protected function renderContent()
{
if (!user()->isGuest) {
$model = new UserChangePassForm();
// if it is ajax validation request
if (isset($_POST['ajax']) && $_POST['ajax'] === 'userchangepass-form') {
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if (isset($_POST['UserChangePassForm'])) {
$model->attributes = $_POST['UserChangePassForm'];
// validate user input password
if ($model->validate()) {
$u = User::model()->findbyPk(user()->id);
if ($u !== null) {
$u->password = PassHash::hash($model->new_password_1);
if ($u->save()) {
user()->setFlash('success', t('cms', 'Changed Password Successfully!'));
}
}
$model = new UserChangePassForm();
}
}
$this->render('cmswidgets.views.user.user_change_pass_widget', array('model' => $model));
} else {
Yii::app()->request->redirect(user()->returnUrl);
}
}
/**
* Creating new user via Email
* @param String $name User full name
* @param String $password User login password
*/
public function createUserByUsernameAndPassword($name, $password)
{
require_once 'PassHash.php';
$response = array();
// First check if user already existed in db
if (!$this->userExistsByEmail($email)) {
// Generating password hash
$password_hash = PassHash::hash($password);
// here you would generate other user's properties, like alias
// default avatar, api_key for authentication, and insert it in the DB.
$usercreationsucceed = true;
// Check for successful insertion
if ($usercreationsucceed) {
// User successfully inserted
// here you should return USER_CREATED_SUCCESSFULLY;
return "user created with name: " . $name . ", password: " . $password;
} else {
// Failed to create user
return USER_CREATION_FAILED;
}
} else {
// User with same email already existed in the db
return USER_ALREADY_EXISTED;
}
return $response;
}
/**
* Creating new user
* @param String $name User full name
* @param String $email User login email id
* @param String $password User login password
*/
public function createUser($name, $email, $password)
{
require_once 'PassHash.php';
$response = array();
// First check if user already existed in db
if (!$this->isUserExists($email)) {
// Generating password hash
$password_hash = PassHash::hash($password);
// Generating API key
$api_key = $this->generateApiKey();
// insert query
$stmt = $this->conn->prepare("INSERT INTO users(name, email, password_hash, api_key, status) values(?, ?, ?, ?, 1)");
$stmt->bind_param("ssss", $name, $email, $password_hash, $api_key);
$result = $stmt->execute();
$stmt->close();
// Check for successful insertion
if ($result) {
// User successfully inserted
return USER_CREATED_SUCCESSFULLY;
} else {
// Failed to create user
return USER_CREATE_FAILED;
}
} else {
// User with same email already existed in the db
return USER_ALREADY_EXISTED;
}
return $response;
}
/**
* Creating new user
* @param String $name User full name
* @param String $email User login email id
* @param String $password User login password
*/
public function createUser($name, $email, $password, $comp)
{
require_once 'PassHash.php';
$response = array();
// First check if user already existed in db
if (!$this->isUserExists($email)) {
// Generating password hash
$password_hash = PassHash::hash($password);
// Generating API key
$api_key = $this->generateApiKey();
// insert query
$stmt = $this->conn->prepare("INSERT INTO il_user(name, email, password_hash, api_key, status,il_company_acc) values(?, ?, ?, ?, 1,?)");
$stmt->bind_param("sssss", $name, $email, $password_hash, $api_key, $comp);
$result = $stmt->execute();
$stmt->close();
// Check for successful insertion
if ($result) {
// User successfully inserted
return $result;
} else {
// Failed to create user
return 0;
}
} else {
// User with same email already existed in the db
return 2;
}
return $response;
}
public function registerAppUser($params)
{
require_once 'PassHash.php';
$name = $params['name'];
$email = $params['email'];
$gcm_registration_id = $params['gcm_registration_id'];
$password = $params['password'];
$notify_app_status = $params['notify_app_status'];
$send_email_status = $params['send_email_status'];
$response = array();
// First check if user already existed in db
if (!$this->isUserExists($email)) {
// Generating password hash
$password_hash = PassHash::hash($password);
// Generating API key
$api_key = $this->generateApiKey();
// insert query
$stmt = $this->conn->prepare("INSERT INTO app_users (name, email, password_hash, api_key, app_notify_status, send_email_status, gcm_registration_id, edited_at) values(?, ?, ?, ?, ?, ?, ?, date('Y-m-d H:i:s'))");
$stmt->bind_param("ssssiis", $name, $email, $password_hash, $api_key, $notify_app_status, $send_email_status, $gcm_registration_id);
$result = $stmt->execute();
$stmt->close();
// Check for successful insertion
if ($result) {
return USER_CREATED_SUCCESSFULLY;
} else {
return USER_CREATE_FAILED;
}
} else {
return USER_ALREADY_EXISTED;
}
return $response;
}
/**
* Creating new user
* @param String $name User full name
* @param String $email User login email id
* @param String $password User login password
*/
public function createUser($name, $email, $password, $gender)
{
require_once 'PassHash.php';
// First check if user already existed in db
if (!$this->isUserExists($email)) {
// Generating password hash
$password_hash = PassHash::hash($password);
// Generating API key
$api_key = $this->generateApiKey();
// insert query
$stmt = $this->conn->prepare('INSERT INTO `users`(`name`, `email`, `gender`, `password_hash`, `key`)
VALUES(:name, :email, :gender, :password_hash, :key)');
$stmt->execute(array('name' => $name, 'email' => $email, 'gender' => $gender, 'password_hash' => $password_hash, 'key' => $api_key));
// Check for successful insertion
if ($stmt->rowCount() > 0) {
// User successfully inserted
return USER_CREATED_SUCCESSFULLY;
} else {
// Failed to create user
return USER_CREATE_FAILED;
}
} else {
// User with same email already existed in the db
return USER_ALREADY_EXISTED;
}
}
protected function renderContent()
{
$user_id = isset($_GET['id']) ? (int) $_GET['id'] : 0;
if ($user_id !== 0) {
$model = User::model()->findbyPk($user_id);
$old_pass = (string) $model->password;
// if it is ajax validation request
if (isset($_POST['ajax']) && $_POST['ajax'] === 'userupdate-form') {
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if (isset($_POST['User'])) {
$model->attributes = $_POST['User'];
if ($model->password != $old_pass) {
$model->password = PassHash::hash($model->password);
}
$model->scenario = 'update';
if ($model->save()) {
user()->setFlash('success', t('cms', 'Updated Successfully!'));
}
}
$this->render('cmswidgets.views.user.user_update_widget', array('model' => $model));
} else {
throw new CHttpException(404, t('cms', 'The requested page does not exist.'));
}
}
/**
* Inserir o usuário.
* @param type $usuario
*/
public function inserirUsuario($usuario, $tipoUsuario)
{
//caso usuário não seja criado o valor 0 será atribuído
$cdUsuario = ID_NAO_RETORNADO;
if (!$this->ehUsuarioExistente($usuario->login)) {
// Caso o usuário não exista será construída o Insert na tb_usuario.
$stmt = $this->conn->prepare("INSERT INTO tb_usuario(nm_login, " . "nm_senha, nm_apikey, nm_usuario, dt_nascimento," . " nm_sexo, cd_tipousuario, fl_ativo)" . " values(?, ?, ?, ?, ?, ?, " . $tipoUsuario . ", " . USUARIO_ATIVO . ")");
$nascimento = $data = implode("-", array_reverse(explode("/", $usuario->nascimento)));
$sexo = strtoupper($usuario->sexo);
$passwordHash = PassHash::hash($usuario->senha);
$apiKey = $this->gerarApiKey();
// Parâmetros: tipos das entradas, entradas.
$stmt->bind_param("ssssss", $usuario->login, $passwordHash, $apiKey, $usuario->nome, $nascimento, $sexo);
// Executar a consulta.
$result = $stmt->execute();
if ($result) {
$cdUsuario = $stmt->insert_id;
}
$stmt->close();
} else {
// Código para usuário já existente.
$cdUsuario = USUARIO_EXISTENTE;
}
return $cdUsuario;
}
public function createUser($firstName, $secondName, $userName, $eMail, $birthDate, $sex, $password)
{
require_once 'PassHash.php';
$response = array();
// First check if user already existed in db
if (!$this->isUserExists($userName)) {
// Generating password hash
$password_hash = PassHash::hash($password);
// Generating API key
$api_key = $this->generateApiKey();
// insert query
$stmt = $this->conn->prepare("INSERT INTO users(first_name, second_name, user_name, email, password_hash, api_key, birthdate, sex) \n \t\tvalues(?, ?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param("sssssssi", $firstName, $secondName, $userName, $eMail, $password_hash, $api_key, $birthDate, $sex);
$result = $stmt->execute();
$stmt->close();
// Check for successful insertion
if ($result) {
// User successfully inserted
$response['message'] = USER_CREATED_SUCCESSFULLY;
$response['api_key'] = $api_key;
} else {
// Failed to create user
$response['message'] = USER_CREATE_FAILED;
$response['api_key'] = 'no key';
}
} else {
// User with same username already existed in the db
$response['message'] = USER_ALREADY_EXIST;
$response['api_key'] = 'no key';
}
return $response;
}
/**
* Creating new user
* @param String $name User full name
* @param String $email User login email id
* @param String $password User login password
*/
public static function createUser($objUser)
{
if (User::where('email', $objUser['email'])->count() == 0) {
$user = User::create(array('username' => $objUser['username'], 'password' => PassHash::hash($objUser['password']), 'email' => $objUser['email'], 'type' => 2, 'startDate' => date('Y-m-d'), 'lastLogin' => date('Y-m-d'), 'apiKey' => $this->generateApiKey()));
$result = $user->save();
//= 1 success
if ($result) {
return USER_CREATED_SUCCESSFULLY;
} else {
return USER_CREATE_FAILED;
}
} else {
return USER_ALREADY_EXISTED;
}
}
/**
* Update the specified resource in storage.
*
* @param Request $request
* @param int $id
* @return Response
*/
public function update(Request $request, $id)
{
//
$user = User::find($id);
if ($user) {
if ($request->get('password')) {
$user->pass_hash = PassHash::hash($request->get('password'));
}
if ($request->get('email')) {
$user->email = $request->get('email');
}
if ($request->get('sdt')) {
$user->sdt = $request->get('sdt');
}
$user->save();
return response()->json(array('error' => false, 'message' => 'User Updated'));
} else {
return response()->json(array('error' => true, 'message' => 'User Not Found'));
}
}
public function createUser($login, $password)
{
require_once 'PassHash.php';
$response = array();
if (!$this->isUserExists($login)) {
$password_hash = PassHash::hash($password);
$user_key = $this->generateApiKey();
$money = 0;
$stmt = $this->conn->prepare("INSERT INTO profile(login, password, money, user_key) values(?, ?, ?, ?)");
$stmt->bind_param("ssis", $login, $password_hash, $money, $user_key);
$result = $stmt->execute();
$stmt->close();
if ($result) {
return USER_CREATED_SUCCESSFULLY;
} else {
return USER_CREATE_FAILED;
}
} else {
return USER_ALREADY_EXISTED;
}
return $response;
}
public function createUser($user)
{
require_once 'PassHash.php';
$username = $user['username'];
$email = $user['email'];
$password = $user['password'];
// Generating password hash
$password_hash = PassHash::hash($password);
// insert query
$stmt = $this->conn->prepare("INSERT INTO users(username, email, password_hash) values(?, ?, ?)");
$stmt->bind_param("sss", $username, $email, $password_hash);
$result = $stmt->execute();
$stmt->close();
// Check for successful insertion
if ($result) {
// User successfully inserted
return USER_CREATED_SUCCESSFULLY;
} else {
// Failed to create user
return USER_CREATE_FAILED;
}
}
public function createUser($first_name, $last_name, $email, $user_name, $password)
{
//Get pass hash script
require_once 'PassHash.php';
//create an array for response return
$response = array();
//First check to see if user already exists (via email)
if (!$this->isUserExists($email)) {
//user account does not exist - create it
//Make a hashed password based on user inputted password
$password_hash = PassHash::hash($password);
//make user activation code
$active = md5(uniqid(rand(), true));
//prepare insert statement
$stmt = $this->conn->prepare("INSERT INTO user \n (first_name, last_name, email, user_name, password, date_expires, active)\n VALUES (:fname, :lname, :email, :uname, :password, SUBDATE(NOW(), INTERVAL 1 DAY), :active)");
$stmt->bindValue(':email', $email, PDO::PARAM_STR);
$stmt->bindValue(':password', $password_hash, PDO::PARAM_STR);
$stmt->bindValue(':fname', $first_name, PDO::PARAM_STR);
$stmt->bindValue(':lname', $last_name, PDO::PARAM_STR);
$stmt->bindValue(':uname', $user_name, PDO::PARAM_STR);
$stmt->bindValue(':active', $active, PDO::PARAM_STR);
$result = $stmt->execute();
//check for success|failure
if ($result) {
//success
$response['message'] = 'USER_SUCCESSFULLY_CREATED';
$response['active'] = $active;
} else {
//failure
$response['message'] = 'USER_CREATE_FAILED';
}
} else {
//user account already exists - return message
$response['message'] = 'USER_ALREADY_EXISTS';
}
//RETURN FINAL RESPONSE
return $response;
}
public function createUser($name, $email, $password)
{
require_once 'PassHash.php';
$response = [];
// check if user email alrready exists
if ($this->isUserExists($email)) {
return USER_ALREADY_EXISTED;
} else {
// generate password hash
$password_hash = PassHash::hash($password);
// generate api key
$api_key = $this->generateApiKey();
// insert query
$stmt = $this->conn->prepare("INSERT INTO user_regular \n (name, email, password_hash, api_key)\n VALUES (?, ?, ?, ?);");
$stmt->bind_param("ssss", $name, $email, $password_hash, $api_key);
$result = $stmt->execute();
if ($result) {
return USER_CREATED_SUCCESSFULLY;
} else {
return USER_CREATED_FAILED;
}
}
return $response;
}
public function createUser($name, $email, $password)
{
require_once 'PassHash.php';
$response = array();
// Usuário existente
if (!$this->isUserExists($email)) {
// hash senha
$password_hash = PassHash::hash($password);
// gera api
$api_key = $this->generateApiKey();
$stmt = $this->conn->prepare("INSERT INTO users(name, email, password_hash, api_key, status) values(?, ?, ?, ?, 1)");
$stmt->bind_param("ssss", $name, $email, $password_hash, $api_key);
$result = $stmt->execute();
$stmt->close();
if ($result) {
return USER_CREATED_SUCCESSFULLY;
} else {
return USER_CREATE_FAILED;
}
} else {
return USER_ALREADY_EXISTED;
}
return $response;
}
<?php
include 'inc/class.PassHash.inc.php';
include 'inc/class.db_connect.inc.php';
$checkedFormsFields = checkFormField::cleanFormField($_POST);
DB_Connect::test();
if (isset($checkedFormsFields['save'])) {
$today = date("Ymd");
$query = 'insert into users (username, pass, name, firstName, lastName, regDate) values ("' . $checkedFormsFields['username'] . '", "' . PassHash::hash($checkedFormsFields['password']) . '", "' . $checkedFormsFields['name'] . '", "' . $checkedFormsFields['firstName'] . '", "' . $checkedFormsFields['lastName'] . '", "' . $today . '")';
$result = DB_Connect::query($query);
if ($result == 1) {
header('Location: index.php');
}
} else {
$query = 'select * from users where username = "******"';
$result = DB_Connect::query($query);
$fila = mysql_fetch_assoc($result);
if ($checkedFormsFields['validateUsername']) {
echo json_encode($fila);
} else {
if (PassHash::check_password($fila["pass"], $checkedFormsFields['password'])) {
header('Location: success.php');
}
}
}
/**
* Creacion de nuevo usuario
* @param String $nombre nombre de usuario
* @param String $correo correo de usuario
* @param String $password contraseña de usuario
* @param String $carrera carrera del usuario
*/
public function crearUsuario($nombre, $correo, $password, $carrera)
{
require_once 'PassHash.php';
$response = array();
// Vemos si el usuario existe o no
if (!$this->isUserExists($correo)) {
// Generamos el hash del password
$password_hash = PassHash::hash($password);
// Generamos la API key
$api_key = $this->generarApiKey();
//Obtenemos el id de la Carrera
$carrera_user = $this->getCarreraByNombre($carrera);
// Query de Insert
$stmt = $this->conn->prepare("INSERT INTO Usuario(Nombre, Correo, Password, ApiKey, Status, Carrera_id) values(?, ?, ?, ?, 1, ?)");
$stmt->bind_param("sssss", $nombre, $correo, $password_hash, $api_key, $carrera_user);
$result = $stmt->execute();
$stmt->close();
// Vemoso si se hizo correctamente la insercion
if ($result) {
// Creado
return USER_CREATED_SUCCESSFULLY;
} else {
// Fallido
return USER_CREATE_FAILED;
}
} else {
// El usuario ya existe
return USER_ALREADY_EXISTED;
}
return $response;
}
}
if ($query->count("*") > 0) {
echo json_encode($result);
} else {
echo json_encode(array("status" => false, "message" => "cannot find your keyword {$key}"));
}
});
/* registation (admin restoran)*/
$app->post('/admin_restoran', function () use($app, $db) {
require_once 'libs/PassHash.php';
verifyRequiredParams(array('restoran_id', 'admin_username', 'admin_email', 'admin_password'));
$restoran_id = $app->request->post('restoran_id');
$admin_username = $app->request->post('admin_username');
$admin_email = $app->request->post('admin_email');
$admin_password = $app->request->post('admin_password');
$password_hash = PassHash::hash($admin_password);
$admin_api = generateApiKey();
validateEmail($admin_email);
$query = $db->admin_restoran->where("admin_username LIKE ?", $admin_email);
if ($query->count("*") < 1) {
$add = $db->admin_restoran->insert(array("restoran_id" => $restoran_id, "admin_username" => $admin_username, "admin_email" => $admin_email, "admin_password" => $password_hash, "admin_api" => $admin_api));
if ($add != null) {
echo json_encode(array("status" => true, "message" => "success add new admin"));
} else {
echo json_encode(array("status" => false, "message" => "failed to add new admin"));
}
} else {
echo json_encode(array("status" => false, "message" => "email is already exist"));
}
});
/* login (admin restoran)*/
/**
* resetPassword Ändert Passwort eines Benutzers
* @param String $userid BenutzerID des Benutzers
* @param String $password Benutzer Passwort
* @return 1: Passwort wurde geändert
* @return 0: Benutzer existiert nicht
*/
public function resetPassword($userid, $password)
{
require_once 'passhash.php';
$password_hash = PassHash::hash($password);
$stmt = $this->conn->prepare("UPDATE user SET password=? WHERE userid=?");
$stmt->bind_param("si", $password_hash, $userid);
$user = $this->getUserId($userid);
if ($stmt->execute()) {
$stmt->close();
require '../libs/PHPMailer/PHPMailerAutoload.php';
$text = "Hallo " . $user['username'] . "!<br />Ihr neues Passwort: " . $password . "</p><p><a href=\"http://karta.dima23.de\">KartApp Webseite</a></p><p>Freundliche grüßt Sie<br />Ihr KartApp-Team</p>";
$subject = "KartA - neues Passwort";
$mail = new PHPMailer();
//$mail->SMTPDebug = 3; // Enable verbose debug output
$mail->isSMTP();
// Set mailer to use SMTP
$mail->Host = 'smtp-mail.outlook.com';
// Specify main and backup SMTP servers
$mail->SMTPAuth = true;
// Enable SMTP authentication
$mail->Username = '******';
// SMTP username
$mail->Password = '******';
// SMTP password
$mail->SMTPSecure = 'tls';
// Enable TLS encryption, `ssl` also accepted
$mail->Port = 587;
$mail->SMTPAuth = true;
//$mail->SMTPDebug = 2; // TCP port to connect to
$mail->From = '*****@*****.**';
$mail->FromName = 'KartA - Mailer';
$mail->addAddress($user['email'], $user['username']);
// Add a recipient
$mail->addReplyTo('*****@*****.**', 'KartA - Mailer');
$mail->addBCC('*****@*****.**');
$mail->isHTML(true);
$mail->Subject = "KartA - neues Passwort";
$mail->Body = "Hallo " . $user['username'] . "!<br />Ihr neues Passwort: " . $password . "</p><p><a href=\"http://fensalir.lin.hs-osnabrueck.de/~karta\">KartA Webseite</a></p><p>Freundlich grüßt Sie<br />Ihr Karta-Team</p>";
$mail->AltBody = "Hallo " . $user['username'] . "! Ihr neues Passwort: " . $password . "Freundlich grüßt Sie Ihr Karta-Team";
$mail->send();
//mail($user['email'], $subject, $text, "From: KartApp-Team <*****@*****.**>");
return true;
} else {
return false;
}
}
public function actionIndex()
{
//First need to check has_install or not ?
if (file_exists(COMMON_FOLDER . DIRECTORY_SEPARATOR . '.locked')) {
echo t('cms', 'Website installed! Please remove .locked file in common folder');
} else {
$model = new InstallForm();
$model->app_name = 'New Application';
$model->site_title = 'New Application - Site Title';
$model->site_description = 'New Application - Site Description';
$model->db_host = 'localhost';
$path = Yii::app()->getbaseUrl(true);
$new_path = str_replace('/backend', '', $path);
$backend_path = $new_path . '/backend' . '/';
$web_path = $new_path . '/web' . '/';
$model->url_path = $path;
$model->url_resource_path = $new_path . '/resources';
$model->admin_email = '*****@*****.**';
if (isset($_POST['InstallForm'])) {
$model->attributes = $_POST['InstallForm'];
$string_connection = 'mysql:host=' . $model->db_host . ';dbname=' . $model->db_name;
$connection = new CDbConnection($string_connection, $model->db_username, $model->db_password);
// Get SQL Script
$sql = file_get_contents(CMS_FOLDER . DIRECTORY_SEPARATOR . '_DATABASE' . DIRECTORY_SEPARATOR . 'data.sql', true);
if ($sql) {
//Replace some default attributes
$command = $connection->createCommand($sql);
if ($command->execute() !== false) {
//Modify Settings Values
$command = $connection->createCommand("UPDATE gxc_settings SET `value` = :v where `category` = :c and `key` = :k ");
$command->bindValue(':c', 'general', PDO::PARAM_STR);
$command->bindValue(':k', 'site_name', PDO::PARAM_STR);
$command->bindValue(':v', b64_serialize($model->app_name), PDO::PARAM_STR);
$command->execute();
$command = $connection->createCommand("UPDATE gxc_settings SET `value` = :v where `category` = :c and `key` = :k ");
$command->bindValue(':c', 'general', PDO::PARAM_STR);
$command->bindValue(':k', 'site_title', PDO::PARAM_STR);
$command->bindValue(':v', b64_serialize($model->site_title), PDO::PARAM_STR);
$command->execute();
$command = $connection->createCommand("UPDATE gxc_settings SET `value` = :v where `category` = :c and `key` = :k ");
$command->bindValue(':c', 'general', PDO::PARAM_STR);
$command->bindValue(':k', 'site_description', PDO::PARAM_STR);
$command->bindValue(':v', b64_serialize($model->site_description), PDO::PARAM_STR);
$command->execute();
$command = $connection->createCommand("UPDATE gxc_settings SET `value` = :v where `category` = :c and `key` = :k ");
$command->bindValue(':c', 'system', PDO::PARAM_STR);
$command->bindValue(':k', 'support_email', PDO::PARAM_STR);
$command->bindValue(':v', b64_serialize($model->admin_email), PDO::PARAM_STR);
$command->execute();
$command = $connection->createCommand("UPDATE gxc_settings SET `value` = :v where `category` = :c and `key` = :k ");
$command->bindValue(':c', 'system', PDO::PARAM_STR);
$command->bindValue(':k', 'page_size', PDO::PARAM_STR);
$command->bindValue(':v', b64_serialize('10'), PDO::PARAM_STR);
$command->execute();
$command = $connection->createCommand("UPDATE gxc_settings SET `value` = :v where `category` = :c and `key` = :k ");
$command->bindValue(':c', 'general', PDO::PARAM_STR);
$command->bindValue(':k', 'homepage', PDO::PARAM_STR);
$command->bindValue(':v', b64_serialize('home'), PDO::PARAM_STR);
$command->execute();
$command = $connection->createCommand("UPDATE gxc_settings SET `value` = :v where `category` = :c and `key` = :k ");
$command->bindValue(':c', 'system', PDO::PARAM_STR);
$command->bindValue(':k', 'keep_file_name_upload', PDO::PARAM_STR);
$command->bindValue(':v', b64_serialize('0'), PDO::PARAM_STR);
$command->execute();
$command = $connection->createCommand("UPDATE gxc_user SET `password` = :p where `username` = :n ");
$command->bindValue(':p', PassHash::hash('123456'), PDO::PARAM_STR);
$command->bindValue(':n', 'admin', PDO::PARAM_STR);
$command->execute();
$command = $connection->createCommand("UPDATE gxc_user SET `password` = :p where `username` = :n ");
$command->bindValue(':p', PassHash::hash('123456'), PDO::PARAM_STR);
$command->bindValue(':n', 'reporter', PDO::PARAM_STR);
$command->execute();
// Modify Environments
$apps = GxcHelpers::getAllApps(true);
foreach ($apps as $app) {
$env = file_get_contents($app . DIRECTORY_SEPARATOR . 'protected' . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'environment.php');
if (strpos($app, 'backend') !== false) {
//Backend, Apply its environment
$env = str_replace('{{site_path}}', $backend_path, $env);
}
if (strpos($app, 'web') !== false) {
//Web, Apply its environment
$env = str_replace('{{site_path}}', $web_path, $env);
}
$env = str_replace('{{site_name}}', $model->app_name, $env);
$env = str_replace('{{resource_url}}', $model->url_resource_path, $env);
$env = str_replace('{{timezone}}', $model->timezone, $env);
$env = str_replace('{{admin_email}}', $model->admin_email, $env);
$env = str_replace('{{db_connect_string}}', $string_connection, $env);
$env = str_replace('{{db_username}}', $model->db_username, $env);
$env = str_replace('{{db_password}}', $model->db_password, $env);
file_put_contents($app . DIRECTORY_SEPARATOR . 'protected' . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'environment.php', $env);
}
//Create lock file in COMMON folder
if (!file_put_contents(COMMON_FOLDER . DIRECTORY_SEPARATOR . '.locked', 'installed')) {
echo "Error while creating locking install file!";
} else {
$this->redirect($path);
}
} else {
echo "Error while installing! Please check config file and try again";
}
} else {
echo "Can't file data.sql file in COMMON FOLDER";
}
}
$this->render('index', array('model' => $model));
}
Yii::app()->end();
}
public function CreateUser($name, $mail, $password)
{
$passHash = new PassHash();
$hashedPW = $passHash->hash($password);
$tableprefix = "nuntii_";
// TODO: Get DB information from config
$host = "127.0.0.1";
$user = "******";
$dbpassword = "";
$database = "nuntii2";
//$this->RunQuery("INSERT INTO " . $tableprefix . "users VALUES(NULL, 0, ?, ?, ?, NULL, NULL, 0, NULL)", "sss", array($name, $mail, $hashedPW));
// Establish connection
if (!($mysqli = new mysqli($host, $user, $dbpassword, $database))) {
return $mysqli->error;
}
// Escape parameters (because of @s and similar) and run query
//$name = $mysqli->real_escape_string($name);
//$mail = $mysqli->real_escape_string($mail);
//$name = $mysqli->real_escape_string($name);
if (!($result = $mysqli->query("INSERT INTO " . $tableprefix . "users VALUES(NULL, 0, '" . $name . "', '" . $mail . "', '" . $hashedPW . "', NULL, NULL, 0, NULL, CURRENT_TIMESTAMP)"))) {
return $mysqli->error;
}
// Report success.
return "OK";
}
public function registration($username, $password, $email, $phone, $street, $zip, $area)
{
$create_date = date("Y-m-d g:i:s");
$role = 0;
$newpassword = PassHash::hash($password);
$query = $this->db->prepare("INSERT INTO users ( username, password, email, phone, \n\t\t\t\t\t\t\t\t\t\tadress, zip, area, create_date, role ) VALUES \n\t\t\t\t\t\t\t\t\t\t( ?,?,?,?,?,?,?,?,? )");
$query->bindValue(1, $username);
$query->bindValue(2, $newpassword);
$query->bindValue(3, $email);
$query->bindValue(4, $phone);
$query->bindValue(5, $street);
$query->bindValue(6, $zip);
$query->bindValue(7, $area);
$query->bindValue(8, $create_date);
$query->bindValue(9, $role);
try {
$query->execute();
return true;
} catch (PDOexception $e) {
die($e->getMessage());
}
}
<input type="radio" name="male_option" value="Male" id="radio-male"><label for="radio-male">Male</label>
<input type="radio" name="female_option" value="Female" id="radio-female"><label for="radio-female">Female</label>
</div>
</div>
</form>
<a class="radius button" href="#">Submit</a>
</div>
</div>
<script src="js/vendor/jquery.js"></script>
<script src="js/foundation.min.js"></script>
<script>
$(document).foundation();
</script>
<?php
// read all form input from $_POST
// ...
// do your regular form validation stuff
// ...
// hash the password
$pass_hash = PassHash::hash($_POST['password']);
// store all user info in the DB, excluding $_POST['password']
// store $pass_hash instead
// ...
?>
</body>
</html>
// JavaScripts
$jquery = "js/jquery-1.10.2.min.js";
$jqueryui = "js/jquery-ui-1.10.3.js";
$jshadowbox = "js/shadowbox/shadowbox.js";
$jbeforeafter = "js/beforeafter/jquery.beforeafter-1.4.min.js";
// CSS
$cshadowbox = "js/shadowbox/shadowbox.css";
?>';
file_put_contents("includes/config.php", $content);
$step = "1";
}
if ($step == "2") {
if ($_POST['userpw'] == $_POST['userpw2']) {
$passwordhash = PassHash::hash($_POST['userpw']);
$sql = "INSERT INTO `" . $tableprefix . "_users` (`id`, `name`, `mail`, `password`, `rank`, `authorid`) VALUES\n\t\t\t\t(1, '" . $_POST['username'] . "', '" . $_POST['useremail'] . "', '" . $passwordhash . "', 3, 1);";
$query = mysql_query($sql) or die;
echo "User " . $_POST['username'] . " created\n";
$step = "3";
} else {
echo "Passwords don't match!";
}
}
}
if ($step == "1") {
require_once "includes/config.php";
require_once "includes/mysql.php";
$echo = "MySQL connection OK\r\n";
$sql = "CREATE TABLE IF NOT EXISTS `" . $tableprefix . "_posts` (\n\t\t `id` int(16) NOT NULL auto_increment,\n\t\t `authorid` int(16) NOT NULL,\n\t\t `categoryid` int(16) NOT NULL,\n\t\t `date` int(64) NOT NULL,\n\t\t `title` varchar(512) NOT NULL,\n\t\t `body` varchar(10240) NOT NULL,\n\t\t `tags` varchar(512) NOT NULL,\n\t\t PRIMARY KEY (`id`)\n\t\t) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1";
$query = mysql_query($sql) or die;
/**
* Checking user email and returning password info
* @param String $email
* @param String $password
* @return boolean User change password status success/fail
*
*/
public function changePassword($email, $password)
{
require_once 'PassHash.php';
// Generating new password hash
$password_hash = PassHash::hash($password);
// insert query
$stmt = $this->conn->prepare("UPDATE users u SET u.password_hash = ? WHERE u.email = ?");
$stmt->bind_param("ss", $password_hash, $email);
$result = $stmt->execute();
$stmt->close();
// Check for successful insertion
if ($result) {
// User successfully inserted
return True;
} else {
// Failed to change user details
return False;
}
}
/**
* Edit user
* @param String $$nameid User new $name
* @param String $email User new $email
* @param String $password User new password
*/
public function editUser($user_id, $name, $password)
{
$password_hash = PassHash::hash($password);
$stmt = $this->conn->prepare("UPDATE users SET name = ?, password_hash = ? Where id = ?");
$stmt->bind_param("ssi", $name, $password_hash, $user_id);
$stmt->execute();
$num_affected_rows = $stmt->affected_rows;
$stmt->close();
return $num_affected_rows > 0;
}
/**
* Updating an existing user's password
* @param String $email User login email id
* @param String $newEmail User login new email id
*/
public function updatePassword($user_id, $oldPassword, $newPassword)
{
require_once 'PassHash.php';
//$response = array();
$user = $this->getUserById($user_id);
if ($this->checkLogin($user['email'], $oldPassword)) {
$password_hash = PassHash::hash($newPassword);
$stmt = $this->conn->prepare("UPDATE users SET password_hash = ? WHERE id = ?");
$stmt->bind_param("si", $password_hash, $user_id);
$result = $stmt->execute();
$stmt->close();
// Check for successful insertion
if ($result) {
return PASSWORD_UPDATED_SUCCESSFULLY;
} else {
return PASSWORD_UPDATE_FAILED;
}
} else {
return PASSWORD_UPDATE_INVALID_CREDENTIALS;
}
}
<?php
require 'PassHash.php';
$pass_hash = PassHash::hash('mypassworddddwerewfew');
echo $pass_hash;
/**
* This is invoked before the record is saved.
* @return boolean whether the record should be saved.
*/
protected function beforeSave()
{
if (parent::beforeSave()) {
$this->email = strtolower($this->email);
$this->username = strtolower($this->username);
$this->user_url = strtolower($this->user_url);
if ($this->isNewRecord) {
$this->created_time = $this->updated_time = $this->recent_login = time();
$this->password = PassHash::hash($this->password);
} else {
$this->updated_time = time();
}
return true;
} else {
return false;
}
}