Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- /* secure/access.php */
- <?php
- class access {
- var $db_host = null;
- var $db_username = null;
- var $db_password = null;
- var $db_name = null;
- var $conn = null;
- var $result = null;
- function __construct($dbHost, $dbUser, $dbPassword, $dbName) {
- $this->db_host = $dbHost;
- $this->db_username = $dbUser;
- $this->db_password = $dbPassword;
- $this->db_name = $dbName;
- }
- public function connect() {
- $this->conn = new mysqli($this->db_host, $this->db_username, $this->db_password, $this->db_name);
- if (mysqli_connect_errno()) {
- echo "Couldn't connect to the Database";
- echo mysqli_connect_error();
- }
- $this->conn->set_charset("utf8");
- }
- public function disconnect() {
- if ($this->conn != null) {
- $this->conn->close();
- }
- }
- public function createUser($username, $password, $salt, $email, $fullname) {
- $sql = "INSERT INTO users
- SET
- username=?, password=?, salt=?, email=?, fullname=? ";
- $statement = $this->conn->prepare($sql);
- try {
- throw new Exception($statement->error);
- } catch (Exception $e) {
- }
- $statement->bind_param("sssss", $username, $password, $salt, $email, $fullname);
- $returnValue = $statement->execute();
- return $returnValue;
- }
- public function getUserInfo($username) {
- $sql = "SELECT * FROM users
- WHERE username = " . $username ." ";
- $result = $this->conn->query($sql);
- if ($result != null && (mysqli_num_rows($result) >= 1)) {
- $row = $result->fetch_array(MYSQLI_ASSOC);
- if (!empty($row)) {
- $returnArray = $row;
- }
- }
- return $returnArray;
- }
- }
- /* register.php */
- <?php
- $username = htmlentities($_REQUEST["username"]);
- $password = htmlentities($_REQUEST["password"]);
- $email = htmlentities($_REQUEST["email"]);
- $fullname = htmlentities($_REQUEST["fullname"]);
- if (empty($username) || empty($password) || empty($email) || empty($fullname)) {
- $returnArray["status"] = "400";
- $returnArray["message"] = "Missing required information";
- echo json_encode($returnArray);
- return;
- }
- $salt = openssl_random_pseudo_bytes(20);
- $secured_password = sha1($password . $salt);
- $file = parse_ini_file("../../TwitterApp.ini");
- $host = trim($file["dbhost"]);
- $user = trim($file["dbuser"]);
- $pass = trim($file["dbpass"]);
- $name = trim($file["dbname"]);
- require ("secure/access.php");
- $access = new access($host, $user, $pass, $name);
- $access->connect();
- try {
- $result = $access->createUser($username, $secured_password, $salt, $email, $fullname);
- } catch (Exception $e) {
- }
- if ($result) {
- $user = $access->getUserInfo($username);
- $returnArray["status"] = "200";
- $returnArray["message"] = "Successfully registered";
- $returnArray["id"] = $user["id"];
- $returnArray["username"] = $user["username"];
- $returnArray["email"] = $user["email"];
- $returnArray["fullname"] = $user["fullname"];
- $returnArray["ava"] = $user["ava"];
- } else {
- $returnArray["status"] = "400";
- $returnArray["message"] = "Could not register with provided Information";
- }
- $access->disconnect();
- echo json_encode($returnArray);
- ?>
Add Comment
Please, Sign In to add comment