API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 4th, 2017
129
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.92 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. function login($username, $password){
  3. $user_id = user_id_from_username($username);
  4. global $con;
  5. $username = sanitize($username);
  6. $password = md5($password);
  7.  
  8. return (mysqli_num_rows(mysqli_query($con, "SELECT COUNT(`user_id`) FROM `users` WHERE `username`='$username' AND `password`='$password'"))==1) ? $user_id : false;
  9. }
  10. ?>
  11.  
  12. <?php
  13.  
  14. function change_password($user_id, $password){
  15. $user_id = (int)$user_id;
  16. $password = md5($password);
  17.  
  18. mysqli_query("UPDATE `users` SET `password` = '$password' WHERE `user_id` = $user_id");
  19. }
  20.  
  21. function register_user($register_data){
  22. array_walk($register_data, 'array_sanitize');
  23. $register_data['password'] = md5($register_data['password']);
  24.  
  25. $fields = '`' . implode('`, `', array_keys($register_data)) . '`';
  26. $data = ''' . implode('', '', $register_data) . ''';
  27.  
  28. mysqli_query("INSERT INTO `users` ($fields) VALUES ($data)");
  29. }
  30.  
  31. function user_count(){
  32. return mysqli_num_rows (mysqli_query("SELECT COUNT(`user_id`) FROM `users` WHERE `active` = 1"), 0);
  33. }
  34.  
  35. function user_data($user_id){
  36. $data = array();
  37. $user_id = (int)$user_id;
  38.  
  39. $func_num_args = func_num_args();
  40. $func_get_args = func_get_args();
  41.  
  42. if ($func_get_args > 1){
  43. unset($func_get_args[0]);
  44.  
  45. $fields = '`' . implode('`, `', $func_get_args) . '`';
  46. $data = mysqli_fetch_assoc(mysqli_query("SELECT $fields FROM `users` WHERE `user_id` = $user_id"));
  47.  
  48. return $data;
  49. }
  50. }
  51.  
  52.  
  53. function logged_in(){
  54. return (isset($_SESSION['user_id'])) ? true : false;
  55. }
  56.  
  57. function user_exists($username) {
  58. global $con;
  59. $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE username = ?");
  60. mysqli_stmt_bind_param($stmt, "s", $username);
  61. mysqli_stmt_execute($stmt);
  62. mysqli_stmt_bind_result($stmt, $count);
  63. mysqli_stmt_fetch($stmt);
  64. return $count == 1;
  65. }
  66.  
  67.  
  68. function email_exists($email) {
  69. global $con;
  70. $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE email = ?");
  71. mysqli_stmt_bind_param($stmt, "s", $email);
  72. mysqli_stmt_execute($stmt);
  73. mysqli_stmt_bind_result($stmt, $count);
  74. mysqli_stmt_fetch($stmt);
  75. return $count == 1;
  76. }
  77.  
  78.  
  79.  
  80. function user_active($username) {
  81. global $con;
  82. $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE username = ? AND active = 1");
  83. mysqli_stmt_bind_param($stmt, "s", $username);
  84. mysqli_stmt_execute($stmt);
  85. mysqli_stmt_bind_result($stmt, $count);
  86. mysqli_stmt_fetch($stmt);
  87. return $count == 1;
  88. }
  89.  
  90.  
  91.  
  92. function user_id_from_username($username) {
  93. global $con;
  94. $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE username = ?");
  95. mysqli_stmt_bind_param($stmt, "s", $username);
  96. mysqli_stmt_execute($stmt);
  97. mysqli_stmt_bind_result($stmt, $count);
  98. mysqli_stmt_fetch($stmt);
  99. return $count == 1;
  100. }
  101.  
  102.  
  103.  
  104. function login($username, $password) {
  105. global $con;
  106. $password = md5($password);
  107. $stmt = mysqli_prepare($con, "SELECT COUNT(*) FROM users WHERE username = ? AND password = ?");
  108. mysqli_stmt_bind_param($stmt, 'ss', $username, $password);
  109. mysqli_stmt_execute($stmt);
  110. mysqli_stmt_bind_result($stmt, $count);
  111. mysqli_stmt_fetch($stmt);
  112. return $count == 1;
  113. }
  114.  
  115.  
  116. ?>
  117.  
  118. <?php
  119. ob_start();
  120. include("connect.php");
  121. include("int.php");
  122.  
  123. if(empty($_POST) === false){
  124. $username = $_POST['username'];
  125. $password = $_POST['password'];
  126.  
  127. if (empty($username) === true || empty($password) === true){
  128. $errors[] = '<div class="error-notice">
  129. <div class="oaerror warning">
  130. <strong>Oops!</strong>
  131. You need to enter a username and a passsword!
  132. </div></div>';
  133. } else if(user_exists($username) === false){
  134. $errors[] = '<div class="error-notice">
  135. <div class="oaerror info">
  136. <strong>Hmm.</strong>
  137. Username not found. Have you registered first?
  138. </div></div>';
  139. } else if(user_active($username) === false){
  140. $errors[] = '<div class="error-notice">
  141. <div class="oaerror warning">
  142. <strong>Oops!</strong>
  143. Your account is not activated! Be sure to check your mail!
  144. </div></div>';
  145. } else{
  146.  
  147. if (strlen($password) > 32){
  148. $errors[] ='<div class="error-notice">
  149. <div class="oaerror warning">
  150. <strong>Oops!</strong>
  151. Your password is too long!
  152. </div></div>';
  153. }
  154.  
  155. $login = login($username, $password);
  156. if($login === false){
  157. $errors[] ='<div class="error-notice">
  158. <div class="oaerror danger">
  159. <strong>Uh oh!</strong>
  160. Your Username/Password is incorrect!
  161. </div></div>';
  162. } else{
  163. // set the user sesssion
  164. $_SESSION['user_id'] = $login;
  165. // redirect user to home
  166. header("Location: index.php");
  167. ob_end_flush();
  168. exit();
  169. }
  170. }
  171. } else{
  172. }
  173. echo output_errors($errors);
  174.  
  175. if (logged_in() === true){
  176. header("Location: index.php");
  177. exit();
  178. }else{
  179. }
  180.  
  181. ?>
  182.  
  183. if (empty($_POST) === false){
  184. $required_fields = array('username', 'password', 'password_again', 'first_name', 'email');
  185. foreach($_POST as $key=>$value){
  186. if (empty($value) && in_array($key, $required_fields) === true){
  187. $errors[] = '<div class="error-notice">
  188. <div class="oaerror danger">
  189. <strong>Uh oh!</strong>
  190. Fields marked with an asterisk(*) are required.
  191. </div></div>';
  192. break 1;
  193. }
  194. }
  195.  
  196. if (empty($errors) === true) {
  197. if (user_exists($_POST['username']) === true){
  198. $errors[] = '<div class="error-notice">
  199. <div class="oaerror danger">
  200. <strong>Uh oh!</strong>
  201. Sorry, the username '' . htmlentities($_POST['username']) . '' is already taken.
  202. </div></div>';
  203.  
  204. }
  205.  
  206. if (preg_match("/\s/", $_POST['username']) == true){
  207. $errors[] = '<div class="error-notice">
  208. <div class="oaerror danger">
  209. <strong>Uh oh!</strong>
  210. Your username must not contain any spaces.
  211. </div></div>';
  212.  
  213. }
  214.  
  215. if (strlen($_POST['password']) <= 6){
  216. $errors[] = '<div class="error-notice">
  217. <div class="oaerror danger">
  218. <strong>Uh oh!</strong>
  219. Your password needs to be at least 6 characters long.
  220. </div></div>';
  221. }
  222.  
  223. if ($_POST['password'] !== $_POST['password_again']){
  224. $errors[] = '<div class="error-notice">
  225. <div class="oaerror danger">
  226. <strong>Uh oh!</strong>
  227. Your passwords do not match.
  228. </div></div>';
  229. }
  230.  
  231. if (filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false){
  232. $errors[] = '<div class="error-notice">
  233. <div class="oaerror danger">
  234. <strong>Uh oh!</strong>
  235. A valid email is required.
  236. </div></div>';
  237. }
  238.  
  239. if (email_exists($_POST['email']) === true){
  240. $errors[] = '<div class="error-notice">
  241. <div class="oaerror danger">
  242. <strong>Uh oh!</strong>
  243. Sorry, the E-Mail '' .($_POST['email']) . '' is already in use.
  244. </div></div>';
  245. }
  246. }
  247. }
  248.  
  249. if (isset($_GET['success']) && empty($_GET['success'])){
  250. echo '<div class="error-notice">
  251. <div class="oaerror success">
  252. <strong>Wooh!</strong>
  253. You've been successfully registered!
  254. </div></div>';
  255. }else{
  256. if (empty($_POST) === false && empty($errors) === true){
  257. $register_data = array(
  258. 'username' => $_POST['username'],
  259. 'password' => $_POST['password'],
  260. 'first_name' => $_POST['first_name'],
  261. 'last_name' => $_POST['last_name'],
  262. 'email' => $_POST['email'],
  263. 'quote' => $_POST['quote'],
  264. 'who' => $_POST['who']
  265. );
  266. register_user($register_data);
  267. header("Location: quotin_register_page.php?success");
  268. exit();
  269. }else if(empty($errors) === false){
  270. echo output_errors($errors);
  271. }
  272.  
  273. <?php
  274. $con = mysqli_connect("gator4159.hostgator.com", "", "password", "DB");
  275.  
  276. // Check connection
  277. if (mysqli_connect_errno())
  278. {
  279. echo "Failed to connect to MySQL: " . mysqli_connect_error();
  280. }
  281. ?>
  282.  
  283. <?php
  284. session_start();
  285. //error_reporting(0);
  286.  
  287.  
  288. require("connect.php");
  289. require("general.php");
  290. require("users.php");
  291.  
  292.  
  293.  
  294. $errors = array();
  295. ?>
  296.  
  297. <?php
  298.  
  299.  
  300. function array_sanitize(&$item){
  301. global $con;
  302. $item = mysqli_real_escape_string($con, $item);
  303. }
  304.  
  305. function sanitize($data){
  306. global $con;
  307. return mysqli_real_escape_string($con, $data);
  308. }
  309.  
  310. function output_errors($errors){
  311. $output = array();
  312. foreach($errors as $error){
  313. $output[] = $error;
  314. }
  315. return implode('', $output);
  316. }
  317. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!