Mercurial > hg > ywww
annotate user/uk/newLogin.php @ 14:1477b5e6dd16 testing
use test subdirs for countries
| author | Henry S. Thompson <ht@inf.ed.ac.uk> |
|---|---|
| date | Sun, 19 Feb 2017 16:17:25 +0000 |
| parents | 077b0a0a3e6d |
| children | 385ddd7c4b55 a67bf725e87b |
| rev | line source |
|---|---|
|
6
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
1 <?php |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
2 require "PasswordHash.php"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
3 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
4 include "../../private/db.php"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
5 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
6 // emailname and password sent from form |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
7 $email=$_GET['email']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
8 $mypassword=$_GET['pwd']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
9 $fname=$_GET['fName']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
10 $sname=$_GET['sName']; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
11 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
12 // To protect MySQL injection |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
13 $email = stripslashes($email); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
14 $mypassword = stripslashes($mypassword); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
15 $email = mysqli_real_escape_string($link,$email); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
16 $mypassword = mysqli_real_escape_string($link,$mypassword); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
17 $fname = stripslashes($fname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
18 $fname = mysqli_real_escape_string($link,$fname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
19 $sname = stripslashes($sname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
20 $sname = mysqli_real_escape_string($link,$sname); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
21 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
22 $t_hasher = new PasswordHash(8, FALSE); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
23 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
24 $hashpwd = $t_hasher->HashPassword($mypassword); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
25 //check if loginname exists already, throw error |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
26 //if not, insert with hash pwd |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
27 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
28 $query1 = 'select * from user where Email = \'' .$email .'\''; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
29 //echo $query1; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
30 $data1 = mysqli_query($link, $query1); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
31 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
32 if ( mysqli_num_rows( $data1 ) < 1 ) |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
33 { |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
34 $confirm_code=md5(uniqid(rand())); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
35 $add="INSERT INTO temp_user VALUES('$confirm_code', '$email', '$hashpwd', '$fname', '$sname')"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
36 echo $add; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
37 //$add = 'insert into temp_user values (\''$confirm_code'\',\'' . $email . '\',\'' . $hashpwd . '\');'; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
38 $run = mysqli_query($link, $add); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
39 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
40 // if successfully inserted data into database, send confirmation link to email |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
41 if($run){ |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
42 // ---------------- SEND MAIL FORM ---------------- |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
43 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
44 // send e-mail to ... |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
45 $to=$email; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
46 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
47 // Your subject |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
48 $subject="BookWhack confirmation link"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
49 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
50 // From |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
51 $header="from: BookWhack <noreply@bookwhack.com>"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
52 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
53 // Your message |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
54 $message="BookWhack Confirmation link \r\n"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
55 $message.="Click on this link to activate your account \r\n"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
56 $message.="http://www.bookwhack.co.uk/user/confirmation.php?passkey=$confirm_code"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
57 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
58 // send email |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
59 $sentmail = mail($to,$subject,$message,$header); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
60 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
61 // if not found |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
62 else { |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
63 echo "Error Adding Account"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
64 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
65 |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
66 // if your email succesfully sent |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
67 if($sentmail){ |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
68 echo "A confirmation link has been sent to your email address."; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
69 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
70 else { |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
71 echo "Error Sending Confirmation Email"; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
72 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
73 /*$add = 'insert into user values (null,\'' . $email . '\',\'' . $hashpwd . '\');'; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
74 //echo $add; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
75 $run = mysqli_query($link, $add); //add the book if it doesn't exist |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
76 session_start(); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
77 $_SESSION['email']=$email; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
78 echo session_id(); |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
79 //start session and send the id back to GWT*/ |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
80 } |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
81 else |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
82 echo 'Email already exists'; |
|
077b0a0a3e6d
remaining originals according to dependency walk
Robert Boland <robert@markup.co.uk>
parents:
diff
changeset
|
83 ?> |