API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 3rd, 2016
105
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.37 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. function checkUserEmail($uname,$email)
  3. {
  4. global $link;
  5. global $_SESSION;
  6. $error = array('status'=>false,'userID'=>0);
  7. if (isset($email) && trim($email) != '') {
  8. //email was entered
  9. if ($SQL = $link->prepare("SELECT `ID` FROM `users_enc` WHERE `Email` = ? LIMIT 1"))
  10. {
  11. $email=trim($email);
  12. $SQL->bind_param('s',$email);
  13. $SQL->execute();
  14. $SQL->store_result();
  15. $numRows = $SQL->num_rows();
  16. $SQL->bind_result($userID);
  17. $SQL->fetch();
  18. $SQL->close();
  19. if ($numRows >= 1)
  20. {
  21. return array('status'=>true,'userID'=>$userID);
  22. } else {
  23. $_SESSION['alert'] = '<strong>FOUT!</strong> Je e-mailadres komt niet voor in ons systeem.';
  24. return $error;
  25. }
  26. }
  27. } elseif (isset($uname) && trim($uname) != '') {
  28. //username was entered
  29. if ($SQL = $link->prepare("SELECT `ID` FROM `users_enc` WHERE `Username` = ? LIMIT 1"))
  30. {
  31. $uname=trim($uname);
  32. $SQL->bind_param('s',$uname);
  33. $SQL->execute();
  34. $SQL->store_result();
  35. $numRows = $SQL->num_rows();
  36. $SQL->bind_result($userID);
  37. $SQL->fetch();
  38. $SQL->close();
  39. if ($numRows >= 1)
  40. {
  41. return array('status'=>true,'userID'=>$userID);
  42. } else {
  43. $_SESSION['alert'] = '<strong>FOUT!</strong> Je gebruikersnaam komt niet voor in ons systeem.';
  44. return $error;
  45. }
  46. }
  47. } else {
  48. //nothing was entered;
  49. $_SESSION['alert'] = '<strong>FOUT!</strong> Je moet je e-mailadres of gebruikersnaam ingeven.';
  50. return $error;
  51. }
  52. }
  53.  
  54. function getSecurityQuestion($userID)
  55. {
  56. global $link;
  57. global $_SESSION;
  58. $questions = array();
  59. $questions[0] = "Wat is jouw moeders familienaam?";
  60. $questions[1] = "In welke stad ben je geboren?";
  61. $questions[2] = "Wat is jouw lievelingskleur?";
  62. $questions[3] = "Welk jaar ben je afgestudeerd?";
  63. $questions[4] = "Wat was de naam van je eerste liefje?";
  64. $questions[5] = "Wat is uw favoriet automerk?";
  65. if ($SQL = $link->prepare("SELECT `secQ` FROM `users_enc` WHERE `ID` = ? LIMIT 1"))
  66. {
  67. $SQL->bind_param('i',$userID);
  68. $SQL->execute();
  69. $SQL->store_result();
  70. $SQL->bind_result($secQ);
  71. $SQL->fetch();
  72. $SQL->close();
  73. return $questions[$secQ];
  74. } else {
  75. return false;
  76. }
  77. }
  78.  
  79. function checkSecAnswer($userID,$answer)
  80. {
  81. global $link;
  82. global $_SESSION;
  83. if ($SQL = $link->prepare("SELECT `Username` FROM `users_enc` WHERE `ID` = ? AND LOWER(`secA`) = ? LIMIT 1"))
  84. {
  85. $answer = strtolower($answer);
  86. $SQL->bind_param('is',$userID,$answer);
  87. $SQL->execute();
  88. $SQL->store_result();
  89. $numRows = $SQL->num_rows();
  90. $SQL->close();
  91. if ($numRows >= 1)
  92. {
  93. return true;
  94. } else {
  95. $_SESSION['alert'] = '<strong>FOUT!</strong> Je antwoord op de vraag was niet correct.';
  96. return false;
  97. }
  98. }
  99. }
  100.  
  101. function sendPasswordEmail($userID)
  102. {
  103. global $link;
  104. global $_SESSION;
  105. if ($SQL = $link->prepare("SELECT Username,Email FROM users_enc WHERE ID = ? LIMIT 1"))
  106. {
  107. $SQL->bind_param('i',$userID);
  108. $SQL->execute();
  109. $SQL->store_result();
  110. $SQL->bind_result($uname,$email);
  111. $SQL->fetch();
  112. $SQL->close();
  113. $expFormat = mktime(date("H"), date("i"), date("s"), date("m") , date("d")+3, date("Y"));
  114. $expDate = date("Y-m-d H:i:s",$expFormat);
  115. $tohash = $uname . '_' . $email . rand(0,10000) .$expDate;
  116. $key = password_hash($tohash, PASSWORD_DEFAULT);
  117. $encUserID = urlencode(base64_encode($userID));
  118. if ($SQL = $link->prepare("INSERT INTO recoveryemails_enc (`UserID`,`Key`,`expDate`) VALUES (?,?,?)"))
  119. {
  120. $SQL->bind_param('iss',$userID,$key,$expDate);
  121. $SQL->execute();
  122. $SQL->close();
  123. $passwordLink = "<a href=\"http://mds.go-ao.eu/021passwords/wwreset.php?a=recover&email=" . $key . "&u=" . $encUserID . "\">http://mds.go-ao.eu/021passwords/wwreset.php?a=recover&email=" . $key . "&u=" . $encUserID . "</a>";
  124. $message = "<html><body>Beste $uname,<br>";
  125. $message .= "<p>Gelieve volgende link te volgen om je wachtwoord te resetten:<br>";
  126. $message .= "$passwordLink</p>";
  127. $message .= "<p>Mocht de link niet werken, gelieve de volledige link in je browser te kopiëren.</p>";
  128. $message .= "<p>De link zal om veiligheidsredenen na 3 dagen vervallen.</p>";
  129. $message .= "<p>Als u deze vergeten wachtwoord e-mail niet heeft aangevraagd, is geen verdere actie nodig, uw wachtwoord zal niet worden gereset zolang de link hierboven niet wordt bezocht.</p>";
  130. $message .= "<p>Alvast bedankt,</p>";
  131. $message .= "<p>MDS</p></body></html>";
  132. $mail = new PHPMailer;
  133. $mail->isSMTP();
  134. $mail->Host = 'smtp.gmail.com';
  135. $mail->SMTPAuth = true;
  136. $mail->Username = "xxx@go-ao.eu";
  137. $mail->Password = 'xxx';
  138. $mail->Username = "xxx@go-ao.eu";
  139. $mail->SMTPSecure = 'tls';
  140. $mail->Port = 587;
  141. $mail->setFrom('xxx@go-ao.eu', 'Webmaster 6info.go-ao.eu/xxx');
  142. $mail->addAddress($email, $uname);
  143. $mail->isHTML(true);
  144. $mail->Subject = "Uw aanvraag voor nieuw wachtwoord";
  145. $mail->Body = $message;
  146. $mail->AltBody = strip_tags($message);
  147. if ($mail->send()) {
  148. return true;
  149. } else {
  150. $_SESSION['alert'] = '<strong>FOUT bij verzenden!</strong><p>Er is iets fout gelopen tijdens het verzenden van je mail:</p><p>' . $mail->ErrorInfo .'</p>';
  151. return false;
  152. }
  153. }
  154. }
  155. $_SESSION['alert'] = '<strong>FOUT bij verzenden!</strong><p>Er is iets fout gelopen tijdens het verzenden van je mail:</p><p>'.$link->error.'</p>';
  156. return false;
  157. }
  158.  
  159. function checkEmailKey($key,$userID)
  160. {
  161. global $link;
  162. $curDate = date("Y-m-d H:i:s");
  163. if ($SQL = $link->prepare("SELECT `UserID` FROM `recoveryemails_enc` WHERE `Key` = ? AND `UserID` = ? AND `expDate` >= ?"))
  164. {
  165. $SQL->bind_param('sis',$key,$userID,$curDate);
  166. $SQL->execute();
  167. $SQL->execute();
  168. $SQL->store_result();
  169. $numRows = $SQL->num_rows();
  170. $SQL->bind_result($userID);
  171. $SQL->fetch();
  172. $SQL->close();
  173. if ($numRows > 0 && $userID != '')
  174. {
  175. return array('status'=>true,'userID'=>$userID);
  176. }
  177. }
  178. return false;
  179. }
  180.  
  181. function updateUserPassword($userID,$password,$key)
  182. {
  183. global $link;
  184. if (checkEmailKey($key,$userID) === false) return false;
  185. if ($SQL = $link->prepare("UPDATE `users_enc` SET `Password` = ? WHERE `ID` = ?"))
  186. {
  187. $password = password_hash(trim($password), PASSWORD_DEFAULT);
  188. $SQL->bind_param('si',$password,$userID);
  189. $SQL->execute();
  190. $SQL->close();
  191. $SQL = $link->prepare("DELETE FROM `recoveryemails_enc` WHERE `Key` = ?");
  192. $SQL->bind_param('s',$key);
  193. $SQL->execute();
  194. }
  195. }
  196. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!