Show sourcecode
The following files exists in this folder. Click to view.
webbsrvprg/projects/slutprojekt/tabeller/
create_admin.php
skapa-tabeller.php
create_admin.php
107 lines UTF-8 Windows (CRLF)
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Document</title>
</head>
<body>
<?php
include('../../../dbconnection.php');
ob_clean();
try {
if ($_SERVER['REQUEST_METHOD'] === 'POST' &&
isset($_POST['username'], $_POST['password'], $_POST['email']) &&
!empty($_POST['username']) && !empty($_POST['password']) && !empty($_POST['email'])) {
$email = (trim($_POST['email']));
$användarnamn = (trim($_POST['username']));
$lösenord = password_hash(trim($_POST['password']), PASSWORD_DEFAULT);
$verification_code = bin2hex(random_bytes(16));
$stmt = $dbconn->prepare("SELECT * FROM users WHERE username = :username OR email = :email");
$stmt->bindParam(':username', $användarnamn);
$stmt->bindParam(':email', $email);
$stmt->execute();
if ($_POST['key'] == "admin123") {
if ($stmt->rowCount() > 0) {
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user['username'] === $användarnamn) {
echo "Användarnamnet används redan";
}
if ($user['email'] === $email) {
echo "E-postadressen används redan";
}
}
else {
$expires = date("Y-m-d H:i:s", time() + 900);
$sql = "INSERT INTO users (username, password, email, created_at, admin, is_verified, verification_code, verification_expires)
VALUES (:username, :password, :email, now(), 1, 0, :verification_code, :expires)";
$stmt = $dbconn->prepare($sql);
$stmt->bindParam(':username', $användarnamn);
$stmt->bindParam(':password', $lösenord);
$stmt->bindParam(':email', $email);
$stmt->bindParam(':verification_code', $verification_code);
$stmt->bindParam(':expires', $expires);
$stmt->execute();
$subject = "Bekräfta din e-postadress";
$message = "
<html>
<head>
<title>Bekräfta din e-post</title>
</head>
<body>
<h2>Hej $användarnamn!</h2>
<p>Klicka på länken nedan för att bekräfta din e-postadress:</p>
<p><a href='https://labb.vgy.se/~davidng/webbsrvprg/projects/slutprojekt/verify.php?code=$verification_code'>Bekräfta min e-post</a></p>
</body>
</html> ";
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-Type: text/html; charset=UTF-8" . "\r\n";
$headers .= "From: no-reply@dindomän.com" . "\r\n";
mail($email, $subject, $message, $headers);
echo "Registrering lyckades";
echo "<br>";
echo "Ett verifierings-mail har skickats till $email";
}
}
else {
echo "fel admin nyckel";
}
}
}
catch(PDOException $e) {
echo $sql . "<br />" . $e->getMessage();
}
?>
<h1>Skapa Adminkonto</h1>
<form method="post">
<label for="username">Användarnamn:</label>
<input type="text" name="username" id="username" required> <br>
<label for="password">Lösenord:</label>
<input type="text" name="password" id="password" required> <br>
<label for="email">Epost:</label>
<input type="email" name="email" required> <br>
<br>
<label for="key">Admin Nyckel:</label>
<input type="text" name="key" required> <br>
<input type="submit" value="Skapa konto">
</form>
<br>
<p>Har du redan ett konto? <a href="login.php">Logga in</a></p>
</body>
</html>