SHARE
TWEET

Untitled

a guest Aug 18th, 2018 118 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. /* secure/access.php */
  2. <?php
  3.  
  4. class access {
  5.  
  6.    var $db_host = null;
  7.    var $db_username = null;
  8.    var $db_password = null;
  9.    var $db_name = null;
  10.  
  11.    var $conn = null;
  12.  
  13.    var $result = null;
  14.  
  15.    function __construct($dbHost, $dbUser, $dbPassword, $dbName) {
  16.       $this->db_host = $dbHost;
  17.       $this->db_username = $dbUser;
  18.       $this->db_password = $dbPassword;
  19.       $this->db_name = $dbName;
  20.    }
  21.  
  22.    public function connect() {
  23.  
  24.       $this->conn = new mysqli($this->db_host, $this->db_username, $this->db_password, $this->db_name);
  25.  
  26.       if (mysqli_connect_errno()) {
  27.          echo "Couldn't connect to the Database";
  28.          echo mysqli_connect_error();
  29.       }
  30.  
  31.       $this->conn->set_charset("utf8");
  32.    }
  33.  
  34.     public function disconnect() {
  35.  
  36.         if ($this->conn != null) {
  37.             $this->conn->close();
  38.         }
  39.     }
  40.  
  41.     public function createUser($username, $password, $salt, $email, $fullname) {
  42.  
  43.         $sql = "INSERT INTO users
  44.                 SET
  45.                 username=?, password=?, salt=?, email=?, fullname=? ";
  46.  
  47.         $statement = $this->conn->prepare($sql);
  48.  
  49.         try {
  50.             throw new Exception($statement->error);
  51.         } catch (Exception $e) {
  52.         }
  53.  
  54.         $statement->bind_param("sssss", $username, $password, $salt, $email, $fullname);
  55.  
  56.         $returnValue = $statement->execute();
  57.  
  58.         return $returnValue;
  59.     }
  60.  
  61.     public function getUserInfo($username) {
  62.  
  63.         $sql = "SELECT * FROM users
  64.                WHERE username = " . $username ." ";
  65.  
  66.         $result = $this->conn->query($sql);
  67.  
  68.         if ($result != null && (mysqli_num_rows($result) >= 1)) {
  69.             $row = $result->fetch_array(MYSQLI_ASSOC);
  70.  
  71.             if (!empty($row)) {
  72.                 $returnArray = $row;
  73.             }
  74.         }
  75.         return $returnArray;
  76.     }
  77.  
  78. }
  79.    
  80. /* register.php */
  81. <?php
  82.  
  83. $username = htmlentities($_REQUEST["username"]);
  84. $password = htmlentities($_REQUEST["password"]);
  85. $email = htmlentities($_REQUEST["email"]);
  86. $fullname = htmlentities($_REQUEST["fullname"]);
  87.  
  88. if (empty($username) || empty($password) || empty($email) || empty($fullname)) {
  89.     $returnArray["status"] = "400";
  90.     $returnArray["message"] = "Missing required information";
  91.     echo json_encode($returnArray);
  92.     return;
  93. }
  94.  
  95. $salt = openssl_random_pseudo_bytes(20);
  96.  
  97. $secured_password = sha1($password . $salt);
  98.  
  99. $file = parse_ini_file("../../TwitterApp.ini");
  100.  
  101. $host = trim($file["dbhost"]);
  102. $user = trim($file["dbuser"]);
  103. $pass = trim($file["dbpass"]);
  104. $name = trim($file["dbname"]);
  105.  
  106. require ("secure/access.php");
  107.  
  108. $access = new access($host, $user, $pass, $name);
  109. $access->connect();
  110.  
  111. try {
  112.     $result = $access->createUser($username, $secured_password, $salt, $email, $fullname);
  113. } catch (Exception $e) {
  114. }
  115.  
  116. if ($result) {
  117.     $user = $access->getUserInfo($username);
  118.  
  119.     $returnArray["status"]  = "200";
  120.     $returnArray["message"] = "Successfully registered";
  121.  
  122.     $returnArray["id"]       = $user["id"];
  123.     $returnArray["username"] = $user["username"];
  124.     $returnArray["email"]    = $user["email"];
  125.     $returnArray["fullname"] = $user["fullname"];
  126.     $returnArray["ava"]      = $user["ava"];
  127.  
  128. } else {
  129.     $returnArray["status"]  = "400";
  130.     $returnArray["message"] = "Could not register with provided Information";
  131. }
  132.  
  133. $access->disconnect();
  134.  
  135. echo json_encode($returnArray);
  136.  
  137. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top