exit; } $input = $request->getJSON(); /* * Simple sanitization */ //$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING); //$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING); $username = $input->username; $password = $input->password; if (!($username && $password)) { header('HTTP/1.0 400 Bad Request'); exit; } try { $rs = $db->getUser($username); //$rs = ['id'=> 1, // 'password' => password_hash('test123', PASSWORD_DEFAULT), // 'name' => 'satheesan', // 'role' => 'Admin']; if ($rs) { /* * Password was generated by password_hash(), so we need to use * password_verify() to check it. * * @see http://php.net/manual/en/ref.password.php */ error_log("password: "******"password: " . password_hash($password, PASSWORD_DEFAULT), 0); if (password_verify($password, $rs['password'])) { if ($rs['status'] == 'Pending') {
$user = $request->getJSON(); if (!$request->validate('Admin')) { $user->status = 'Pending'; } else { $user->status = 'Approved'; } if (!$user->username || !$user->email || !$user->name || !$user->institute) { $message = "FAILED: Missing required fields!!"; } else { $message = $db->createUser($user); } $output->message = $message; if ($message === 'SUCCESS') { if ($user->status == 'Pending') { $mail = new sendMail(); $toList = $db->getUser(null, null, 'Admin'); //echo json_encode($toList); $subject = 'Pending Approval User: '******'/password/i', $key)) { continue; } $body .= "<tr>"; $body .= "<td>{$key}</td><td>{$row}</td>"; $body .= "</tr>"; } $body .= "</table>"; $approveURL = $_SERVER["HTTP_REFERER"] . "#/userList"; $link = '<a href="' . $approveURL . '" style="font-size:16px; font-weight: bold; font-family: Helvetica, Arial, sans-serif; text-decoration: none; line-height:40px; width:100%; display:inline-block"><span style="background-color: blue;color: white;margin: 2px;padding: 5px;border-radius: 15px;">Approve</span></a>'; $body .= $link;
<?php chdir(dirname(__DIR__)); require_once 'vendor/JWT/JWT.php'; require_once 'lib/Request.php'; require_once 'config/Config.php'; require_once 'lib/DbUtils.php'; use IP\Request; use IP\DbUtils as DB; $db = new DB(); $request = new Request(); error_log($request->getMethod()); $request->setAccessHeader(); if ($request->handleOptions()) { error_log('Option request. Exit...', 0); exit; } if (!$request->validate()) { error_log('Validation failed. Not authorized!!'); exit; } $id = intval($_GET['id']); error_log(json_encode($id)); $user = $db->getUser(null, $id); error_log(json_encode($user)); header('Content-type: application/json'); echo json_encode($user);
$db = new DB(); use IP\Request; $request = new Request(); $request->setAccessHeader(); if ($request->handleOptions()) { error_log('Option request. Exit...', 0); exit; } if (!$request->validate('Admin')) { error_log('Validation failed. Not authorized!!'); exit; } $input = $request->getJSON(); $userId = $input->userId; if ($userId > 0) { $user = $db->getUser(null, $userId); if (!$user) { $result = "No user found with id: " . $userId; } else { $result = $db->approveUser($userId); if ($result == "SUCCESS") { $mail = new sendMail(); //print_r($user); $toList = $user['email']; //echo json_encode($toList); $subject = 'Your account is ready to use now!!'; $body = "Admin approved your account. Now you can login and use the exciting features!!!"; $loginURL = $_SERVER["HTTP_REFERER"] . "#/login"; $link = '<a href="' . $loginURL . '" style="font-size:16px; font-weight: bold; font-family: Helvetica, Arial, sans-serif; text-decoration: none; line-height:40px; width:100%; display:inline-block"><span style="background-color: blue;color: white;margin: 2px;padding: 5px;border-radius: 15px;">Login</span></a>'; $body .= $link; $mail->sendMail($toList, $subject, $body);