Mercurial > hg > ywww
annotate user/newLogin.php @ 6:077b0a0a3e6d
remaining originals according to dependency walk
| author | Robert Boland <robert@markup.co.uk> |
|---|---|
| date | Thu, 16 Feb 2017 22:29:02 +0000 |
| parents | |
| children | 385ddd7c4b55 a67bf725e87b |
| rev | line source |
|---|---|
|
6
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
1 <?php |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
2 require "PasswordHash.php"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
3 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
4 include "../../private/db.php"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
5 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
6 // emailname and password sent from form |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
7 $email=$_GET['email']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
8 $mypassword=$_GET['pwd']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
9 $fname=isset($_GET['fName'])?$_GET['fName']:""; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
10 $sname=isset($_GET['sName'])?$_GET['sName']:""; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
11 $dname=$_GET['dName']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
12 $age=$_GET['age']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
13 $loc=$_GET['loc']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
14 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
15 // To protect MySQL injection |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
16 $email = stripslashes($email); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
17 $mypassword = stripslashes($mypassword); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
18 $email = mysqli_real_escape_string($link,$email); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
19 $mypassword = mysqli_real_escape_string($link,$mypassword); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
20 $fname = stripslashes($fname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
21 $fname = mysqli_real_escape_string($link,$fname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
22 $sname = stripslashes($sname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
23 $sname = mysqli_real_escape_string($link,$sname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
24 $dname = stripslashes($dname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
25 $dname = mysqli_real_escape_string($link,$dname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
26 $age = stripslashes($age); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
27 $age = mysqli_real_escape_string($link,$age); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
28 $loc = stripslashes($loc); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
29 $loc = mysqli_real_escape_string($link,$loc); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
30 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
31 $t_hasher = new PasswordHash(8, FALSE); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
32 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
33 $hashpwd = $t_hasher->HashPassword($mypassword); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
34 //check if loginname exists already, throw error |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
35 //if not, insert with hash pwd |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
36 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
37 $query1 = 'select * from user where Email = \'' .$email .'\''; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
38 //echo $query1; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
39 $data1 = mysqli_query($link, $query1); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
40 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
41 if ( mysqli_num_rows( $data1 ) < 1 ) |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
42 { |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
43 $confirm_code=md5(uniqid(rand())); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
44 $add="INSERT INTO temp_user VALUES('$confirm_code', '$email', '$hashpwd', '$fname', '$sname', '$dname', $age, $loc)"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
45 echo $add; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
46 //$add = 'insert into temp_user values (\''$confirm_code'\',\'' . $email . '\',\'' . $hashpwd . '\');'; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
47 $run = mysqli_query($link, $add); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
48 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
49 // if successfully inserted data into database, send confirmation link to email |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
50 if($run){ |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
51 // ---------------- SEND MAIL FORM ---------------- |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
52 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
53 // send e-mail to ... |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
54 $to=$email; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
55 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
56 // Your subject |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
57 $subject="YourNextRead confirmation link"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
58 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
59 // From |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
60 $header="from: YourNextRead <noreply@YourNextRead.com>"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
61 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
62 // Your message |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
63 $message="YourNextRead Confirmation link \r\n"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
64 $message.="Click on this link to activate your account \r\n"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
65 $message.="http://www.YourNextRead.com/user/confirmation.php?passkey=$confirm_code"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
66 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
67 // send email |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
68 $sentmail = mail($to,$subject,$message,$header); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
69 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
70 // if not found |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
71 else { |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
72 echo "Error Adding Account"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
73 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
74 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
75 // if your email succesfully sent |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
76 if($sentmail){ |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
77 echo "A confirmation link has been sent to your email address."; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
78 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
79 else { |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
80 echo "Error Sending Confirmation Email"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
81 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
82 /*$add = 'insert into user values (null,\'' . $email . '\',\'' . $hashpwd . '\');'; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
83 //echo $add; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
84 $run = mysqli_query($link, $add); //add the book if it doesn't exist |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
85 session_start(); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
86 $_SESSION['email']=$email; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
87 echo session_id(); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
88 //start session and send the id back to GWT*/ |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
89 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
90 else |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
91 echo 'Email already exists'; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
92 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
93 mysqli_close($link); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
94 ?> |