exit;
}
$input = $request->getJSON();
/*
* Simple sanitization
*/
//$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
//$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
$username = $input->username;
$password = $input->password;
if (!($username && $password)) {
header('HTTP/1.0 400 Bad Request');
exit;
}
try {
$rs = $db->getUser($username);
//$rs = ['id'=> 1,
// 'password' => password_hash('test123', PASSWORD_DEFAULT),
// 'name' => 'satheesan',
// 'role' => 'Admin'];
if ($rs) {
/*
* Password was generated by password_hash(), so we need to use
* password_verify() to check it.
*
* @see http://php.net/manual/en/ref.password.php
*/
error_log("password: "******"password: " . password_hash($password, PASSWORD_DEFAULT), 0);
if (password_verify($password, $rs['password'])) {
if ($rs['status'] == 'Pending') {
$user = $request->getJSON();
if (!$request->validate('Admin')) {
$user->status = 'Pending';
} else {
$user->status = 'Approved';
}
if (!$user->username || !$user->email || !$user->name || !$user->institute) {
$message = "FAILED: Missing required fields!!";
} else {
$message = $db->createUser($user);
}
$output->message = $message;
if ($message === 'SUCCESS') {
if ($user->status == 'Pending') {
$mail = new sendMail();
$toList = $db->getUser(null, null, 'Admin');
//echo json_encode($toList);
$subject = 'Pending Approval User: '******'/password/i', $key)) {
continue;
}
$body .= "<tr>";
$body .= "<td>{$key}</td><td>{$row}</td>";
$body .= "</tr>";
}
$body .= "</table>";
$approveURL = $_SERVER["HTTP_REFERER"] . "#/userList";
$link = '<a href="' . $approveURL . '" style="font-size:16px; font-weight: bold; font-family: Helvetica, Arial, sans-serif; text-decoration: none; line-height:40px; width:100%; display:inline-block"><span style="background-color: blue;color: white;margin: 2px;padding: 5px;border-radius: 15px;">Approve</span></a>';
$body .= $link;
<?php
chdir(dirname(__DIR__));
require_once 'vendor/JWT/JWT.php';
require_once 'lib/Request.php';
require_once 'config/Config.php';
require_once 'lib/DbUtils.php';
use IP\Request;
use IP\DbUtils as DB;
$db = new DB();
$request = new Request();
error_log($request->getMethod());
$request->setAccessHeader();
if ($request->handleOptions()) {
error_log('Option request. Exit...', 0);
exit;
}
if (!$request->validate()) {
error_log('Validation failed. Not authorized!!');
exit;
}
$id = intval($_GET['id']);
error_log(json_encode($id));
$user = $db->getUser(null, $id);
error_log(json_encode($user));
header('Content-type: application/json');
echo json_encode($user);
$db = new DB();
use IP\Request;
$request = new Request();
$request->setAccessHeader();
if ($request->handleOptions()) {
error_log('Option request. Exit...', 0);
exit;
}
if (!$request->validate('Admin')) {
error_log('Validation failed. Not authorized!!');
exit;
}
$input = $request->getJSON();
$userId = $input->userId;
if ($userId > 0) {
$user = $db->getUser(null, $userId);
if (!$user) {
$result = "No user found with id: " . $userId;
} else {
$result = $db->approveUser($userId);
if ($result == "SUCCESS") {
$mail = new sendMail();
//print_r($user);
$toList = $user['email'];
//echo json_encode($toList);
$subject = 'Your account is ready to use now!!';
$body = "Admin approved your account. Now you can login and use the exciting features!!!";
$loginURL = $_SERVER["HTTP_REFERER"] . "#/login";
$link = '<a href="' . $loginURL . '" style="font-size:16px; font-weight: bold; font-family: Helvetica, Arial, sans-serif; text-decoration: none; line-height:40px; width:100%; display:inline-block"><span style="background-color: blue;color: white;margin: 2px;padding: 5px;border-radius: 15px;">Login</span></a>';
$body .= $link;
$mail->sendMail($toList, $subject, $body);
