Källkod
Följande filer och mappar finns under mappen webbserverprogrammering.
Mappar visas till vänster och filer till höger. Klicka på en fil eller mapp för att öppna nedan eller visa dess innehåll.
webbserverprogrammering/projects/quiz-extended/
26 filer
admin.php
confirm_account.php
create_account.php
create_quiz.php
css/
dbconnection.php
highscore.php
index.php
js/
logbook.php
login.php
mysql_create_table_options.php
mysql_create_table_questions.php
mysql_create_table_quizzes.php
mysql_create_table_results.php
mysql_create_table_submits.php
mysql_create_table_users.php
plan.php
planering.txt
profile.php
projektrapport.txt
quizzes.php
resources/
result.php
send_email.php
session_variable_array_check.php
confirm_account.php
create_account.php
create_quiz.php
css/
dbconnection.php
highscore.php
index.php
js/
logbook.php
login.php
mysql_create_table_options.php
mysql_create_table_questions.php
mysql_create_table_quizzes.php
mysql_create_table_results.php
mysql_create_table_submits.php
mysql_create_table_users.php
plan.php
planering.txt
profile.php
projektrapport.txt
quizzes.php
resources/
result.php
send_email.php
session_variable_array_check.php
create_account.php
113 lines ASCII Windows (CRLF)
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113
<?php
error_reporting(-1); // Report all type of errors
ini_set('display_errors', 1); // Display all errors
ini_set('output_buffering', 0); // Do not buffer outputs, write directly
function dump($dump) {
echo "<pre>";
var_dump($dump);
echo "</pre>";
}
session_start();
include "session_variable_array_check.php";
if ($_SESSION['quizExtended']['loggedIn']) {
header("Location:index.php");
}
// POST RECEIVE
$userRegistered = false;
$redMessage = "";
$email = "ERROR";
if (isset($_POST['displayname']) && isset($_POST['username']) && isset($_POST['password']) && isset($_POST['email']) && isset($_POST['submitted'])) {
include "dbconnection.php";
include "send_email.php"; // includes email sending function
$username = $_POST['username'];
$email = $_POST['email'];
// checks for already existing accounts with same username
$sql = "SELECT * FROM quizext_users WHERE username=?";
$stmt = $dbconn->prepare($sql);
$stmt->execute([$username]);
$usermatches = $stmt->fetchAll(PDO::FETCH_ASSOC);
// checks for already existing accounts with same email
$sql = "SELECT * FROM quizext_users WHERE email=?";
$stmt = $dbconn->prepare($sql);
$stmt->execute([$email]);
$emailmatches = $stmt->fetchAll(PDO::FETCH_ASSOC);
// if credentials are unique, account is allowed
if (count($usermatches) < 1 && count($emailmatches) < 1) {
$displayname = $_POST['displayname'];
$password = $_POST['password'];
$password = password_hash($password, PASSWORD_DEFAULT);
do {
// pseudo-randomly generated token used for account email verification. Unguessable and more secure than using uid
$regtoken = bin2hex(random_bytes(35));
// Checks so that regtoken is unique
$sql = "SELECT regtoken FROM quizext_users WHERE regtoken=?";
$stmt = $dbconn->prepare($sql);
$stmt->execute([$regtoken]);
$matches = $stmt->fetchAll(PDO::FETCH_COLUMN);
} while (count($matches) > 0);
// preliminary user registration into database, along with unique token
$sql = "INSERT INTO quizext_users (displayname, username, password, email, user_level, regtoken) VALUES (?, ?, ?, ?, ?, ?)";
$stmt = $dbconn->prepare($sql);
$stmt->execute([$displayname, $username, $password, $email, "regular", $regtoken]);
$userRegistered = true;
sendUserVerificationEmail($regtoken, $email, $username);
} else {
if (count($usermatches) < 1)
$redMessage = "Email address already used by another account! Use another one.";
else if (count($emailmatches) < 1)
$redMessage = "Username is taken! Try another one.";
else
$redMessage = "Username and email already used! Use other credentials.";
}
}
?>
<!DOCTYPE html>
<html lang="sv">
<head>
<title>Create account - CuriousQuizzes</title>
<meta charset="utf-8">
<link rel="stylesheet" type="text/css" href="css/style.css">
</head>
<body>
<?php if ($userRegistered) { ?>
<div id="mainpopupBg">
<div id="mainpopupBox">
<h1>User created!</h1>
<p>An email with a link to verify your new account has been sent to <strong><?= $email ?></strong>.</p>
<br>
<a href="index.php">go to main menu</a>
</div>
</div>
<?php } ?>
<a href="index.php" id="logo">
CuriousQuizzes
</a>
<main class="centered">
<h1>Create account</h1>
<form method="post" action="">
<input type="text" name="displayname" placeholder="Display name" required><br>
<input type="text" name="username" placeholder="Username" required><br>
<input type="email" name="email" placeholder="Email" required><br>
<input type="password" name="password" placeholder="Password" required><br>
<input type="submit" name="submitted" value="Create account"><br>
</form>
<p class="redMessage"><?= $redMessage ?></p>
<a class="smallMessage" href="login.php">Already have an account? Log in here!</a>
</main>
</body>
</html>