = $_POST['confirm_password'];
if ($old_pwd === "" || $new_pwd === '' || $con_pwd === '') {
$msg = "None of the field should be empty";
} else {
if ($new_pwd != $con_pwd) {
$msg = "New and confirm password are mismatch";
} elseif (isset($_COOKIE['app_session_id']) && $_COOKIE['app_session_id'] != '') {
try {
include_once "/var/www/includes/user.php";
include_once "/var/www/includes/session.php";
include_once "/var/www/includes/crypt.php";
$cr = new crypto();
$password = $cr->one_way_crypt($new_pwd);
$old_pwd = $cr->one_way_crypt($old_pwd);
$cookie_token = $_COOKIE['app_session_id'];
$s = new user_session();
if ($s->decode_session($cookie_token)) {
$u = new user();
if (!$u->update_password($s->get_uid(), $old_pwd, $password)) {
throw new Exception("Password Mismacth: Try Again");
}
$msg = "Password Updated Successfully";
} else {
$msg = "Session Expired";
}
} catch (Exception $e) {
$msg = $e->getMesage();
}
$token = $_POST['token'];
$new_pwd = trim($_POST['new_password']);
$con_pwd = trim($_POST['con_password']);
if ($new_pwd == "" || $con_pwd == "") {
$msg = "No blank fields allowed";
} elseif ($new_pwd != $con_pwd) {
$msg = "Password Mismatch";
} else {
include_once "/var/www/includes/user.php";
include_once "/var/www/includes/crypt.php";
$cr = new crypto();
$u = new user();
$uid = urldecode($cr->decrypt(base64_decode($token)));
$uid = intval($uid);
if ($uid != 0) {
if ($u->update_password($uid, NULL, $cr->one_way_crypt($new_pwd))) {
$msg = "Password changed successfully";
$success = true;
} else {
$msg = "Error while changing password";
}
} else {
$msg = "Something goes wrong while resetting password. Contact Team";
}
}
}
?>
<div class="content">
<h1>Reset Password</h1>
<?php
