T9YfhNVf

· 6 years ago · Jan 28, 2020, 06:10 PM
1register	-> check if email exists (at user table) + cutSpaces($email)
2				-> if true	-> $message = "The e-mail is already in use. Recover your password <a href='index.php?site=lostpw'>here</a>.";
3				-> else		-> cutSpaces($email)
4							-> INSERT INTO table_name ( field1, fieldN ) VALUES ( value1, valueN );
5							-> create token_register
6								-> $token_value = md5($_POST['email']);		(check notes)
7								-> cutSpaces($token_register_value)
8								-> INSERT INTO token_register (user_email, token_register_value) VALUES ($user_email, $token_value);
9								-> $message = "Check your e-mail inbox to validate your account (also your spam folder).";
10login		-> check if email is verified (at token_register table) + cutSpaces($email)
11				-> if false	-> $message = "Your account is not activated yet. Please check your e-mail inbox and spam folder to continue.";
12				-> else		-> if e-mail + md5(password) (num_rows==1)
13								session_start();
14							-> else
15								$message = "Invalid e-mail/password combination.";
16lostpw		-> check if email exists (at user table) + cutSpaces($email)
17				-> if false	-> $message = "No account with the e-mail provided was found.";
18				-> else		-> create token_lostpw + cancel every other pending token with that e-mail
19								-> $token_value = md5($_POST['email']);		(check notes)
20								-> INSERT INTO token_register (user_email, token_register_value) VALUES ($user_email, $token_value);
21								-> $message = "Check your e-mail inbox to validate your account (also your spam folder).";
22token_		-> check if token exists from $_GET (at token_register table)
23register		-> if false	-> $message = "The page requested does not exist.";
24				-> else		-> update token_register_state = 1 (at token_register table)
25								-> UPDATE token_register SET token_register_state='1' WHERE user_email='$user_email'
26								-> fetch user_email / join
27							-> update user_state = 1 (at user table)
28								-> UPDATE user SET user_state='1' WHERE user_email='$user_email'
29							-> update token_register_status (at token_register)
30								-> $message = "Your account is now activated.<br>Click to <a href='index.php?site=login'>Login</a>.";
31token_		-> check if token exists from $_GET (at token_lostpw table)
32lostpw			-> if false	-> $message = "The page requested does not exist.";
33				-> else		-> (print new password + confirm password table)
34							-> get md5(passwords) and compare both passwords
35								-> if false	-> $message = "The passwords do not match.";
36								-> else		-> update token_lostpw_status = 1 (at token_lostpw)
37												-> UPDATE token_lostpw SET token_lostpw_state='1' WHERE token_lostpw_value='$token_lostpw_value'
38													-> fetch user_email / join
39											-> update password && user_state = 1 (at user table)
40												-> UPDATE user SET user_password='$password' , user_state='1' WHERE user_email='$user_email
41												-> $message = "Your password was restored.<br>Click to <a href='index.php?site=login'>Login</a>.";
42//------------------------------------------------------------------------------------------------------------------------------------------------------
43NOTES
44	md5 tokens must have a date+time concatenation -> to be unique
45		$email = "aa@bb.cc";
46		$str = date('d M Y h:i:s', time());
47		echo(md5($email . $str));
48		
49	0 = not used
50	1 = used
51	
52	rename table - country -> region
53	
54	table field sizes
55		1	->	boolean	(state)
56		10	->	unique-id's
57		25	->	.
58		50	->	token values /
59		1000->	textarea (comments, news, etc)
60	
61	// get ip?
62	// https://stackoverflow.com/questions/15699101/get-the-client-ip-address-using-php	
63//------------------------------------------------------------------------------------------------------------------------------------------------------
64TABLES
65token_register	(10)token_register_id	(25)user_email			(50)token_register_value	(1)token_register_state=0
66token_lostpw	(10)token_lostpw_id		(25)user_email			(50)token_lostpw_value		(1)token_lostpw_status=0
67news			(10)news_id				(10)writter_id			(50)news_title				(50)news_short				(1000)news_content	(20)news_date	(10)news_category_id
68news_category	(10)news_category_id	(25)news_category_name	
69match
70clan			(10)clan_id				(10)clan_short			(25)clan_name				(10)region_id				(25)clan_created_date
71clan_log
72user_log
73member			(10)member_id			(15)member_nickname		(10)clan_id				
74crew
75ladder			(10)ladder_id			(10)game_id				(25)ladder_name				(10)rank1_clan_id
76clan_ladder		(10)clan_ladder_id		(10)ladder_id			(10)clan_id					(10)clan_ladder_points
77game			(10)game_id				(10)game_short			(50)game_name
78suspension		(10)suspension_id		(10)user_id				(10)suspens_reason_id		(25)suspension_expire_date
79suspens_reason	(10)suspens_reason_id	(50)suspens_reason_name (10)suspens_reason_play		(10)suspens_reason_post		(10)suspens_reason_duration
80//------------------------------------------------------------------------------------------------------------------------------------------------------
81QUERIES
82token_register
83	UPDATE token_register	SET token_register_status='1' 	WHERE token_register_value='$token_register_value' 				-> fetch user_email / join
84	UPDATE user 			SET user_state='1' 				WHERE user_email='$user_email'
85token_lostpw
86	UPDATE token_lostpw		SET token_lostpw_status='1' 		WHERE token_lostpw_value='$token_lostpw_value'				-> fetch user_email / join
87	UPDATE user 			SET user_password='$user_password' 	WHERE user_email='$user_email'