/**
* @param $token string Unique session key
* @param string $uas
* @return bool if session key exists and matches the given user_agent
*/
public static function check($token, $uas = null)
{
$token = Helper::word($token);
$user_agent_string = $uas;
//$user_agent_string = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
return DBWorker::lookup('SELECT * FROM session WHERE token = "' . $token . '" AND user_agent_string = :user_agent_string', ':user_agent_string', $user_agent_string);
}
private function checkPhone()
{
if (Helper::validatePhone(trim($this->phone)) === false) {
User::addError('phone', 'Please enter a valid phone number');
} elseif (DBWorker::lookup('SELECT * FROM users WHERE phone = :phone', ':phone', Helper::filterPhone($this->phone)) === true) {
User::addError('phone', 'Number already exists');
}
}
<?php
/**
* Created by JetBrains PhpStorm.
* User: Peter
* Date: 8/9/15
* Time: 11:13 PM
* To change this template use File | Settings | File Templates.
*/
require_once "auth.inc.php";
require_once "includes/database/DBWorker.php";
$day = !empty($_GET['app']) ? intval($_GET['app']) : 0;
$apps = null;
$lower_limit = strtotime('midnight today', $day);
$upper_limit = $lower_limit + 86400;
$app_to_delete = !empty($_GET['h']) ? $_GET['h'] : null;
if ($app_to_delete) {
DBWorker::lookup('DELETE FROM apps WHERE id = :id', ':id', $app_to_delete);
}
$get_apps_today = "SELECT * FROM apps WHERE app_date >= {$lower_limit} AND app_date <= {$upper_limit}";
$apps = DBWorker::getRows($get_apps_today);
//echo '<pre>', print_r($apps), '</pre>';
* To change this template use File | Settings | File Templates.
*/
require_once "/../utils/helper.class.php";
require_once "/../database/DBWorker.php";
$error = '';
$resend = true;
$info = '';
$append = 'lang=en&hl=zw&key=' . rand(12000, 40000);
if (isset($_GET['u']) && isset($_GET['key'])) {
$user_id = Helper::trimString(trim($_GET['u']));
$key = Helper::trimString(trim($_GET['key']));
$key = Helper::word($key);
if (DBWorker::confirm($user_id, $key) === true) {
header('Location: ../user/login.php?key=' . $key . '&u=' . $username . '&lang=en&hl=zw&key=201235');
} else {
if (DBWorker::lookup('SELECT * FROM users WHERE user_id = :user_id AND active = 1', ':user_id', $user_id) == true) {
$error = 'Account already activated. Please <a href="../user/login.php?' . $append . '">login</a> to access your panel';
$resend = false;
} else {
$error = 'Invalid activation key please enter your email to get your key';
}
}
}
if (isset($_POST['email'])) {
$email = trim($_POST['email']);
if (strlen($email) < 6 || strlen($email) > 32 || preg_match('/[^a-zA-Z0-9_@\\.]/', $email)) {
$error = 'Invalid email';
} else {
$user = DBWorker::getRow('SELECT * FROM users WHERE email = :email AND active = 0', ':email', Helper::filterEmail($email));
if ($user !== false) {
$uid = filter_var($user['user_id'], FILTER_SANITIZE_STRING);
