function storeUser($name, $email, $password) { $uuid = uniqid('fss_u', true); $hash = hashSSHA($password); $encrypted_password = password_hash($password, PASSWORD_DEFAULT); // $hash["encrypted"]; // encrypted password $salt = $hash["salt"]; // salt $regday = date("Y-m-j"); $type_user = '******'; $db = new PDO('mysql:host=localhost:3308;dbname=fss-db', 'root', 'nabounanc1'); echo $encrypted_password; echo '<br>'; $query = $db->prepare('INSERT INTO fss_users (unique_id,username,email,password,create_time,type_user) VALUES (:uuid, :name, :email, :encrypted_password, :regday, :type_user) '); $query->bindValue(':uuid', $uuid, PDO::PARAM_STR); $query->bindValue(':name', $name, PDO::PARAM_STR); $query->bindValue(':email', $email, PDO::PARAM_STR); $query->bindValue(':encrypted_password', $encrypted_password, PDO::PARAM_STR); // $query->bindValue(':salt', $salt, PDO::PARAM_STR); $query->bindValue(':regday', $regday, PDO::PARAM_STR); $query->bindValue(':type_user', $type_user, PDO::PARAM_STR); $query->execute(); // check for successful store if ($query->execute()) { echo $query->rowCount(); echo '<br>'; $result = $query->fetchAll(); print_r($result); // get user details $uid = $db->lastInsertId(); // last inserted id $query = $db->prepare("SELECT * FROM fss_users WHERE unique_id = :uid"); $query->bindValue(':uid', $uid, PDO::PARAM_STR); $query->execute(); //Message $message = "Bienvenue sur FSS Votre inscription a ete accepte pseudo = {$email} mot de passe = {$password} !"; //Titre $titre = "Bienvenue sur FSS !"; mail($email, $titre, $message); // Mail to the new user // return user details //return $query->fetchAll(); echo 'it\'s good'; echo '<br>'; } else { echo 'error'; echo '<br>'; //return $false; } }
$query = mysqli_query($link, "Select * from users"); //Query the users table while ($row = mysqli_fetch_array($query)) { $table_users = $row['username']; // the first username row is passed on to $table_users, and so on until the query is finished if ($email == $table_users) { $bool = false; // sets bool to false print '<script>alert("This email is already registered with us!");</script>'; //Prompts the user print '<script>window.location.assign("register");</script>'; // redirects to register.php } } if ($bool) { $hash = hashSSHA($pwd); $encrypted_password = $hash["encrypted"]; // encrypted password $salt = $hash["salt"]; mysqli_query($link, "INSERT INTO users (uuid,fname, lname, password, salt, email, mobile, address) VALUES ('{$uuid}','{$fname}','{$lname}','{$encrypted_password}','{$salt}','{$email}','{$cnum}','{$address}')"); //Inserts the value to table count if (mysqli_affected_rows($link) == 1) { $message = "Register Successfull"; header("location: index.php"); } else { $bool = false; // sets bool to false header("location: register.php"); } } }
function ChangePasswordUtility($email, $newPassword, $table) { $resp = "-1"; try { // for encrypting the password thing $hash = hashSSHA($newPassword); $encryptedPwd = $hash["encrypted"]; // encrypted password $salt = $hash["salt"]; // salt $query = "update " . $table . " set " . $table . "Pwd='{$encryptedPwd}', Salt='{$salt}' where " . $table . "Email='{$email}'"; $rs = mysql_query($query); if (!$rs) { $resp = "-1"; } else { $resp = "1"; } return $resp; } catch (Exception $e) { $resp = "-1"; return $resp; } }
function UpdatePasswordUtility($email, $newPwd, $table, $emailCol, $pwdCol) { $resp = "-1"; try { if (IsAlreadySignedup($email, $table) != "") { // get the encrpyted password here and insert into the database. for encrypting the password thing $hash = hashSSHA($newPwd); $encryptedPwd = $hash["encrypted"]; // encrypted password $salt = $hash["salt"]; // salt $query = "update " . $table . " set " . $pwdCol . "='{$encryptedPwd}', Salt='{$salt}' where " . $emailCol . "='{$email}'"; $rs = mysql_query($query); if (!$rs) { $resp = "-1"; } else { $resp = "1"; } } else { // user has not signed up yet! $resp = "2"; } return $resp; } catch (Exception $e) { $resp = "-1"; return $resp; } }
function chpassword($pdo) { if (!empty($_POST['npass']) && !empty($_POST['cpass'])) { $sql = "select salt,password from user where id=:userId"; $stmt = $pdo->prepare($sql); $stmt->bindvalue(':userId', $_SESSION['userId'], PDO::PARAM_INT); $stmt->execute(); if ($stmt->rowCount()) { $user = $stmt->fetch(PDO::FETCH_ASSOC); $salt = $user['salt']; $encPassword = $user['password']; if (checkhashSSHA($salt, $_POST['cpass']) == $encPassword) { $nps = preg_replace('/\\s*/', '', $_POST['npass']); $nps = preg_replace('/\\/*/', '', $nps); if (mb_strlen($nps, 'UTF-8') >= 8) { $password = hashSSHA($_POST['npass']); $sql = "update user set salt=:s,password=:p"; $stmt = $pdo->prepare($sql); $stmt->bindvalue(':s', $password['salt'], PDO::PARAM_STR); $stmt->bindvalue(':p', $password['encrypted'], PDO::PARAM_STR); $stmt->execute(); } } } } redirect(BASE_PATH . '/me', 1); }
* returns salt and encrypted password */ function hashSSHA($password) { $salt = sha1(rand()); $salt = substr($salt, 0, 10); $encrypted = base64_encode(sha1($password . $salt, true) . $salt); $hash = array("salt" => $salt, "encrypted" => $encrypted); return $hash; } include "connect.php"; $username = $_REQUEST["username"]; $password = $_REQUEST["password"]; $createdon = date("Y-m-d H:m:i"); $request_type = $_REQUEST["request_type"]; $salt = hashSSHA($password); switch ($request_type) { case 'save_user': $sql = "INSERT INTO users(username, password, salt, created) VALUES ('{$username}','" . $salt["encrypted"] . "','" . $salt["salt"] . "','{$createdon}')"; $result = mysqli_query($link, $sql); if ($result) { echo json_encode(array("result" => true, "msg" => "User register successfuly")); } else { echo json_encode(array("result" => false, "msg" => "Error.")); } break; case 'list_student': $data = array(); $sql = "SELECT *,id idstudent FROM student"; $result = mysqli_query($link, $sql); while ($Estudiante = mysqli_fetch_assoc($result)) {
$result = mysqli_query($conn, $command); $rowcount = mysqli_num_rows($result); if ($rowcount > 0) { session_start(); $_SESSION['name'] = "existed"; header('Location:http://localhost:90/econvoy/'); } elseif ($password != $cpassword) { session_start(); $_SESSION['name'] = "mismatch"; header('Location:http://localhost:90/econvoy/registration.php'); } else { $password = $_POST['password']; $name = $_POST['name']; $type = $_POST['group1']; $uuid = uniqid('', true); $hash = hashSSHA($password); $encrypted_password = $hash["encrypted"]; // encrypted password $salt = $hash["salt"]; // salt $query = "INSERT INTO users(unique_id, name, email, type, encrypt_paswd, salt, created_at, Status) VALUES ('{$uuid}', '{$name}', '{$email}', '{$type}', '{$encrypted_password}' , '{$salt}', NOW() , 'NO')"; $result = mysqli_query($conn, $query); // check for successful store if ($result) { // get user details $uid = mysqli_insert_id($conn); // last inserted id $query = "SELECT * FROM users WHERE uid = '{$uid}'"; $result = mysqli_query($conn, $query); session_start(); $_SESSION['name'] = $name;
function forget_password($data) { $emailid = mysql_real_escape_string($data->email); if (!empty($emailid)) { $data = mysql_query("select * from users where email='" . $emailid . "'"); if (mysql_num_rows($data) > 0) { $uuid = mysql_real_escape_string($data->unique_id); $newpassword = mysql_real_escape_string($data->newpassword); $repeatpassword = mysql_real_escape_string($data->repeatpassword); if ($newpassword == $repeatpassword) { $hash = hashSSHA($newpassword); $encrypted_password = $hash["encrypted"]; // encrypted password $salt = $hash["salt"]; // salt $update = mysql_query("update users set `encrypted_password`='" . $encrypted_password . "', `salt`='" . $salt . "' where unique_id='" . $uuid . "'"); return array("unique_id" => $uuid, "msg" => "Update Successfully", "status" => "success"); } else { return array("msg" => "New password and repeat password must be same", "status" => "failure"); } } else { return array("msg" => "Email id is not exist", "status" => "failure"); } } else { return array("msg" => "Enter your email id", "status" => "failure"); } }
/** * Save new password in the database */ function saveNewPassword($email, $new_password, $db) { $result = $db->query("SELECT * FROM users WHERE email = '{$email}'"); // check for result if ($result->num_rows > 0) { //Save new password in the database $hash = hashSSHA($new_password); $encrypted_new_password = $hash["encrypted"]; $new_salt = $hash["salt"]; $sql = "UPDATE users SET encrypted_password = '******', salt = '{$new_salt}'\n\t WHERE email = '{$email}' "; // check for successful store if ($db->query($sql) === TRUE) { return true; } else { return false; } } else { return false; } }