Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include "conn.php";
- ob_start();
- use PHPMailer\PHPMailer\PHPMailer;
- use PHPMailer\PHPMailer\Exception;
- require 'vendor/autoload.php';
- if(isset($_POST['login'])){
- $email = $_POST['mail'];
- $pass = $_POST['password'];
- $pass = md5($pass);
- $sql = "SELECT * FROM users WHERE email='$email' and password='$pass'";
- $result = $conn->query($sql);
- if($result->num_rows>0){
- while($row = $result->fetch_assoc()){
- $_SESSION["logged"] = "1";
- $_SESSION["id"] = $row['id'];
- }
- header('Location: ./index.php');
- echo "USPESNO SI LOGOVAN";
- }else{
- echo "Nisi se uspesno ulogovao!";
- }
- }
- // return tru if $str ends with $sub
- function endsWith( $str, $sub ) {
- return ( substr( $str, strlen( $str ) - strlen( $sub ) ) == $sub );
- }
- if(isset($_POST['register'])){
- $email = $_POST['mail'];
- $pass = $_POST['password'];
- $pass = md5($pass);
- $code=substr(md5(mt_rand()),0,15);
- $sql = "INSERT INTO users (`email`, `password`, `code`)
- VALUES ('$email', '$pass', '$code')";
- if($conn->query($sql) === TRUE){
- $sql = "SELECT id FROM users WHERE email='$email'";
- $result = $conn->query($sql);
- if($result->num_rows>0){
- while($row = $result->fetch_assoc()){
- $id = $row["id"];
- }
- }else{
- echo "Error: ". $sql . "<br>" . $conn->error;
- }
- if(endsWith($email, "@raf.rs")){
- //Saljem mail sa $id i $code
- $mail = new PHPMailer(true);
- try {
- $mail->SMTPDebug = 0; // Enable verbose debug output
- $mail->isSMTP(); // Set mailer to use SMTP
- $mail->Host = 'smtp.gmail.com'; // Specify main and backup SMTP servers
- $mail->SMTPAuth = true; // Enable SMTP authentication
- $mail->Username = 'rafoidinfo@gmail.com'; // SMTP username
- $mail->Password = 'rafrules'; // SMTP password
- $mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted
- $mail->Port = 587; // TCP port to connect to
- //Recipients
- $mail->setFrom('rafoidinfo@gmail.com');
- $mail->addAddress($email);
- //Content
- $mail->isHTML(true); // Set email format to HTML
- $mail->Subject = 'Validacioni link';
- $mail->Body = 'Kliknite na ovaj <a href="https://rafoid.000webhostapp.com/verification.php?id='.$id.'&code='.$code.'">link</a> da bi ste aktivirali svoj nalog.';
- $mail->send();
- echo "Poslali smo vam validacioni kod na email";
- } catch (\Exception $e) {
- echo 'Message could not be sent. Mailer Error: ', $mail->ErrorInfo;
- }
- }else{
- echo "Morate se registrovati sa RAF mail-om!";
- }
- }else{
- echo "Error: ". $sql . "<br>" . $conn->error;
- }
- }
- if(isset($_POST['reset'])){
- $email = $_POST['mail'];
- $sql = "SELECT * FROM users WHERE email='$email'";
- $result = $conn->query($sql);
- if($result->num_rows>0){
- $code=substr(md5(mt_rand()),0,15);
- while($row = $result->fetch_assoc()){
- $id = $row["id"];
- }
- //apdejtujem code polje u bazi
- $sql = "UPDATE users SET code='$code' WHERE id='$id'";
- $result = $conn->query($sql);
- //nalog postoji, saljem mail
- $mail = new PHPMailer(true);
- try {
- $mail->SMTPDebug = 0; // Enable verbose debug output
- $mail->isSMTP(); // Set mailer to use SMTP
- $mail->Host = 'smtp.gmail.com'; // Specify main and backup SMTP servers
- $mail->SMTPAuth = true; // Enable SMTP authentication
- $mail->Username = 'rafoidinfo@gmail.com'; // SMTP username
- $mail->Password = 'rafrules'; // SMTP password
- $mail->SMTPSecure = 'tls'; // Enable TLS encryption, `ssl` also accepted
- $mail->Port = 587; // TCP port to connect to
- //Recipients
- $mail->setFrom('rafoidinfo@gmail.com');
- $mail->addAddress($email);
- //Content
- $mail->isHTML(true); // Set email format to HTML
- $mail->Subject = 'Reset sifre';
- $mail->Body = 'Kliknite na ovaj <a href="https://rafoid.000webhostapp.com/reset.php?code='.$code.'">link</a> kako bi resetovali sifru.';
- $mail->send();
- echo "Poslali smo vam link za reset sifre na e-mail";
- } catch (\Exception $e) {
- echo 'Message could not be sent. Mailer Error: ', $mail->ErrorInfo;
- }
- }
- }
- if(isset($_POST['update'])){
- $email = $_POST['mail'];
- $pass = $_POST['password'];
- $pass = md5($pass);
- $sql = "UPDATE users SET password='$pass' WHERE email='$email'";
- $result = $conn->query($sql);
- }
- //Glasanje
- //Prosledjuje se sesija i ID od aplikacije
- if(isset($_POST['glasaj']) && isset($_POST['korisnik']) && isset($_POST['appID'])){
- $korisnik = $_POST['korisnik'];
- $appID = $_POST['appID'];
- //provera da li je korisnik vec glasao
- // proveravam da li je id korisnika == glasac u tabeli glasovi
- $sql = "SELECT * FROM glasovi WHERE glasac = '$korisnik'";
- $result = $conn->query($sql);
- if($result->num_rows>0){
- echo "Vec ste glasali za neku aplikaciju!";
- }else{
- //Ako nema poklapanja u bazi onda moze da glasa
- $sql = "INSERT INTO glasovi (`glasac`, `aplikacija`)
- VALUES ('$korisnik', '$appID')";
- if($conn->query($sql) === TRUE){
- echo "Uspesno ste glasali za ovu aplikaciju <br>Napomena: Ne mozete glasati za vise od jedne aplikacije niti mozete promeniti glas!";
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement