<?phpsession_start();require_once 'class.user.php';$user_home = new USER();?

1. <?php
2. session_start();
3. require_once 'class.user.php';
4. $user_home = new USER();
5. ?>
6. <!doctype html public "-//w3c//dtd html 3.2//en">
7.  
8. <html>
9.  
10. <head>
11. <title>(Type a title for your page here)</title>
12. </head>
13.  
14. <body>
15. <?Php
16.  
17.  
18. ///////Collect the form data /////
19. if(isset($_POST['btn-signup']))
20. {
21. $password=$_POST['password'];
22. $password2=$_POST['password2'];
23. $old_password=$_POST['old_password'];
24. /////////////////////////
25.  
26.  
27.  
28. $stmt = $user_home->runQuery("SELECT * FROM registered_users WHERE userID=:uid");
29. $stmt->execute(array(":uid"=>$_SESSION['userSession']));
30. $row = $stmt->fetch(PDO::FETCH_ASSOC);
31.  
32.  
33. if($row['password']<>md5($old_password)){
34. echo"Your old password is not matching as per our record.<BR>";
35. echo"no same pass";
36. }
37.  
38.  
39. if ( $password <> $password2 ){
40. $msg=$msg."Both passwords are not matching<BR>";
41. echo "new pass not same";
42.  
43.  
44.  
45.  
46.  
47. $password=md5($password);
48. $stmt = $this->conn->prepare("UPDATE registered_users SET password=:password where email:email");
49. $stmt->bindparam(":password",$password);
50. if($stmt->execute()){
51. echo "<font face='Verdana' size='2' ><center>Thanks <br> Your password changed successfully. Please keep changing your password for better security</font></center>";
52. }else{echo "<center>Sorry <br> Failed to change password Contact Site Admin</font></center>";
53. } // end of if else if updation of password is successful
54.  
55. } // end of if else todo
56. }
57. ?>
58.  
59. </body>
60.  
61. <form method="post">
62. <input type="password" name="old_password" placeholder="old pass" />
63. <input type="password" name="password" placeholder="opassword" />
64. <input type="password" name="password2" placeholder="password2" />
65. <button class="btn btn-large btn-primary" type="submit" name="btn-signup">Sign Up</button>
66. </form>
67.  
68. </html>
69.  
70. Your old password is not matching as per our record.
71. no same pass
72.  
73. old pass <Text fill>
74.  
75. password <Text fill>
76.  
77. password2 <Text fill>
78. Sign Up <button>
79.  
80. <?php
81. session_start();
82. require_once 'class.user.php';
83.  
84. $reg_user = new USER();
85.  
86. if($reg_user->is_logged_in()!="")
87. {
88. $reg_user->redirect('index.php');
89. }
90.  
91.  
92. if(isset($_POST['btn-signup']))
93. {
94. $salutation = $_POST['salutation'];
95. $fullName = $_POST['fullName'];
96. $nric = $_POST['nric'];
97. $gender = $_POST['gender'];
98. $dateOfBirth = $_POST['dateOfBirth'];
99. $mobileNumber = $_POST['mobileNumber'];
100. $email = $_POST['email'];
101. $password = $_POST['password'];
102. $address = $_POST['address'];
103. $postalCode = $_POST['postalCode'];
104.  
105. $serialNumber = md5(uniqid(rand()));
106.  
107. $stmt = $reg_user->runQuery("SELECT * FROM registered_users WHERE email=:email_id");
108. $stmt->execute(array(":email_id"=>$email));
109. $row = $stmt->fetch(PDO::FETCH_ASSOC);
110.  
111. if($stmt->rowCount() > 0)
112. {
113. $msg = "
114. <div class='alert alert-error'>
115. <button class='close' data-dismiss='alert'>&times;</button>
116. <strong>Sorry !</strong> email allready exists , Please Try another one
117. </div>
118. ";
119. }
120. else
121. {
122.  
123. if($reg_user->register($salutation,$fullName,$nric,$gender,$dateOfBirth,$mobileNumber,$email,$password,$address,$postalCode,$serialNumber))
124. {
125.  
126. $id = $reg_user->lasdID();
127. $key = base64_encode($id);
128. $id = $key;
129.  
130. $message = "
131. Dear $salutation $fullName,
132. <br /><br />
133. Thank You for registering with us!<br/>
134. To complete your registration please , just click following link<br/>
135. <br /><br />
136. <a href='http://localhost:8080/xampp/bicycleTheft/test5/php/verify.php?id=$id&serialNumber=$serialNumber'>Click HERE to Activate :)</a>
137. <br /><br />
138. Thanks,<br/>
139. <br />
140. Site Admin";
141.  
142. $subject = "Confirm Registration";
143.  
144. $reg_user->send_mail($email,$message,$subject);
145. $msg = "
146. <div class='alert alert-success'>
147. <button class='close' data-dismiss='alert'>&times;</button>
148. <strong>Success!</strong> We've sent an email to $email.
149. Please click on the confirmation link in the email to create your account.
150. </div>
151. ";
152. }
153. else
154. {
155. echo "sorry , query could no execute. Pleae go to nearest NPC to register.";
156. }
157. }
158. }
159. ?>
160. <!DOCTYPE html>
161. <html>
162. <head>
163. <title>Signup</title>
164.  
165. <!-- Bootstrap CSS -->
166. <link href="../css/bootstrap.min.css" rel="stylesheet">
167. <link href="../css/bootstrap-theme.min.css" rel="stylesheet">
168. <link rel="stylesheet" href="../css/NewFile.css" type="text/css">
169.  
170. </head>
171.  
172. <body>
173.  
174. <script src="../js/jquery-1.12.3.min.js"></script>
175. <script src="../js/bootstrap.min.js"></script>
176. <?php include 'navBar.php'; ?>
177.  
178.  
179. <?php if(isset($msg)) echo $msg; ?>
180. <div class="padding">
181. <form class="form-signin" method="post">
182. <h2 class="form-signin-heading">Sign Up</h2><hr />
183. <table>
184. <tr>
185. <td>Salutation</td>
186. <td><select name="salutation">
187. <option value="Dr">Dr</option>
188. <option value="Mr">Mr</option>
189. <option value="Mrs">Mrs</option>
190. <option value="Ms">Ms</option>
191. <option value="Madam">Madam</option>
192. </select>
193. </td>
194. </tr>
195. <tr>
196. <td>Full Name (as in NRIC):</td>
197. <td><input type="text" class="input-block-level" placeholder="Full Name" name="fullName" required /></td>
198. </tr>
199. <tr>
200. <td>NRIC:</td>
201. <td><input type="text" class="input-block-level" placeholder="S1234567A" name="nric" required /></td>
202. </tr>
203.  
204.  
205. <tr>
206. <td>Gender:</td>
207. <td><input type="radio" name="gender" value="Male">Male
208. <input type="radio" name="gender" value="Female">Female</td>
209. </tr>
210.  
211. <tr>
212. <td>Date Of Birth:</td>
213. <td><input type="date" class="input-block-level" name="dateOfBirth" required /></td>
214. </tr>
215.  
216.  
217.  
218. <tr>
219. <td>Mobile Nume:</td>
220. <td><input type="text" class="input-block-level" placeholder="91234567" name="mobileNumber" required /></td>
221. </tr>
222.  
223. <tr>
224. <td>Email Address:</td>
225. <td><input type="email" class="input-block-level" placeholder="ABC@example.com" name="email" required /></td>
226. </tr>
227.  
228.  
229.  
230. <tr>
231. <td>Password:</td>
232. <td><input type="password" class="input-block-level" placeholder="password" name="password" required /></td>
233. </tr>
234.  
235. <tr>
236. <td>Address:</td>
237. <td><input type="text" class="input-block-level" placeholder="address" name="address" required /></td>
238. </tr>
239.  
240. <tr>
241. <td>Postal Code:</td>
242. <td><input type="text" class="input-block-level" placeholder="postalcode" name="postalCode" required /></td>
243. </tr>
244. </table>
245. <button class="btn btn-large btn-primary" type="submit" name="btn-signup">Sign Up</button>
246.  
247.  
248. </form>
249. </div>
250.  
251.  
252. </body>
253. </html>
254.  
255. <?php
256.  
257. require_once 'dbconfig.php';
258.  
259. class USER
260. {
261.  
262. private $conn;
263.  
264. public function __construct()
265. {
266. $database = new Database();
267. $db = $database->dbConnection();
268. $this->conn = $db;
269. }
270.  
271. public function runQuery($sql)
272. {
273. $stmt = $this->conn->prepare($sql);
274. return $stmt;
275. }
276.  
277. public function lasdID()
278. {
279. $stmt = $this->conn->lastInsertId();
280. return $stmt;
281. }
282.  
283. public function register($salutation,$fullName,$nric,$gender,$dateOfBirth,$mobileNumber,$email,$password,$address,$postalCode,$serialNumber)
284. {
285. try
286. {
287. $password = md5($password);
288. $stmt = $this->conn->prepare("INSERT INTO registered_users(salutation,fullName,nric,gender,dateOfBirth,mobileNumber,email,password,address,postalCode,serialNumber)
289. VALUES(:salutation,:fullName,:nric,:gender,:dateOfBirth,:mobileNumber,:email,:password,:address,:postalCode,:serialNumber)");
290.  
291. $stmt->bindparam(":salutation",$salutation);
292. $stmt->bindparam(":fullName",$fullName);
293. $stmt->bindparam(":nric",$nric);
294. $stmt->bindparam(":gender",$gender);
295. $stmt->bindparam(":dateOfBirth",$dateOfBirth);
296. $stmt->bindparam(":mobileNumber",$mobileNumber);
297. $stmt->bindparam(":email",$email);
298. $stmt->bindparam(":password",$password);
299. $stmt->bindparam(":address",$address);
300. $stmt->bindparam(":postalCode",$postalCode);
301. $stmt->bindparam(":serialNumber",$serialNumber);
302. $stmt->execute();
303. return $stmt;
304. }
305. catch(PDOException $ex)
306. {
307. echo $ex->getMessage();
308. }
309. }
310.  
311. public function registerBike($userID,$typeOfBike,$brand,$model,$colour,$remarks,$serialNumber,$final_file,$folder)
312. {
313. try
314. {
315.  
316.  
317. $stmt = $this->conn->prepare("INSERT INTO bike_tbl (userID,typeOfBike,brand,model,colour,remarks,serialNumber,file,location)
318. VALUES(:userID,:typeOfBike,:brand,:model,:colour,:remarks,:serialNumber,:file,:location)");
319. $stmt->bindparam(":userID",$userID);
320. $stmt->bindparam(":typeOfBike",$typeOfBike);
321. //$stmt->bindparam(":otherBike",$otherBike);
322. $stmt->bindparam(":brand",$brand);
323. $stmt->bindparam(":model",$model);
324. $stmt->bindparam(":colour",$colour);
325. //$stmt->bindparam(":usedBike",$usedBike);
326. $stmt->bindparam(":remarks",$remarks);
327. $stmt->bindparam(":serialNumber",$serialNumber);
328. $stmt->bindparam(":file",$final_file);
329. $stmt->bindparam(":location",$folder);
330.  
331.  
332. $stmt->execute();
333. return $stmt;
334. }
335. catch(PDOException $ex)
336. {
337. echo $ex->getMessage();
338. }
339. }
340.  
341.  
342. public function updateUser($fullName,$mobileNumber,$password,$address,$postalCode,$email)
343. {
344. try
345. {
346.  
347. $password = md5($password);
348. $stmt = $this->conn->prepare("UPDATE registered_users SET fullName=:fullName,mobileNumber=:mobileNumber,password=:password,address=:address,postalCode=:postalCode WHERE email=:email");
349. // $stmt->execute(array(":email"=>$email));
350. // $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
351. $stmt->bindparam(":email",$email);
352. $stmt->bindparam(":fullName",$fullName);
353.  
354. $stmt->bindparam(":mobileNumber",$mobileNumber);
355.  
356. $stmt->bindparam(":password",$password);
357. $stmt->bindparam(":address",$address);
358. $stmt->bindparam(":postalCode",$postalCode);
359.  
360.  
361.  
362. $stmt->execute();
363. return $stmt;
364. }
365. catch(PDOException $ex)
366. {
367. echo $ex->getMessage();
368. }
369. }
370.  
371. public function login($email,$password)
372. {
373. try
374. {
375. $stmt = $this->conn->prepare("SELECT * FROM registered_users WHERE email=:email_id");
376. $stmt->execute(array(":email_id"=>$email));
377. $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
378.  
379. if($stmt->rowCount() == 1)
380. {
381. if($userRow['userStatus']=="Y")
382. {
383. if($userRow['password']==md5($password))
384. {
385. $_SESSION['userSession'] = $userRow['userID'];
386. return true;
387. }
388. else
389. {
390. header("Location: index.php?error1");
391. exit;
392. }
393. }
394. else
395. {
396. header("Location: index.php?inactive");
397. exit;
398. }
399. }
400. else
401. {
402. header("Location: index.php?error2");
403. exit;
404. }
405. }
406. catch(PDOException $ex)
407. {
408. echo $ex->getMessage();
409. }
410. }
411.  
412.  
413. public function chgpass($currentPassword,$newPassword)
414. {
415. try
416. {
417. $stmt = $this->conn->prepare("SELECT * FROM registered_users WHERE email=:email_id");
418. $stmt->execute(array(":email_id"=>$email));
419. $userRow=$stmt->fetch(PDO::FETCH_ASSOC);
420.  
421. if($stmt->rowCount() == 1)
422. {
423. if($userRow['userStatus']=="Y")
424. {
425. if($userRow['password']==md5($currentPassword))
426. {
427. $_SESSION['userSession'] = $userRow['userID'];
428. $stmt = $this->conn->prepare("UPDATE registered_users SET password=:newPassword WHERE email=:email");
429. $stmt->bindparam(":newPassword",$newPassword);
430. return true;
431. }
432. else
433. {
434. header("Location: index.php?error1");
435. exit;
436. }
437. }
438. else
439. {
440. header("Location: index.php?inactive");
441. exit;
442. }
443. }
444. else
445. {
446. header("Location: index.php?error2");
447. exit;
448. }
449. }
450. catch(PDOException $ex)
451. {
452. echo $ex->getMessage();
453. }
454. }
455.  
456.  
457.  
458. public function is_logged_in()
459. {
460. if(isset($_SESSION['userSession']))
461. {
462. return true;
463. }
464. }
465.  
466. public function redirect($url)
467. {
468. header("Location: $url");
469. }
470.  
471. public function logout()
472. {
473. session_destroy();
474. $_SESSION['userSession'] = false;
475. }
476.  
477. function send_mail($email,$message,$subject)
478. {
479. require_once('../mailer/class.phpmailer.php');
480. $mail = new PHPMailer();
481. $mail->IsSMTP();
482. $mail->SMTPDebug = 0;
483. $mail->SMTPAuth = true;
484. $mail->SMTPSecure = "ssl";
485. $mail->Host = "smtp.gmail.com";
486. $mail->Port = 465;
487. $mail->AddAddress($email);
488. $mail->Username="ABTMP16@gmail.com";
489. $mail->Password="antibicycletheft16";
490. $mail->SetFrom('ABTMP16@gmail.com','Muahammed Ashik');
491. $mail->AddReplyTo("ABTMP16@gmail.com","Reply");
492. $mail->Subject = $subject;
493. $mail->MsgHTML($message);
494. $mail->Send();
495. }
496. }
497. ?>