Show sourcecode
The following files exists in this folder. Click to view.
Webserver1/Ovningar/Slutprojekt/
DEBUG/
Media/
header.php
index.php
login.php
signup.php
style.css
verifypage.php
verifypage.php
109 lines UTF-8 Windows (CRLF)
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109
<?php
session_start();
include('../../incl/dbconnection.php');
/**
* @var PDO $dbconn
*/
ini_set("SMTP", "aspmx.l.google.com");
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type: text/html; charset=UTF-8" . "\r\n";
$headers .= "From: test@gmail.com" . "\r\n";
define('VERIFICATION_TIMEOUT', 15 * 60);
?>
<!DOCTYPE html>
<html lang="sv">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Verifikation</title>
</head>
<body>
<?php
print_r($_SESSION);
function unsetAllVerificationVars() : void {
unset($_SESSION['has_mailed']);
unset($_SESSION['hashedPass']);
unset($_SESSION['verificationCode']);
unset($_SESSION['verifyStart']);
unset($_SESSION['verifyType']);
}
if (!isset($_SESSION['verifyStart'])) {
$_SESSION['verifyStart'] = time();
}
$verificationCode = isset($_SESSION['verificationCode']) ? $_SESSION['verificationCode'] : null;
$inputCode = isset($_POST['vCode']) ? $_POST['vCode'] : "";
// Om det inte finns någon verifikationskod finns det inget att göra här
if (!$verificationCode) {
unsetAllVerificationVars();
header("Location:signup.php");
die;
};
if (time() - $_SESSION['verifyStart'] > VERIFICATION_TIMEOUT) {
if ($_SESSION['verifyType'] == "CREATE") {
unsetAllVerificationVars();
header("Location:signup.php?reason=verifyTimeout");
die;
}
}
$email = $_SESSION['email'];
$username = $_SESSION['username'];
$hashedPass = $_SESSION['hashedPass'];
try {
if ($inputCode == $verificationCode) {
if ($_SESSION['verifyType'] == "CREATE") {
$dbconn->beginTransaction();
// Create new row
$sqlInsert = "INSERT INTO bay_users (email, username, password) VALUES(?,?,?)";
$insertStmt = $dbconn->prepare($sqlInsert);
$insertStmt->execute([$email, $username, $hashedPass]);
$dbconn->commit();
// Get information about new record
$sqlSelect = "SELECT user_id FROM bay_users WHERE username=?";
$selectStmt = $dbconn->prepare($sqlSelect);
$selectStmt->execute([$username]);
$result = $selectStmt->fetch(PDO::FETCH_ASSOC);
unsetAllVerificationVars();
echo "<p class='text-center'>Konto skapat! Skickar vidare dig...</p>";
$_SESSION['isLoggedIn'] = true;
$_SESSION['userId'] = $result['user_id'];
$_SESSION['userType'] = $result['user_type'];
$pageToSendTo = isset($_SESSION['lastVisited']) ? $_SESSION['lastVisited'] : "index.php";
header("Location:$pageToSendTo");
}
}
} catch (PDOException $e) {
$dbconn->rollBack();
echo "<p>PROBLEM UPPSTOD: " . $e->getMessage() . "</p><p> FELKOD " . $e->getCode() . "</p>";
echo "<details><summary>Full information</summary>" . $e . "</details>";
}
if (!isset($_SESSION['has_mailed']) || !$_SESSION['has_mailed']) {
echo "Skickade mail till $email";
mail($email, "Verifikationskod", "Din verifikationskod är: <code>$verificationCode</code>. Koden går ut om <b>15 minuter</b>", $headers);
$_SESSION['has_mailed'] = true;
}
?>
<form action="" method="post">
<label for="vCode">Skriv den verifikationskod du fick mejlat:</label>
<input type="text" id="vCode" name="vCode">
</form>
</body>
</html>