<?php
// add details for user while siging up.
include '../../Model/dbUser.php';
$usrname = $_POST['username'];
$password = $_POST['password'];
$cpwd = $_POST['cpassword'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$checkValue = $_POST['checkpoint'];
$userType = $_POST['usertype'];
$hash_password = password_hash($password, PASSWORD_DEFAULT);
try {
$obj = new dbUser();
if ($userType === "Admin") {
global $type;
$type = 1;
} else {
$type = 0;
}
$userDetails = array("uname" => $usrname, "pwd" => $password, "firstname" => $fname, "lastname" => $lname, "utype" => $type);
$userLogin = array($usrname, $password, $type);
$result = $obj->getAllUser();
$flag = 0;
while ($row = mysqli_fetch_assoc($result)) {
if (!($usrname === $row['tUsername'])) {
$flag++;
break;
}
}
echo "Flag :" . $flag;
<?php
// add details for user while siging up.
include '../../Model/dbUser.php';
$usrname = $_POST['username'];
$password = $_POST['password'];
$cpwd = $_POST['cpassword'];
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$checkValue = $_POST['checkpoint'];
$userType = $_POST['usertype'];
try {
$obj = new dbUser();
if ($userType === "Admin") {
global $type;
$type = 1;
} else {
$type = 0;
}
$userDetails = array("uname" => $usrname, "pwd" => $password, "firstname" => $fname, "lastname" => $lname, "utype" => $type);
$userLogin = array($usrname, $password, $type);
$result = $obj->getAllUser();
$flag = 0;
while ($row = mysqli_fetch_assoc($result)) {
if (!($usrname === $row['tUsername'])) {
$flag++;
break;
}
}
echo "Flag :" . $flag;
extract($userDetails);
/**
* 11b. Logs in / signs up linkedin user
*/
public function login_linkedin_user($in_user, $in_access_token)
{
if ($in_user) {
$query = $this->db->where('linkedin_id', $in_user->id)->get('users');
if ($query->num_rows() === 1) {
// user found
$user = new dbUser();
$user->copy($query->row());
$user->password = $user->password ? '***' : '';
return $user;
} else {
// no such user, signing up
$this->load->library('in_connect');
$user = new dbFullUser();
$user->linkedin_id = $in_user->id;
// saving token - it will expire and there is no logic yet to track it
$user->linkedin_token = $in_access_token['oauth_token'];
$user->linkedin_token_secret = $in_access_token['oauth_token_secret'];
// calculating expiration time (since UNIX epoch 1970/1/1 00:00:00) (linkedin returns expiration period in seconds)
$user->linkedin_token_expires = time() + $in_access_token['oauth_authorization_expires_in'];
// cutting the domain part away (it will cut any domain away), because 'linkedin_username' is the path part of the public URL (I just didn't know then...)
$in_username = preg_replace('/(\\w{1,5}\\:\\/\\/)?((\\w*\\.){1,3}\\w*\\/)?/', '', $in_user->publicProfileUrl);
// cutting any parameters that can be there - maybe this is excessive
$in_username = preg_replace('/(\\?.*)/', '', $in_username);
$user->linkedin_username = $in_username;
// setting user info from linkedin data
$user->firstname = isset($in_user->firstName) ? $in_user->firstName : '';
$user->lastname = isset($in_user->lastName) ? $in_user->lastName : '';
$user->fullname = isset($in_user->formattedName) ? $in_user->formattedName : $user->firstname . ' ' . $user->lastname;
$user->bio = isset($in_user->headline) ? $in_user->headline : '';
$user->location = isset($in_user->location->name) ? $in_user->location->name : '';
// can't get we address yet - will come here later
// $user->web = resolve_url($this->twconnect->tw_user_info->url);
$user->linkedin_name = $user->fullname;
$user->linkedin_img_url = isset($in_user->pictureUrl) ? $in_user->pictureUrl : '';
$user->picture_url = $user->linkedin_img_url;
// getting the big picture
$all_pictures = $this->in_connect->in_get_user_pictures();
if (isset($all_pictures->values[0])) {
$user->big_picture_url = $all_pictures->values[0];
} else {
// no big picture - using the same picture
$user->big_picture_url = $user->picture_url;
}
// Inserting user
$ok = $this->db->insert('users', $user);
$user->id = $this->db->insert_id();
$this->meet_WhoYouMeet_team($user);
return $user;
if (!$ok) {
// Cannot insert user
return false;
}
}
// end of else - no such user, signing user up
} else {
// no $in_user passed
return false;
}
}
<?php
session_start();
include '../../Model/dbUser.php';
$obj = new dbUser();
$result = $obj->getLoginDetails();
$username = $_POST['username'];
$password = $_POST['password'];
$_SESSION['username'] = $username;
while ($row = mysqli_fetch_assoc($result)) {
if ($username == $row['tUsername'] && $password == $row['tPassword']) {
header('location: /schoolNew/View/students/studentList.php');
} else {
header("location: /schoolNew/View/errors/noUserFound.php");
}
}
/**
* 8. Actions with user profile
* Security of this function relies only on user id stored in the cookie: $this->session->userdata('id').
* The seesion cookie should be encrypted via /application/config/config.php (it is not at the moment)
*
* $action parameter is passed via request URL: /i/profile/$action/
* $action values:
* '' - shows the user's profile (view_profile.php)
* 'edit' - form to edit user profile
* 'update' - validate and update user's profile
* 'verify' - verify email
* 'password' - change password, $param = 'validate' for form validation
* 'facebook' - connect/disconnect Facebook profile
* 'twitter' - connect/disconnect Twitter profile
* 'linkedin' - connect/disconnect LinkedIn profile
*/
public function profile($action = '', $param = '')
{
// show, edit and validate&save profile
if ($this->session->userdata('logged_in')) {
$this->load->model('model_users');
$user_id = $this->session->userdata('id');
$user = $this->model_users->get_user($user_id);
$previous_page = $this->input->server('HTTP_REFERER');
switch ($action) {
case '':
// show profile
if (user_profile_url() != base_url() . 'i/profile') {
redirect(user_profile_url());
}
$this->load->view('includes/view_template', array('user' => $user, 'content' => 'profile', 'title' => my_page_title('page_myProfile_title')));
break;
case 'edit':
// edit profile
$this->settings($user);
break;
case 'update':
// validate & update profile
$this->form_validation->set_rules('fullname', lang('form_profile_fullname_field'), 'required|trim|xss_clean');
$this->form_validation->set_rules('email', lang('form_profile_email_field'), ($user->password ? 'required|' : '') . 'trim|valid_email|xss_clean|callback_validate_email' . ($user->email ? '[' . $user->email . ']' : ''));
// validate_email() is called when validation is run
$this->form_validation->set_rules('location', lang('form_profile_location_field'), 'trim|xss_clean');
$this->form_validation->set_rules('web', lang('form_profile_web_field'), 'trim|xss_clean');
$this->form_validation->set_rules('bio', lang('form_profile_bio_field'), 'trim|xss_clean');
$this->form_validation->set_rules('interested_in', lang('form_profile_interestedin_field'), 'trim|xss_clean');
$updated_user = new dbFullUser();
$updated_user->copy($user);
$updated_user->location = $this->input->post('location');
$updated_user->web = $this->input->post('web');
$updated_user->bio = $this->input->post('bio');
$updated_user->interested_in = $this->input->post('interested_in');
if ($this->form_validation->run()) {
$updated_user->email = $this->input->post('email');
$updated_user->verified = $updated_user->email != $user->email ? false : $user->verified;
$updated_user->fullname = $this->input->post('fullname');
if ($this->model_users->update_user($user_id, $updated_user)) {
// profile updated, checking if email changed and sending verification email
if ($updated_user->email != $user->email) {
// old keys are deleted so that only new email can be verified
$this->model_users->delete_keys($user_id);
// new key is generated
$key = $this->model_users->unique_key($user_id);
if ($this->resend_verification_email($updated_user, $key)) {
// verification email sent
$this->session->set_flashdata('success', my_lang('msg_success_verification_msg_sent', $updated_user->email));
} else {
// recovery email not sent
$this->session->set_flashdata('error', my_lang('msg_error_cant_send_verification_msg'));
}
}
// also saving updated user data in session
$user_session_data = new dbUser();
$user_session_data->copy($updated_user);
$this->session->set_userdata($user_session_data);
redirect(user_profile_url());
} else {
// Could not update user, open form with original data
$this->settings($user);
}
} else {
// Did not validate form, open form with changed data, but fullname and email will be original
$this->settings($updated_user);
}
break;
case 'verify':
// verify email (in case user didn't verify it previously)
$key = $this->model_users->unique_key($user_id);
if ($this->resend_verification_email($user, $key)) {
// verification email sent
$this->session->set_flashdata('success', my_lang('msg_success_verification_msg_sent', $user->email));
} else {
// recovery email not sent
$this->session->set_flashdata('error', my_lang('msg_error_cant_send_verification_msg'));
}
redirect($previous_page);
break;
case 'password':
// change password form and validation/action
if ($param = '') {
$this->change_password_form();
} elseif ($param = 'validate') {
$this->form_validation->set_rules('old_password', my_lang('form_password_old_password_field'), 'trim|xss_clean' . ($user->password ? '|required' : ''));
$this->form_validation->set_rules('password', my_lang('form_password_password_field'), 'required|matches[c_password]|trim|xss_clean');
$this->form_validation->set_rules('c_password', my_lang('form_password_c_password_field'), 'required|trim|xss_clean');
if ($this->form_validation->run()) {
$ok = $this->model_users->change_user_password($user_id, $this->input->post('old_password'), $this->input->post('password'));
if ($ok) {
$this->session->set_flashdata('success', my_lang('msg_success_passwd_changed'));
redirect(user_profile_url());
} else {
$this->session->set_flashdata('alert', my_lang('msg_alert_passwd_wrong'));
redirect('/i/profile/password');
}
} else {
$this->change_password_form();
}
}
break;
case 'facebook':
// connect/disconnect facebook profile to user's profile
if ($user->facebook_id) {
// facebook connected, disconnect
if ($user->email && $user->password) {
// user registered via email/password, disconnecting
$user->facebook_id = 0;
$user->facebook_name = '';
$user->facebook_username = '';
$this->model_users->update_user($user->id, $user);
$this->choose_best_profile_picture($user);
redirect('/i/profile/edit');
} else {
// no email/password, cannot disconnect facebook
$this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_disconnect_no_email', 'Facebook'));
redirect('/i/profile/edit');
}
} else {
// facebook not connected, connect facebook
$this->load->library('fbconnect');
$this->session->set_userdata('previous_page', $previous_page);
$ok = $this->fbconnect->fbredirect('/i/profile_facebook');
if (!$ok) {
$this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_connect', 'Facebook'));
redirect($previous_page);
}
}
break;
case 'twitter':
// connect/disconnect twitter profile to user's profile
if ($user->twitter_id) {
// twitter connected, disconnect
if ($user->email && $user->password) {
// user registered via email/password, "disconnecting"
$user->twitter_id = 0;
$user->twitter_token = '';
$user->twitter_token_secret = '';
$user->twitter_name = '';
$user->twitter_username = '';
$user->twitter_img_url = '';
$user->twitter_verified = false;
$this->choose_best_profile_picture($user);
// updating user record
$this->model_users->update_user($user->id, $user);
// clearing twitter session data
$this->load->library('twconnect');
$this->twconnect->twclear_session_data();
// clearing twitter username in session
$this->session->unset_userdata('twitter_username');
redirect('/i/profile/edit');
} else {
// no email/password, cannot disconnect twitter
$this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_disconnect_no_email', 'Twitter'));
redirect('/i/profile/edit');
}
} else {
// twitter not connected, connect twitter
$this->load->library('twconnect');
$this->session->set_userdata('previous_page', $previous_page);
$ok = $this->twconnect->twredirect('/i/profile_twitter');
if (!$ok) {
$this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_connect', 'Twitter'));
$this->twconnect->twclear_session_data();
redirect($previous_page);
}
}
break;
case 'linkedin':
// connect/disconnect linkedin profile to user's profile
if ($user->linkedin_id) {
// linkedin connected, disconnect
if ($user->email && $user->password) {
// user registered via email/password, "disconnecting"
$user->linkedin_id = '';
$user->linkedin_token = '';
$user->linkedin_token_secret = '';
$user->linkedin_token_expires = 0;
$user->linkedin_name = '';
$user->linkedin_username = '';
$user->linkedin_img_url = '';
$this->choose_best_profile_picture($user);
// updating user record
$this->model_users->update_user($user_id, $user);
// clearing linkedin session data
$this->load->library('in_connect');
$this->in_connect->in_clear_session_data();
redirect($previous_page);
} else {
// no email/password, cannot disconnect linkedin
$this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_disconnect_no_email', 'LinkedIn'));
redirect($previous_page);
}
} else {
// LinkedIn not connected, connect LinkedIn
$this->load->library('in_connect');
$this->session->set_userdata('previous_page', $previous_page);
$ok = $this->in_connect->in_redirect('/i/profile_linkedin');
if (!$ok) {
$this->session->set_flashdata('alert', my_lang('msg_alert_social_cant_connect', 'LinkedIn'));
$this->in_connect->in_clear_session_data();
redirect('/i/profile/edit');
}
}
break;
default:
// some wrong path after /i/profile
redirect(user_profile_url());
}
} else {
redirect('/');
}
}