public function signup($username, $password, $fullname)
{
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
if (!helper::isCorrectLogin($username)) {
$result = array("error" => true, "error_code" => ERROR_UNKNOWN, "error_type" => 0, "error_description" => "Incorrect login");
return $result;
}
if (!helper::isCorrectPassword($password)) {
$result = array("error" => true, "error_code" => ERROR_UNKNOWN, "error_type" => 1, "error_description" => "Incorrect password");
return $result;
}
$salt = helper::generateSalt(3);
$passw_hash = md5(md5($password) . $salt);
$currentTime = time();
$stmt = $this->db->prepare("INSERT INTO admins (username, salt, password, fullname, createAt) value (:username, :salt, :password, :fullname, :createAt)");
$stmt->bindParam(":username", $username, PDO::PARAM_STR);
$stmt->bindParam(":salt", $salt, PDO::PARAM_STR);
$stmt->bindParam(":password", $passw_hash, PDO::PARAM_STR);
$stmt->bindParam(":fullname", $fullname, PDO::PARAM_STR);
$stmt->bindParam(":createAt", $currentTime, PDO::PARAM_INT);
if ($stmt->execute()) {
$this->setId($this->db->lastInsertId());
$result = array("error" => false, 'accountId' => $this->id, 'username' => $username, 'password' => $password, 'error_code' => ERROR_SUCCESS, 'error_description' => 'SignUp Success!');
return $result;
}
return $result;
}
public function setUsername($username)
{
$result = array("error" => true, "error_code" => ERROR_UNKNOWN);
$helper = new helper($this->db);
if (!helper::isCorrectLogin($username)) {
return $result;
}
if ($helper->isLoginExists($username)) {
return $result;
}
$stmt = $this->db->prepare("UPDATE users SET login = (:login) WHERE id = (:accountId)");
$stmt->bindParam(":accountId", $this->id, PDO::PARAM_INT);
$stmt->bindParam(":login", $username, PDO::PARAM_STR);
if ($stmt->execute()) {
$result = array('error' => false, 'error_code' => ERROR_SUCCESS);
}
return $result;
}
$user_fullname = isset($_POST['user_fullname']) ? $_POST['user_fullname'] : '';
$token = isset($_POST['authenticity_token']) ? $_POST['authenticity_token'] : '';
$user_username = helper::clearText($user_username);
$user_fullname = helper::clearText($user_fullname);
$user_password = helper::clearText($user_password);
$user_password_repeat = helper::clearText($user_password_repeat);
$user_username = helper::escapeText($user_username);
$user_fullname = helper::escapeText($user_fullname);
$user_password = helper::escapeText($user_password);
$user_password_repeat = helper::escapeText($user_password_repeat);
if (auth::getAuthenticityToken() !== $token) {
$error = true;
$error_token = true;
$error_message[] = 'Error!';
}
if (!helper::isCorrectLogin($user_username)) {
$error = true;
$error_username = true;
$error_message[] = 'Incorrect username.';
}
if (!helper::isCorrectPassword($user_password)) {
$error = true;
$error_password = true;
$error_message[] = 'Incorrect password.';
}
if (!$error) {
$admin = new admin($dbo);
// Create admin account
$result = array();
$result = $admin->signup($user_username, $user_password, $user_fullname);
if ($result['error'] === false) {
