LiRgiVk4

· 7 years ago · Jan 16, 2019, 09:00 AM
1<?php
2session_start();
3//
4//  $encrypted = my_simple_crypt( $password, 'e' );         Encrypting an password
5//  $decrypted = my_simple_crypt( $password, 'd' );         Decrypting an password
6//
7//  INSERT DATA INTO MYSQL: INSERT INTO userinformation (firstname,lastname,email,username,password) values ("ff","ff","ff","ff","ff")
8//
9
10//Start up the database conversation.
11
12$usernameError = "";
13$emailError = "";
14$registerSucces = "";
15$loginUsernameError = "";
16
17$servername = "localhost";
18$username = "root";
19$password = "";
20$database = "inlogscherm";
21
22$conn = new mysqli($servername, $username, $password, $database);
23
24if ($conn->connect_error){ echo "Connection failed please contact your service provider."; die("Connection failed: " . $conn->connect_error); }
25
26//Check if a user wants to login.
27if(isset($_POST["login-username"]) && isset($_POST["login-password"])){
28    $GETusername = $_POST["login-username"];
29    $GETpassword = $_POST["login-password"];
30
31    $GETpassword = my_simple_crypt( $GETpassword, 'e' ); 
32
33    checkAuth($GETusername, $GETpassword);
34    header('Location: /Inlogscherm/index.php'); 
35
36}
37
38//Check if a user is already loged in.
39if(isset($_SESSION["password"]) && isset($_SESSION["username"])){
40    checkAuth($_SESSION["password"], $_SESSION["username"]); 
41}
42
43//Check if a user wants to send an register form.
44if(isset($_POST["register-firstname"]) && isset($_POST["register-lastname"]) && isset($_POST["register-email"]) && isset($_POST["register-username"]) && isset($_POST["register-password"])){
45    $GETfirstname = $_POST["register-firstname"];
46    $GETlastname = $_POST["register-lastname"];
47    $GETemail = $_POST["register-email"];
48
49    $GETusername = $_POST["register-username"];
50    $GETpassword = $_POST["register-password"];
51
52    insertAuth($GETfirstname, $GETlastname, $GETemail, $GETusername, $GETpassword);
53}
54
55//Checks the given user authecation with the database information.
56function checkAuth($GETusername, $GETpassword){
57    global $conn, $loginUsernameError;
58
59    $userInformation = $conn->query("SELECT username,password FROM userinformation WHERE username='$GETusername' and password='$GETpassword'");
60    $userInformation = $userInformation->fetch_assoc();
61    if($userInformation["username"] == $GETusername && $userInformation["password"] == $GETpassword){
62        $_SESSION["password"] = $userInformation["username"];
63        $_SESSION["username"] = $userInformation["password"];
64        return;
65    }
66    $usernameError = "<div class='register-error'>Sorry... The username and/or password is wrong.</div>";
67}
68
69//Inserting user given authecation data.
70function insertAuth($GETfirstname, $GETlastname, $GETemail, $GETusername, $GETpassword){
71    global $conn, $usernameError, $emailError ;
72
73    $username = $conn->query("SELECT username FROM userinformation WHERE username='$GETusername'");
74    $mail = $conn->query("SELECT email FROM userinformation WHERE email='$GETemail'");
75
76    if($mail->num_rows == 0 && $username->num_rows == 0){
77        echo $GETpassword;
78        $GETpassword = my_simple_crypt( $GETpassword, 'd' ); 
79        $result = $conn->query("INSERT INTO userinformation (firstname, lastname, email, username, password) values ('$GETfirstname', '$GETlastname', '$GETemail', '$GETusername', '$GETpassword')");
80    }
81    if($mail->num_rows == 1){
82        $emailError = "<div class='register-error'>Sorry... The email has already been used.</div>";
83    }
84    if($username->num_rows == 1){
85        $usernameError = "<div class='register-error'>Sorry... The username has already been used.</div>";
86    }
87}
88
89//Logout function.
90function logout(){
91    echo "<script>alert('Your now logout of your account');</script>";
92    session_destroy();
93    header('Location: /Inlogscherm/index.php'); 
94}
95
96function my_simple_crypt( $string, $action = 'e' ) {
97    // you may change these values to your own
98    $secret_key = 'KJH23dw0234hj@$#kl53wfnFWK;wqir756@#ohjfs012-3$#';
99    $secret_iv = 'sdf32rSDFl23e@#wklh24ds;loqjF21!9234@#0dfFWo$@#ier';
100 
101    $output = false;
102    $encrypt_method = "AES-256-CBC";
103    $key = hash( 'sha256', $secret_key );
104    $iv = substr( hash( 'sha256', $secret_iv ), 0, 16 );
105 
106    if( $action == 'e' ) {
107        $output = base64_encode( openssl_encrypt( $string, $encrypt_method, $key, 0, $iv ) );
108    }
109    else if( $action == 'd' ){
110        $output = openssl_decrypt( base64_decode( $string ), $encrypt_method, $key, 0, $iv );
111    }
112 
113    return $output;
114}
115
116?>