function storeUser($name, $email, $password)
{
$uuid = uniqid('fss_u', true);
$hash = hashSSHA($password);
$encrypted_password = password_hash($password, PASSWORD_DEFAULT);
// $hash["encrypted"]; // encrypted password
$salt = $hash["salt"];
// salt
$regday = date("Y-m-j");
$type_user = '******';
$db = new PDO('mysql:host=localhost:3308;dbname=fss-db', 'root', 'nabounanc1');
echo $encrypted_password;
echo '<br>';
$query = $db->prepare('INSERT INTO fss_users (unique_id,username,email,password,create_time,type_user) VALUES (:uuid, :name, :email, :encrypted_password, :regday, :type_user) ');
$query->bindValue(':uuid', $uuid, PDO::PARAM_STR);
$query->bindValue(':name', $name, PDO::PARAM_STR);
$query->bindValue(':email', $email, PDO::PARAM_STR);
$query->bindValue(':encrypted_password', $encrypted_password, PDO::PARAM_STR);
// $query->bindValue(':salt', $salt, PDO::PARAM_STR);
$query->bindValue(':regday', $regday, PDO::PARAM_STR);
$query->bindValue(':type_user', $type_user, PDO::PARAM_STR);
$query->execute();
// check for successful store
if ($query->execute()) {
echo $query->rowCount();
echo '<br>';
$result = $query->fetchAll();
print_r($result);
// get user details
$uid = $db->lastInsertId();
// last inserted id
$query = $db->prepare("SELECT * FROM fss_users WHERE unique_id = :uid");
$query->bindValue(':uid', $uid, PDO::PARAM_STR);
$query->execute();
//Message
$message = "Bienvenue sur FSS Votre inscription a ete accepte pseudo = {$email} mot de passe = {$password} !";
//Titre
$titre = "Bienvenue sur FSS !";
mail($email, $titre, $message);
// Mail to the new user
// return user details
//return $query->fetchAll();
echo 'it\'s good';
echo '<br>';
} else {
echo 'error';
echo '<br>';
//return $false;
}
}
$query = mysqli_query($link, "Select * from users");
//Query the users table
while ($row = mysqli_fetch_array($query)) {
$table_users = $row['username'];
// the first username row is passed on to $table_users, and so on until the query is finished
if ($email == $table_users) {
$bool = false;
// sets bool to false
print '<script>alert("This email is already registered with us!");</script>';
//Prompts the user
print '<script>window.location.assign("register");</script>';
// redirects to register.php
}
}
if ($bool) {
$hash = hashSSHA($pwd);
$encrypted_password = $hash["encrypted"];
// encrypted password
$salt = $hash["salt"];
mysqli_query($link, "INSERT INTO users (uuid,fname, lname, password, salt, email, mobile, address) VALUES ('{$uuid}','{$fname}','{$lname}','{$encrypted_password}','{$salt}','{$email}','{$cnum}','{$address}')");
//Inserts the value to table count
if (mysqli_affected_rows($link) == 1) {
$message = "Register Successfull";
header("location: index.php");
} else {
$bool = false;
// sets bool to false
header("location: register.php");
}
}
}
function ChangePasswordUtility($email, $newPassword, $table)
{
$resp = "-1";
try {
// for encrypting the password thing
$hash = hashSSHA($newPassword);
$encryptedPwd = $hash["encrypted"];
// encrypted password
$salt = $hash["salt"];
// salt
$query = "update " . $table . " set " . $table . "Pwd='{$encryptedPwd}', Salt='{$salt}' where " . $table . "Email='{$email}'";
$rs = mysql_query($query);
if (!$rs) {
$resp = "-1";
} else {
$resp = "1";
}
return $resp;
} catch (Exception $e) {
$resp = "-1";
return $resp;
}
}
function UpdatePasswordUtility($email, $newPwd, $table, $emailCol, $pwdCol)
{
$resp = "-1";
try {
if (IsAlreadySignedup($email, $table) != "") {
// get the encrpyted password here and insert into the database. for encrypting the password thing
$hash = hashSSHA($newPwd);
$encryptedPwd = $hash["encrypted"];
// encrypted password
$salt = $hash["salt"];
// salt
$query = "update " . $table . " set " . $pwdCol . "='{$encryptedPwd}', Salt='{$salt}' where " . $emailCol . "='{$email}'";
$rs = mysql_query($query);
if (!$rs) {
$resp = "-1";
} else {
$resp = "1";
}
} else {
// user has not signed up yet!
$resp = "2";
}
return $resp;
} catch (Exception $e) {
$resp = "-1";
return $resp;
}
}
function chpassword($pdo)
{
if (!empty($_POST['npass']) && !empty($_POST['cpass'])) {
$sql = "select salt,password from user where id=:userId";
$stmt = $pdo->prepare($sql);
$stmt->bindvalue(':userId', $_SESSION['userId'], PDO::PARAM_INT);
$stmt->execute();
if ($stmt->rowCount()) {
$user = $stmt->fetch(PDO::FETCH_ASSOC);
$salt = $user['salt'];
$encPassword = $user['password'];
if (checkhashSSHA($salt, $_POST['cpass']) == $encPassword) {
$nps = preg_replace('/\\s*/', '', $_POST['npass']);
$nps = preg_replace('/\\/*/', '', $nps);
if (mb_strlen($nps, 'UTF-8') >= 8) {
$password = hashSSHA($_POST['npass']);
$sql = "update user set salt=:s,password=:p";
$stmt = $pdo->prepare($sql);
$stmt->bindvalue(':s', $password['salt'], PDO::PARAM_STR);
$stmt->bindvalue(':p', $password['encrypted'], PDO::PARAM_STR);
$stmt->execute();
}
}
}
}
redirect(BASE_PATH . '/me', 1);
}
* returns salt and encrypted password
*/
function hashSSHA($password)
{
$salt = sha1(rand());
$salt = substr($salt, 0, 10);
$encrypted = base64_encode(sha1($password . $salt, true) . $salt);
$hash = array("salt" => $salt, "encrypted" => $encrypted);
return $hash;
}
include "connect.php";
$username = $_REQUEST["username"];
$password = $_REQUEST["password"];
$createdon = date("Y-m-d H:m:i");
$request_type = $_REQUEST["request_type"];
$salt = hashSSHA($password);
switch ($request_type) {
case 'save_user':
$sql = "INSERT INTO users(username, password, salt, created) VALUES ('{$username}','" . $salt["encrypted"] . "','" . $salt["salt"] . "','{$createdon}')";
$result = mysqli_query($link, $sql);
if ($result) {
echo json_encode(array("result" => true, "msg" => "User register successfuly"));
} else {
echo json_encode(array("result" => false, "msg" => "Error."));
}
break;
case 'list_student':
$data = array();
$sql = "SELECT *,id idstudent FROM student";
$result = mysqli_query($link, $sql);
while ($Estudiante = mysqli_fetch_assoc($result)) {
$result = mysqli_query($conn, $command);
$rowcount = mysqli_num_rows($result);
if ($rowcount > 0) {
session_start();
$_SESSION['name'] = "existed";
header('Location:http://localhost:90/econvoy/');
} elseif ($password != $cpassword) {
session_start();
$_SESSION['name'] = "mismatch";
header('Location:http://localhost:90/econvoy/registration.php');
} else {
$password = $_POST['password'];
$name = $_POST['name'];
$type = $_POST['group1'];
$uuid = uniqid('', true);
$hash = hashSSHA($password);
$encrypted_password = $hash["encrypted"];
// encrypted password
$salt = $hash["salt"];
// salt
$query = "INSERT INTO users(unique_id, name, email, type, encrypt_paswd, salt, created_at, Status) VALUES ('{$uuid}', '{$name}', '{$email}', '{$type}', '{$encrypted_password}' , '{$salt}', NOW() , 'NO')";
$result = mysqli_query($conn, $query);
// check for successful store
if ($result) {
// get user details
$uid = mysqli_insert_id($conn);
// last inserted id
$query = "SELECT * FROM users WHERE uid = '{$uid}'";
$result = mysqli_query($conn, $query);
session_start();
$_SESSION['name'] = $name;
function forget_password($data)
{
$emailid = mysql_real_escape_string($data->email);
if (!empty($emailid)) {
$data = mysql_query("select * from users where email='" . $emailid . "'");
if (mysql_num_rows($data) > 0) {
$uuid = mysql_real_escape_string($data->unique_id);
$newpassword = mysql_real_escape_string($data->newpassword);
$repeatpassword = mysql_real_escape_string($data->repeatpassword);
if ($newpassword == $repeatpassword) {
$hash = hashSSHA($newpassword);
$encrypted_password = $hash["encrypted"];
// encrypted password
$salt = $hash["salt"];
// salt
$update = mysql_query("update users set `encrypted_password`='" . $encrypted_password . "', `salt`='" . $salt . "' where unique_id='" . $uuid . "'");
return array("unique_id" => $uuid, "msg" => "Update Successfully", "status" => "success");
} else {
return array("msg" => "New password and repeat password must be same", "status" => "failure");
}
} else {
return array("msg" => "Email id is not exist", "status" => "failure");
}
} else {
return array("msg" => "Enter your email id", "status" => "failure");
}
}
/**
* Save new password in the database
*/
function saveNewPassword($email, $new_password, $db)
{
$result = $db->query("SELECT * FROM users WHERE email = '{$email}'");
// check for result
if ($result->num_rows > 0) {
//Save new password in the database
$hash = hashSSHA($new_password);
$encrypted_new_password = $hash["encrypted"];
$new_salt = $hash["salt"];
$sql = "UPDATE users SET encrypted_password = '******', salt = '{$new_salt}'\n\t WHERE email = '{$email}' ";
// check for successful store
if ($db->query($sql) === TRUE) {
return true;
} else {
return false;
}
} else {
return false;
}
}
