define('DB_NAME', 'toyboxdb');
define('DB_USER', 'it210');
define('DB_PASSWORD', 'it210');
$con = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD) or die("Failed to connect to mysql: " . mysql_error());
$db = mysql_select_db(DB_NAME, $con) or die("Failed to connect to mysql: " . mysql_error());
echo "SUCCESSFULLY<br>";
echo "value: " . $_POST['user'];
/*
$ID = $_POST['user'];
$password = $_POST[pass];
*/
function signIn()
{
session_start();
//starting the session for the user profile page
if (!empty($_POST['user'])) {
echo "lol";
$query = mysql_query("select * from account where username='******'user']}' and password='******'pass']}'") or die(mysql_error());
$row = mysql_fetch_array($query) or die(mysql_error());
if (!empty($row['account']) and !empty($row['pass'])) {
$_SESSION['account'] = $row['pass'];
echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";
} else {
echo "SORRY... YOU ENTERED WRONG ID AND PASSWORD.. PLEASE RETRY";
}
}
}
if (isset($_POST['submit'])) {
echo "has val: ";
signIn();
}
$_SESSION['login'] = true;
return true;
}
}
$_SESSION['login'] = false;
session_destroy();
return false;
}
function signOut()
{
//Save stuff here
$_SESSION = null;
session_destroy();
}
if (!$_SESSION['login']) {
if (signIn($_POST)) {
$pwd = shell_exec('pwd');
$cmd = "bash " . trim($pwd) . "/setChannel.sh";
$channel = shell_exec($cmd);
$_SESSION['wifi_channel'] = $channel;
$ssid = shell_exec("cat /etc/hostapd.conf | grep ssid= | grep -v _ssid | cut -f 2 -d '='");
$mac = shell_exec("/sbin/ifconfig -a nap | grep HWaddr | awk '{print \$5}' | sed 's/://g'");
if (empty($mac)) {
$mac = shell_exec("/sbin/ifconfig -a eth0 | grep HWaddr | awk '{print \$5}' | sed 's/://g'");
}
$_SESSION['ap_ssid'] = $ssid;
$_SESSION['device_mac'] = strtoupper($mac);
}
}
if ($_POST['signout']) {
signOut();
$xmlRoot->appendChild(tallyVotes($dbconn, $xmlDoc, $_REQUEST['post_id']));
break;
case "checkForUserVote":
$xmlRoot->appendChild(checkForUserVote($dbconn, $xmlDoc, $_REQUEST['post_id'], $_REQUEST['user_id']));
break;
case "addComment":
$xmlRoot->appendChild(addComment($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['post_id'], $_REQUEST['comment']));
break;
case "getComments":
$xmlRoot->appendChild(getComments($dbconn, $xmlDoc, $_REQUEST['post_id']));
break;
case "addNewUser":
$xmlRoot->appendChild(addNewUser($dbconn, $xmlDoc, $_REQUEST['username'], $_REQUEST['password'], $_REQUEST['email']));
break;
case "signIn":
$xmlRoot->appendChild(signIn($dbconn, $xmlDoc, $_REQUEST['username'], $_REQUEST['password']));
break;
case "getConnections":
$xmlRoot->appendChild(getConnections($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['module_type']));
break;
case "logs":
$xmlRoot->appendChild(getLogs($dbconn, $xmlDoc, $_REQUEST['user_id']));
break;
case "getPlayerData":
$xmlRoot->appendChild(getPlayerData($dbconn, $xmlDoc, $_REQUEST['ign'], $_REQUEST['token']));
break;
case "getUser":
$xmlRoot->appendChild(getUser($dbconn, $xmlDoc, $_REQUEST['user_id']));
break;
case "load_redstone_controls":
$xmlRoot->appendChild(loadRedstoneControls($dbconn, $xmlDoc, $_REQUEST['user_id']));
if ($loginType === 'normal') {
normalLogin($_POST);
} else {
if ($loginType === 'fblogin') {
fbLogin($_POST);
}
}
exit;
}
/*
==========================================
AJAX -> Signin
==========================================
*/
if (Tools::isSubmit('signin')) {
signIn($_POST);
}
/*
==========================================
AJAX -> FB LOGIN
==========================================
*/
function fbLogin($POSTdata)
{
$uname = null;
$upass = null;
$uid = null;
$error = array();
/*
==========================
1° step : get/validate data
$creditCardId = NULL;
// User can configure credit card info later from the
// profile page or can use paypal as his funding source.
if (trim($_POST['user']['credit_card']['number']) != "") {
$creditCardId = saveCard($_POST['user']['credit_card']);
}
$userId = addUser($_POST['user']['email'], $_POST['user']['password'], $creditCardId);
} catch (PPConnectionException $ex) {
$errorMessage = $ex->getData() != '' ? parseApiError($ex->getData()) : $ex->getMessage();
} catch (Exception $ex) {
$errorMessage = $ex->getMessage();
}
}
}
if (isset($userId) && $userId != false) {
signIn($_POST['user']['email']);
header("Location: ../index.php");
exit;
}
}
?>
<!DOCTYPE html>
<html lang='en'>
<head>
<meta charset='utf-8'>
<meta content='IE=Edge,chrome=1' http-equiv='X-UA-Compatible'>
<meta content='width=device-width, initial-scale=1.0' name='viewport'>
<title>PizzaShop</title>
<!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
<!--[if lt IE 9]>
<script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.6.1/html5shiv.js" type="text/javascript"></script>
}
} else {
$returnData = array('error' => 'no-more');
}
echo json_encode($returnData);
}
function signIn($username, $password)
{
$returnData = array('error' => 'no-error');
$query = "SELECT * from user where username = '******';";
$result = mysql_query($query);
if (mysql_num_rows($result) == 0) {
$returnData['error'] = 'no-user';
} else {
$query = "SELECT * from user where username = '******' AND password = '******';";
$result = mysql_query($query);
if (mysql_num_rows($result) == 0) {
$returnData['error'] = 'wrong-password';
} else {
$returnData['username'] = $username;
}
}
echo json_encode($returnData);
}
if ($_GET['type'] == 'signup') {
signUp($_GET['username'], $_GET['password']);
} else {
if ($_GET['type'] == 'sign-in') {
signIn($_GET['username'], $_GET['password']);
}
}
}
// Verify connection with database
if (mysqli_connect_errno()) {
fancydie("Couldn't connect to the database. Reason: " . mysqli_connect_error());
}
$user = urldecode($_GET['user']);
$result = mysqli_query($con, "SELECT * FROM students WHERE fullname = '{$user}'");
$row = mysqli_fetch_array($result);
$ID = $row['id'];
$active = $row['active'];
$totaltime = $row['totaltime'];
$name = $row['name'];
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case 'login':
signIn($ID);
die;
case 'logout':
signOut($ID);
die;
case 'flogout':
select();
die;
default:
die;
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<?php
require './post.php';
$id = $loginUser;
if (!$id) {
returnError('гКох╣гб╪');
return;
}
signIn($id);
<?php
require "includes/mysql_database_connection.php";
require "includes/login_function.php";
require "includes/util.php";
require "includes/session.php";
redirectToHTTPS();
if (isset($_SESSION['username'])) {
redirect_to("userHome");
} else {
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$loginResponse = signIn($username, $password);
unset($_SESSION['firstSignIn']);
unset($_SESSION['forgotPW']);
} else {
$username = "";
$password = "";
}
}
?>
<script type="text/javascript" language="javascript" src="js/login.js">
</script>
<html>
<head>
<?php
require_once 'connection.php';
$username = $_POST['user'];
$password = $_POST['pass'];
$name = $_POST['name'];
$id = $_POST['id'];
$module_type = $_POST['module_type'];
$name = htmlspecialchars($name);
$username = htmlspecialchars($username);
$module_type = htmlspecialchars($module_type);
signIn($username, $password, $name, $dbConn, $id, $module_type);
function signIn($username, $password, $name, $dbConn, $id, $module_type)
{
// never trust data coming from lua
$username = htmlspecialchars($username);
$password = htmlspecialchars($password);
$name = htmlspecialchars($name);
$id = htmlspecialchars($id);
$module_type = htmlspecialchars($module_type);
// hash is created in the lua now
// $salt = '';
// $query = "select salt from users where username = '******';";
// $result = mysql_query($query);
// $row = mysql_fetch_array($result, MYSQL_ASSOC);
// $salt = $row['salt'];
// $hash = sha1($salt.$password);
$query2 = "select user_id from users where username = '******' AND password = '******';";
$result2 = mysql_query($query2);
$row2 = mysql_fetch_array($result2, MYSQL_ASSOC);
if ($row2['user_id'] != '') {
<?php
//Database Connectivity
include_once "dbinfo.inc.oop.php";
session_start();
$email = $_POST['email'];
$pass = $_POST['password'];
$remember = $_POST['remember'];
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
header('Location: index.php?logerr=2');
}
$result = signIn($email, $pass);
if ($result > 0) {
if ($remember == "on") {
setcookie("fbmail", $email);
setcookie("fbpass", $pass);
}
$user_details = getUserDetails($result);
$user = mysqli_fetch_array($user_details);
$_SESSION['umail'] = $user['user_email'];
header('Location: myprofile.php');
} else {
header('Location: index.php?logerr=1');
}
<?php
include "../universal/config.php";
//---sendValidation---//
if (isset($_POST["sendValidation"])) {
include "sendValidation.php";
$result = sendValidation($_POST["email"]);
echo $result;
} elseif (isset($_POST["signUp"])) {
include "signUp.php";
$result = signUp($_POST["key"], $_POST["email"], $_POST["username"], $_POST["password"]);
echo $result;
} elseif (isset($_POST["signIn"])) {
include "signIn.php";
$result = signIn($_POST["email"], $_POST["password"], $_POST["remember"]);
echo $result;
} elseif (isset($_POST["resetValidation"])) {
include "resetValidation.php";
$result = resetValidation($_POST["email"]);
echo $result;
} elseif (isset($_POST["resetPassword"])) {
include "resetPassword.php";
$result = resetPassword($_POST["key"], $_POST["email"], $_POST["password"]);
echo $result;
} elseif (isset($_POST["signOut"])) {
include "signOut.php";
$result = signOut();
echo $result;
}
</body>
</html>
<?php
} else {
if ($_POST['username'] == '' or $_POST['password'] == '') {
error('One or more required fields were left blank.\\n' . 'Please fill them in and try again.');
}
$token = $_POST['csrf_token'];
$success = checkToken($token);
if ($success) {
$success = signIn($_POST['username'], $_POST['password']);
if ($success) {
header("Location:" . "webbshop.php");
die;
}
}
if (!$success) {
$_SESSION['login'] = FALSE;
header("Location:" . "index.php");
die;
}
}
}
?>
<?php include 'DBO.php'; $connection = connectToDatabase(); $email = $_GET["email"]; $pass = $_GET["password"]; $return = signIn($connection, $email, $pass); session_start(); $_SESSION["UNO"] = $return["UNO"]; echo json_encode($return);
