From 04c39bb4763344a883ffd21d09bb00d77c2bf3e3 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sat, 6 Nov 2021 08:28:26 +0530 Subject: [PATCH 01/57] Add floconfig.php --- floconfig.php | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 floconfig.php diff --git a/floconfig.php b/floconfig.php new file mode 100644 index 0000000..f8609c5 --- /dev/null +++ b/floconfig.php @@ -0,0 +1,42 @@ +is_fb_registered($fb_id); + if($validate_user == "" || $validate_user == false) { + redirect_to('index.php'); + } + endif; + + $tradersList = $OrderClass->UserBalanceList(); + $buy_list[] = $OrderClass->get_top_buy_sell_list(TOP_BUYS_TABLE, $asc_desc='DESC'); // buy + $sell_list[] = $OrderClass->get_top_buy_sell_list(TOP_SELL_TABLE, $asc_desc='ASC'); // sell +} + +$fullName = isset($_SESSION['full_name']) ? $_SESSION['full_name'] : ""; +$user_logged_in = false; +$action_class_market = 'fb_log_in'; +$action_class_buy_sell = 'fb_log_in'; + + + // printing $profile array on the screen which holds the basic info about user + + $name = isset($profile['name']) ? $profile['name'] : null; + $first_name = isset($profile['first_name']) ? $profile['first_name'] : null; + $last_name = isset($profile['last_name']) ? $profile['last_name'] : null; + $email = isset($profile['email']) ? $profile['email'] : null; + //$gender = isset($profile['gender']) ? $profile['gender'] : null; + $fb_id = isset($profile['id']) ? $profile['id'] : null; + + $_SESSION['first_name'] = $first_name; + $_SESSION['full_name'] = $name; + $_SESSION['email'] = $email; + $_SESSION['fb_id'] = $fb_id; + + // Now you can redirect to another page and use the access token from $_SESSION['facebook_access_token'] + From 2c49b52668a9df53b15b8402e874f7aa202e6e2d Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sat, 6 Nov 2021 08:31:25 +0530 Subject: [PATCH 02/57] Update header.php --- views/header.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/views/header.php b/views/header.php index 7dc8662..b303ba6 100644 --- a/views/header.php +++ b/views/header.php @@ -7,7 +7,7 @@ error_reporting(0); $tradersList = array(); $buy_list = array(); $sell_list = array(); -include_once 'fbconfig.php'; +include_once 'floconfig.php'; $validate_user = null; if (isset($UserClass)) { if (isset($fb_id)): @@ -116,4 +116,4 @@ $type = isset($_GET['type']) ? trim($_GET['type']) : 'danger'; - \ No newline at end of file + From 723556bcc7e415bc213ee3c2b0a1c588ed957f8c Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sat, 6 Nov 2021 08:33:48 +0530 Subject: [PATCH 03/57] Update header.php --- views/header.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/views/header.php b/views/header.php index b303ba6..2f414a3 100644 --- a/views/header.php +++ b/views/header.php @@ -89,7 +89,7 @@ $type = isset($_GET['type']) ? trim($_GET['type']) : 'danger'; From 3cf3ee0628891483ad465dda7933ad3667b4ed14 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sat, 6 Nov 2021 09:13:58 +0530 Subject: [PATCH 04/57] Update Users.php --- classes/Users.php | 73 ++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 72 insertions(+), 1 deletion(-) diff --git a/classes/Users.php b/classes/Users.php index 81badac..b8033d4 100644 --- a/classes/Users.php +++ b/classes/Users.php @@ -127,6 +127,77 @@ class Users { return false; } } + + public function is_flo_registered($flo_id) { + + if ($this->databaseConnection()) { + $now = $this->time_now(); + $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE `flo_id`=:flo_id"); + $query->bindValue(':flo_id', $flo_id, PDO::PARAM_STR); + $query->execute(); + + $rowCount = $query->rowCount(); + + if($rowCount) { + + $user_obj = $query->fetchObject(); + + $update_query = $this->db_connection->prepare("UPDATE $this->customers_table + SET `SaveDate`='$now' + WHERE `flo_id`=:flo_id + LIMIT 1"); + $update_query->bindValue(':flo_id', $flo_id, PDO::PARAM_STR); + $update_query->execute(); + + $_SESSION['user_id'] = $user_obj->CustomerId; + $_SESSION['user_name'] = $user_obj->Username; + $_SESSION['email'] = $user_obj->Email; + + if (!isset($_SESSION['last_trade_date'])) { + $_SESSION['last_trade_date'] = $user_obj->SaveDate; + } + return true; + + } else { + + $this->user_name = $_SESSION['first_name'].time(); + $this->name = $_SESSION['full_name']; + $this->email = $_SESSION['email']; + + $query = $this->db_connection->prepare(" + INSERT INTO $this->customers_table (`CustomerId`, `fb_id`, `Username`, `Email`, `Name`, `UpdateDate`, `InsertDate`, `SaveDate`, `is_active`) + VALUES ('',:fb_id,:Username,:Email,:Name,NULL,'$now',NULL,0) + "); + + $query->bindValue(':flo_id', $flo_id, PDO::PARAM_INT); + $query->bindValue(':Username', $this->user_name, PDO::PARAM_STR); + $query->bindValue(':Email', $this->email, PDO::PARAM_STR); + $query->bindValue(':Name', $this->name, PDO::PARAM_STR); + if($query->execute()) { + $_SESSION['user_id'] = $this->db_connection->lastInsertId(); + $_SESSION['user_name'] = $this->user_name; + $AssetTypeId = 'btc'; + $Balance = 0.00; + $FrozenBalance = 0.00; + $crypto = $this->insert_balance($_SESSION['user_id'], $AssetTypeId, $Balance, $FrozenBalance); + + $AssetTypeId = 'traditional'; + $Balance = 0.00; + $FrozenBalance = 0.00; + $cash = $this->insert_balance($_SESSION['user_id'], $AssetTypeId, $Balance, $FrozenBalance); + + $user_exist = $this->check_user($_SESSION['user_id']); + if($user_exist && $crypto && $cash) { + return true; + } + return false; + } + return false; + } + } else { + return false; + } + } public function check_user($customerId) { @@ -268,4 +339,4 @@ class Users { return false; } -} \ No newline at end of file +} From b121f72cf6c4dfe7947d232edb2f296cb4517951 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sat, 6 Nov 2021 09:22:07 +0530 Subject: [PATCH 05/57] changed fb_id to flo_id --- views/header.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/views/header.php b/views/header.php index 2f414a3..bbb8881 100644 --- a/views/header.php +++ b/views/header.php @@ -10,9 +10,9 @@ $sell_list = array(); include_once 'floconfig.php'; $validate_user = null; if (isset($UserClass)) { - if (isset($fb_id)): + if (isset($flo_id)): // check if user already registered - $validate_user = $UserClass->is_fb_registered($fb_id); + $validate_user = $UserClass->is_flo_registered($flo_id); if($validate_user == "" || $validate_user == false) { redirect_to('index.php'); } @@ -25,8 +25,8 @@ if (isset($UserClass)) { $fullName = isset($_SESSION['full_name']) ? $_SESSION['full_name'] : ""; $user_logged_in = false; -$action_class_market = 'fb_log_in'; -$action_class_buy_sell = 'fb_log_in'; +$action_class_market = 'flo_log_in'; +$action_class_buy_sell = 'flo_log_in'; if(checkLoginStatus()) { $user_logged_in = true; $action_class_market = 'market_submit_btn'; From 3e7fc54da00a6576f9c9311c1a661a1139a65b4d Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sat, 6 Nov 2021 09:23:26 +0530 Subject: [PATCH 06/57] Changed fb_log_in to flo_log_in line 420 --- js/main.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/main.js b/js/main.js index 087bb47..974245a 100644 --- a/js/main.js +++ b/js/main.js @@ -417,7 +417,7 @@ function MyTransactions() { function checkLoginStatusJS() { - $(document).on('click drop', '.fb_log_in', function (e) { + $(document).on('click drop', '.flo_log_in', function (e) { e.preventDefault(); $('#LoginModel').modal('toggle'); }); From f46a9827fe0fd9eab735d8ecb67a5f91d777bd39 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sat, 6 Nov 2021 10:10:40 +0530 Subject: [PATCH 07/57] Check FLO ID active and registration status --- classes/Users.php | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/classes/Users.php b/classes/Users.php index b8033d4..3c9e4d9 100644 --- a/classes/Users.php +++ b/classes/Users.php @@ -219,6 +219,47 @@ class Users { return false; } + + public function check_flo_id_active_status($flo_id) { + + if ($this->databaseConnection()) { + + $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE flo_id = :flo_id AND is_active = 1 LIMIT 1"); + $query->bindParam('flo_id', $flo_id); + + if ($query->execute()) { + $row_count = $query->rowCount(); + if ($row_count == 1) { + return true; + } + return false; + } else { + return false; + } + } + return false; + } + + public function check_flo_id_registration_status($flo_id) { + + if ($this->databaseConnection()) { + + $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE flo_id = :flo_id LIMIT 1"); + $query->bindParam('flo_id', $flo_id); + + if ($query->execute()) { + $row_count = $query->rowCount(); + if ($row_count == 1) { + return true; + } + return false; + } else { + return false; + } + } + return false; + } + public function displayUserTransaction($user_id, $start=0, $limit=10) { if ($this->databaseConnection()) { $transactions = array(); From 58f59891c5b708da44951cb1cbf29457d83dd187 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sun, 7 Nov 2021 17:23:35 +0530 Subject: [PATCH 08/57] Create authenticateMe.php --- ajax/authenticateMe.php | 86 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 86 insertions(+) create mode 100644 ajax/authenticateMe.php diff --git a/ajax/authenticateMe.php b/ajax/authenticateMe.php new file mode 100644 index 0000000..adab01a --- /dev/null +++ b/ajax/authenticateMe.php @@ -0,0 +1,86 @@ +users = null; +$std->cash = null; +$std->bit = null; +$std->message = array(); +$std->error = false; + + if (isset($_POST['flo_id'], $_POST['flo_pub_key'], $_SESSION['session_id'], $_POST['signDataWithFlo'] )){ + + ob_start(); + + function callAPI($method, $url, $data){ + $curl = curl_init(); + switch ($method){ + case "POST": + curl_setopt($curl, CURLOPT_POST, 1); + if ($data) + curl_setopt($curl, CURLOPT_POSTFIELDS, $data); + break; + case "PUT": + curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "PUT"); + if ($data) + curl_setopt($curl, CURLOPT_POSTFIELDS, $data); + break; + default: + if ($data) + $url = sprintf("%s?%s", $url, http_build_query($data)); + } + // OPTIONS: + curl_setopt($curl, CURLOPT_URL, $url); + curl_setopt($curl, CURLOPT_HTTPHEADER, array( + 'APIKEY: 111111111111111111111', + 'Content-Type: application/json', + )); + curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); + // EXECUTE: + $result = curl_exec($curl); + if(!$result){die("Connection Failure");} + curl_close($curl); + return $result; + } + + $floID = $_POST['flo_id']; + $pubKey = $_POST['flo_pub_key']; + $s_id = $_SESSION['session_id']; + $signDataWithFlo = $_POST['signDataWithFlo']; + + + $data_array = array( "floID" => $floID, "pubKey" => $pubKey, "message" => $s_id, "sign" => $signDataWithFlo ); + $make_call = callAPI('POST', 'https://flo-sign-validator.duckdns.org', json_encode($data_array)); + $response = json_decode($make_call, true); + + + if ($response['success'] == 1) { + + //store $s_id (session ID) in SQl + ob_end_clean(); + ob_start(); + $std->error = false; + setcookie("exchange[flo_id]", $floID, time () + (86400 * $cookie_life_days)); + setcookie("exchange[session_id]", $s_id, time () + (86400 * $cookie_life_days)); + setcookie("exchange[flo_pub_key]", $pubKey,time () + (86400 * $cookie_life_days)); + + echo json_encode($std); + return true; + } + + + else { + $std->message[] = "Authentication has failed. "; + $std->error = true; + echo json_encode($std); + return false; + } +} else { + $std->message[] = "All data fields not present. "; + $std->error = true; + echo json_encode($std); + return false; +} + + + From 3e40cd4f960c4e3650c46577258879a280627c73 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Sun, 7 Nov 2021 17:24:49 +0530 Subject: [PATCH 09/57] Added floCrypto.js --- views/header.php | 1 + 1 file changed, 1 insertion(+) diff --git a/views/header.php b/views/header.php index bbb8881..55c1d4c 100644 --- a/views/header.php +++ b/views/header.php @@ -51,6 +51,7 @@ if(checkLoginStatus()) { + From 611cd10d5ad5dc70e5ed0b9ed6471188da51e82c Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 09:30:54 +0530 Subject: [PATCH 10/57] Update logout.php --- logout.php | 1 + 1 file changed, 1 insertion(+) diff --git a/logout.php b/logout.php index 76bed4f..f4b085b 100644 --- a/logout.php +++ b/logout.php @@ -1,5 +1,6 @@ From 5eb89878b065246083cdf0cf233bfb60d0a8b7aa Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 09:32:03 +0530 Subject: [PATCH 11/57] Update functions.php --- includes/functions.php | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/includes/functions.php b/includes/functions.php index 46da456..dae7da2 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -1,10 +1,4 @@ Date: Mon, 8 Nov 2021 09:52:14 +0530 Subject: [PATCH 12/57] Update defines.php --- includes/defines.php | 1 + 1 file changed, 1 insertion(+) diff --git a/includes/defines.php b/includes/defines.php index f84e35b..1158171 100644 --- a/includes/defines.php +++ b/includes/defines.php @@ -2,6 +2,7 @@ if(!isset($_SESSION)) { session_start(); + $_SESSION['session_id'] = session_id(); } //SITE DOMAIN NAME WITH HTTP From 3bd27ee6c8d36b1668d6dca67a11e45f5ad1a73d Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 09:52:47 +0530 Subject: [PATCH 13/57] Update imp_files.php --- includes/imp_files.php | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/includes/imp_files.php b/includes/imp_files.php index e29666c..2d3c456 100644 --- a/includes/imp_files.php +++ b/includes/imp_files.php @@ -1,13 +1,8 @@ Date: Mon, 8 Nov 2021 09:59:39 +0530 Subject: [PATCH 14/57] Update authenticateMe.php --- ajax/authenticateMe.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/ajax/authenticateMe.php b/ajax/authenticateMe.php index adab01a..cb87000 100644 --- a/ajax/authenticateMe.php +++ b/ajax/authenticateMe.php @@ -63,6 +63,14 @@ $std->error = false; setcookie("exchange[flo_id]", $floID, time () + (86400 * $cookie_life_days)); setcookie("exchange[session_id]", $s_id, time () + (86400 * $cookie_life_days)); setcookie("exchange[flo_pub_key]", $pubKey,time () + (86400 * $cookie_life_days)); + + $_SESSION['authenticated'] = true; + + //TEMPORARILY ASSIGNING ALL THESE VARIABLES TO $floID + $_SESSION['full_name'] = $floID; + $_SESSION['email'] = $floID; + $_SESSION['fb_id'] = $floID; + echo json_encode($std); return true; From e214c5359859fadbee063c5c73c9fc9d22589257 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 10:01:32 +0530 Subject: [PATCH 15/57] Update authenticateMe.php --- ajax/authenticateMe.php | 1 + 1 file changed, 1 insertion(+) diff --git a/ajax/authenticateMe.php b/ajax/authenticateMe.php index cb87000..406e44f 100644 --- a/ajax/authenticateMe.php +++ b/ajax/authenticateMe.php @@ -67,6 +67,7 @@ $std->error = false; $_SESSION['authenticated'] = true; //TEMPORARILY ASSIGNING ALL THESE VARIABLES TO $floID + $_SESSION['first_name'] = $floID; $_SESSION['full_name'] = $floID; $_SESSION['email'] = $floID; $_SESSION['fb_id'] = $floID; From f8551a95b79817ea067fd9b2912fc318155d7759 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 17:10:19 +0530 Subject: [PATCH 16/57] Update imp_files.php --- includes/imp_files.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/includes/imp_files.php b/includes/imp_files.php index 2d3c456..29cae41 100644 --- a/includes/imp_files.php +++ b/includes/imp_files.php @@ -18,9 +18,8 @@ $log_fullName = null; $user_email = null; if (checkLoginStatus()) { - if (isset($_SESSION['fb_id'], $_SESSION['user_name'], $_SESSION['user_id'])) { - $fb_id = $_SESSION['fb_id']; - $user_name = $_SESSION['user_name']; + if (isset($_SESSION['flo_id'], $_SESSION['user_id'])) { + $flo_id = $_SESSION['flo_id']; $user_id = $_SESSION['user_id']; } else { redirect_to("logout.php"); From 79c2ead0955cf99b566467e28f0a0ada8a24fc95 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 17:11:13 +0530 Subject: [PATCH 17/57] Update imp_files.php --- includes/imp_files.php | 1 + 1 file changed, 1 insertion(+) diff --git a/includes/imp_files.php b/includes/imp_files.php index 29cae41..936a451 100644 --- a/includes/imp_files.php +++ b/includes/imp_files.php @@ -19,6 +19,7 @@ $user_email = null; if (checkLoginStatus()) { if (isset($_SESSION['flo_id'], $_SESSION['user_id'])) { + $fb_id = $_SESSION['fb_id']; $flo_id = $_SESSION['flo_id']; $user_id = $_SESSION['user_id']; } else { From 09d3181e89c694c55b9874ca8983b9875845bd75 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 17:12:12 +0530 Subject: [PATCH 18/57] Update Users.php --- classes/Users.php | 1 - 1 file changed, 1 deletion(-) diff --git a/classes/Users.php b/classes/Users.php index 3c9e4d9..5e6ac11 100644 --- a/classes/Users.php +++ b/classes/Users.php @@ -18,7 +18,6 @@ class Users { private $bal_history = CREDITS_HISTORY_TABLE; private $bank_acc = ACCOUNTS_TABLE; private $fund_trans = TRANSFER_INFO_TABLE; - private $user_name = null; private $email = null; private $name = null; private $is_active = null; From d3bccf57e8dfdf74464c175a3dca641a11d2e7f1 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 17:13:21 +0530 Subject: [PATCH 19/57] Update imp_files.php --- includes/imp_files.php | 1 - 1 file changed, 1 deletion(-) diff --git a/includes/imp_files.php b/includes/imp_files.php index 936a451..11878b9 100644 --- a/includes/imp_files.php +++ b/includes/imp_files.php @@ -12,7 +12,6 @@ include_once 'functions.php'; //if logged in store user DB details $fb_id = null; -$user_name = null; $user_id = null; $log_fullName = null; $user_email = null; From 474d6a937c4ec5a3a2c6c3783722b5aed1dcab37 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 17:17:10 +0530 Subject: [PATCH 20/57] Update Users.php --- classes/Users.php | 51 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/classes/Users.php b/classes/Users.php index 5e6ac11..31f4476 100644 --- a/classes/Users.php +++ b/classes/Users.php @@ -258,6 +258,57 @@ class Users { } return false; } + + public function checkIfFloIDPermitted($flo_id){ + if ((check_flo_id_registration_status($flo_id) == true) && (check_flo_id_active_status($flo_id) == true)){ + return true; + } + + return false; +} + +public function insert_floPublicKey($flo_id, $floPublicKey) { + + if ($this->databaseConnection()) { + + $query = $this->db_connection->prepare(" + INSERT INTO $this->customers_table (`floPublicKey` ) + VALUES (:floPublicKey) + WHERE `flo_id` = :flo_id + "); + $query->bindParam('flo_id', $flo_id); + $query->bindParam('floPublicKey', $floPublicKey); + + if ($query->execute()) { + $row_count = $query->rowCount(); + if ($row_count == 1) { + return true; + } + return false; + } else { + return false; + } + } + return false; + } + + +public function insert_flo_details($floID, $auth_random, $floPublicKey) { + $now = $this->time_now(); + if ($this->databaseConnection()) { + $query = $this->db_connection->prepare("INSERT INTO `$this->customers_table`(`auth_random`, `floPublicKey`, `updateDate`) VALUES (:authRandom,:floPublicKey,'$now') WHERE `flo_id` = :floID"); + $query->bindValue(':authRandom', $auth_random, PDO::PARAM_STR); + $query->bindValue(':floPublicKey', $floPublicKey, PDO::PARAM_STR); + $query->bindValue(':floID', $floID, PDO::PARAM_STR); + + + if($query->execute()) { + return true; + } + } + return false; + } + public function displayUserTransaction($user_id, $start=0, $limit=10) { if ($this->databaseConnection()) { From 0aa25615f8f0ad47793c7d3214e782556fced514 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 17:23:10 +0530 Subject: [PATCH 21/57] Create Users.php --- classes/Users.php | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/classes/Users.php b/classes/Users.php index 31f4476..8784131 100644 --- a/classes/Users.php +++ b/classes/Users.php @@ -127,8 +127,8 @@ class Users { } } - public function is_flo_registered($flo_id) { - + public function doInitialUserHandling($flo_id) { +//CAREFUL this will update the username with FLO ID if ($this->databaseConnection()) { $now = $this->time_now(); $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE `flo_id`=:flo_id"); @@ -149,8 +149,12 @@ class Users { $update_query->execute(); $_SESSION['user_id'] = $user_obj->CustomerId; - $_SESSION['user_name'] = $user_obj->Username; - $_SESSION['email'] = $user_obj->Email; + // $_SESSION['user_name'] = $user_obj->Username; + // $_SESSION['email'] = $user_obj->Email; + $_SESSION['user_name'] = $flo_id; + $_SESSION['email'] = $flo_id; + + if (!isset($_SESSION['last_trade_date'])) { $_SESSION['last_trade_date'] = $user_obj->SaveDate; @@ -159,13 +163,14 @@ class Users { } else { - $this->user_name = $_SESSION['first_name'].time(); - $this->name = $_SESSION['full_name']; - $this->email = $_SESSION['email']; + //NOT NEEDED + //$this->user_name = $_SESSION['first_name'].time(); + //$this->name = $_SESSION['full_name']; + //$this->email = $_SESSION['email']; $query = $this->db_connection->prepare(" - INSERT INTO $this->customers_table (`CustomerId`, `fb_id`, `Username`, `Email`, `Name`, `UpdateDate`, `InsertDate`, `SaveDate`, `is_active`) - VALUES ('',:fb_id,:Username,:Email,:Name,NULL,'$now',NULL,0) + INSERT INTO $this->customers_table (`CustomerId`, `flo_id`, `Username`, `Email`, `Name`, `UpdateDate`, `InsertDate`, `SaveDate`, `is_active`) + VALUES ('',:flo_id,:flo_id,:flo_id,:flo_id,NULL,'$now',NULL,0) "); $query->bindValue(':flo_id', $flo_id, PDO::PARAM_INT); @@ -174,7 +179,8 @@ class Users { $query->bindValue(':Name', $this->name, PDO::PARAM_STR); if($query->execute()) { $_SESSION['user_id'] = $this->db_connection->lastInsertId(); - $_SESSION['user_name'] = $this->user_name; + // $_SESSION['user_name'] = $this->user_name; + $_SESSION['user_name'] = $flo_id; $AssetTypeId = 'btc'; $Balance = 0.00; $FrozenBalance = 0.00; From b18b7c07d108d044bf8ef884307460ee216f47c5 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 17:25:00 +0530 Subject: [PATCH 22/57] Update authenticateMe.php --- ajax/authenticateMe.php | 36 ++++++++++++++++++++++++------------ 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/ajax/authenticateMe.php b/ajax/authenticateMe.php index 406e44f..fe027fc 100644 --- a/ajax/authenticateMe.php +++ b/ajax/authenticateMe.php @@ -1,11 +1,10 @@ users = null; -$std->cash = null; -$std->bit = null; $std->message = array(); -$std->error = false; +$std->error = true; if (isset($_POST['flo_id'], $_POST['flo_pub_key'], $_SESSION['session_id'], $_POST['signDataWithFlo'] )){ @@ -59,23 +58,36 @@ $std->error = false; //store $s_id (session ID) in SQl ob_end_clean(); ob_start(); - $std->error = false; + setcookie("exchange[flo_id]", $floID, time () + (86400 * $cookie_life_days)); setcookie("exchange[session_id]", $s_id, time () + (86400 * $cookie_life_days)); setcookie("exchange[flo_pub_key]", $pubKey,time () + (86400 * $cookie_life_days)); - + +//CHECK THIS AND MAKE THIS A REAL VARIABLE $_SESSION['authenticated'] = true; - - //TEMPORARILY ASSIGNING ALL THESE VARIABLES TO $floID - $_SESSION['first_name'] = $floID; + +//TEMPORARILY ASSIGNING ALL THESE VARIABLES TO $floID $_SESSION['full_name'] = $floID; $_SESSION['email'] = $floID; $_SESSION['fb_id'] = $floID; + $_SESSION['flo_id'] = $floID; +//Now I need to enter public key and session ID in database .. but first I need to know the username + if (isset($UserClass)) { + $permitted_status = $UserClass->checkIfFloIDPermitted($flo_id); + if ($permitted_status == true){ + $UserClass->insert_flo_details($floID, $s_id, $pubKey);} + } else { + $std->message[] = "FLO ID is either not registered or not active."; + $std->error = true; + echo json_encode($std); + return false; + } - echo json_encode($std); - return true; - } + $std->error = false; + echo json_encode($std); + return true; + } else { From beae179d721839ecc84d38f20c7bf7b738b5702a Mon Sep 17 00:00:00 2001 From: tripathyr Date: Mon, 8 Nov 2021 18:35:23 +0530 Subject: [PATCH 23/57] Update req_user_info.php --- views/req_user_info.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/views/req_user_info.php b/views/req_user_info.php index 41ec5b4..cb5b6d2 100644 --- a/views/req_user_info.php +++ b/views/req_user_info.php @@ -3,10 +3,10 @@ if (!isset($user_id)) { $user_id = $_SESSION['user_id']; } if (!isset($user_email)) { - $user_email = $_SESSION['email']; + $user_email = $_SESSION['flo_id']; } if (!isset($log_fullName)) { - $log_fullName = $_SESSION['full_name']; + $log_fullName = $_SESSION['flo_id']; } if (($user_email == null) && ($user_logged_in == true)) { @@ -47,4 +47,4 @@ if (($user_email == null) && ($user_logged_in == true)) { - Date: Wed, 10 Nov 2021 08:30:59 +0530 Subject: [PATCH 24/57] Update transfers.php --- views/transfers.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/views/transfers.php b/views/transfers.php index 1c85acb..beaab6b 100644 --- a/views/transfers.php +++ b/views/transfers.php @@ -1,7 +1,6 @@ Remarks (optional) - +
@@ -137,4 +136,4 @@ if($user_logged_in): - \ No newline at end of file + From 67009848c344abba1a8712c1631f61da758815a8 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Thu, 11 Nov 2021 13:30:30 +0530 Subject: [PATCH 25/57] Update functions.php --- includes/functions.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/includes/functions.php b/includes/functions.php index dae7da2..be2e078 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -11,10 +11,10 @@ function redirect_to($url=null) { } function checkLoginStatus() { - if($_SESSION['authenticated'] != true) { - return false; + if($_SESSION['authenticated'] == true) { + return true; } - return true; + return false; } function extract_int($string) { From dfa6b6541d45db4803a61d3829a40da7a6f71dad Mon Sep 17 00:00:00 2001 From: tripathyr Date: Thu, 11 Nov 2021 19:00:47 +0530 Subject: [PATCH 26/57] Update Users.php --- classes/Users.php | 34 ++++++++++------------------------ 1 file changed, 10 insertions(+), 24 deletions(-) diff --git a/classes/Users.php b/classes/Users.php index 8784131..3342454 100644 --- a/classes/Users.php +++ b/classes/Users.php @@ -1,10 +1,4 @@ time_now(); if ($this->databaseConnection()) { + $query = $this->db_connection->prepare("UPDATE `$this->customers_table` SET `auth_random` = :authRandom, `floPublicKey` = :floPublicKey, `updateDate` = '$now' WHERE `flo_id` = :floID LIMIT 1"); + $query->bindValue(':authRandom', $auth_random, PDO::PARAM_STR); + $query->bindValue(':floPublicKey', $floPublicKey, PDO::PARAM_STR); + $query->bindValue(':floID', $floID, PDO::PARAM_STR); + - $query = $this->db_connection->prepare(" - INSERT INTO $this->customers_table (`floPublicKey` ) - VALUES (:floPublicKey) - WHERE `flo_id` = :flo_id - "); - $query->bindParam('flo_id', $flo_id); - $query->bindParam('floPublicKey', $floPublicKey); - - if ($query->execute()) { - $row_count = $query->rowCount(); - if ($row_count == 1) { - return true; - } - return false; - } else { - return false; + if($query->execute()) { + return true; } } return false; From 2c17d04dabfcf7b9c72f4c95ea5f5ff90471b349 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Thu, 11 Nov 2021 19:27:01 +0530 Subject: [PATCH 27/57] Update Users.php --- classes/Users.php | 108 +++++++++++++++++++++++++++++----------------- 1 file changed, 69 insertions(+), 39 deletions(-) diff --git a/classes/Users.php b/classes/Users.php index 3342454..5d520f4 100644 --- a/classes/Users.php +++ b/classes/Users.php @@ -120,9 +120,30 @@ class Users { return false; } } - - public function doInitialUserHandling($flo_id) { -//CAREFUL this will update the username with FLO ID + +//$flo_id must exist and there must be fb_id set against it +public function does_fb_id_exist($flo_id){ + if ($this->databaseConnection()) { + + $query = $this->db_connection->prepare("SELECT `fb_id` FROM $this->customers_table WHERE flo_id = :flo_id LIMIT 1"); + $query->bindParam('flo_id', $flo_id); + + if ($query->execute()) { + $row_count = $query->rowCount(); + if ($row_count == 1) { + if ($query->fetchObject()->fb_id != "" ){ + return true; } + } + return false; + } + } + return false; +} + + + public function doInitialUserHandling($flo_id) { +//CAREFUL this will update the username with FLO ID FOR NEW USERS +// If username exists then do only FLO ID insertion if ($this->databaseConnection()) { $now = $this->time_now(); $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE `flo_id`=:flo_id"); @@ -198,28 +219,8 @@ class Users { } } - public function check_user($customerId) { - if ($this->databaseConnection()) { - - $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE customerId = :customerId AND is_active = 1 LIMIT 1"); - $query->bindParam('customerId', $customerId); - - if ($query->execute()) { - $row_count = $query->rowCount(); - if ($row_count == 1) { - return $user_details = $query->fetchObject(); - } - return false; - } else { - return false; - } - } - return false; - } - - - public function check_flo_id_active_status($flo_id) { +public function check_flo_id_active_status($flo_id) { if ($this->databaseConnection()) { @@ -239,7 +240,7 @@ class Users { return false; } - public function check_flo_id_registration_status($flo_id) { +public function check_flo_id_registration_status($flo_id) { if ($this->databaseConnection()) { @@ -258,15 +259,41 @@ class Users { } return false; } - - public function checkIfFloIDPermitted($flo_id){ - if ((check_flo_id_registration_status($flo_id) == true) && (check_flo_id_active_status($flo_id) == true)){ + + +public function checkIfFloIDPermitted($flo_id){ + if (($this->check_flo_id_registration_status($flo_id) == true) && ($this->check_flo_id_active_status($flo_id) == true)){ return true; } return false; } +public function insert_floPublicKey($flo_id, $floPublicKey) { + + if ($this->databaseConnection()) { + + $query = $this->db_connection->prepare(" + UPDATE $this->customers_table SET `floPublicKey` = :floPublicKey + WHERE `flo_id` = :flo_id + "); + $query->bindParam('flo_id', $flo_id); + $query->bindParam('floPublicKey', $floPublicKey); + + if ($query->execute()) { + $row_count = $query->rowCount(); + if ($row_count == 1) { + return true; + } + return false; + } else { + return false; + } + } + return false; + } + + public function insert_flo_details($floID, $auth_random, $floPublicKey) { $now = $this->time_now(); @@ -285,23 +312,26 @@ public function insert_flo_details($floID, $auth_random, $floPublicKey) { } -public function insert_flo_details($floID, $auth_random, $floPublicKey) { - $now = $this->time_now(); - if ($this->databaseConnection()) { - $query = $this->db_connection->prepare("INSERT INTO `$this->customers_table`(`auth_random`, `floPublicKey`, `updateDate`) VALUES (:authRandom,:floPublicKey,'$now') WHERE `flo_id` = :floID"); - $query->bindValue(':authRandom', $auth_random, PDO::PARAM_STR); - $query->bindValue(':floPublicKey', $floPublicKey, PDO::PARAM_STR); - $query->bindValue(':floID', $floID, PDO::PARAM_STR); - + public function check_user($customerId) { - if($query->execute()) { - return true; + if ($this->databaseConnection()) { + + $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE customerId = :customerId AND is_active = 1 LIMIT 1"); + $query->bindParam('customerId', $customerId); + + if ($query->execute()) { + $row_count = $query->rowCount(); + if ($row_count == 1) { + return $user_details = $query->fetchObject(); + } + return false; + } else { + return false; } } return false; } - public function displayUserTransaction($user_id, $start=0, $limit=10) { if ($this->databaseConnection()) { $transactions = array(); From 6f6b9337abf16a62764867a3e5d29b37010eceab Mon Sep 17 00:00:00 2001 From: tripathyr Date: Thu, 11 Nov 2021 20:56:53 +0530 Subject: [PATCH 28/57] Update authenticateMe.php --- ajax/authenticateMe.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ajax/authenticateMe.php b/ajax/authenticateMe.php index fe027fc..353c02d 100644 --- a/ajax/authenticateMe.php +++ b/ajax/authenticateMe.php @@ -1,6 +1,7 @@ message = array(); @@ -73,6 +74,7 @@ $std->error = true; $_SESSION['flo_id'] = $floID; //Now I need to enter public key and session ID in database .. but first I need to know the username +// This check can be suspended here. If the user has correct FLO signature, but does not exist in database, he will fail the gate at acc_deact.php if (isset($UserClass)) { $permitted_status = $UserClass->checkIfFloIDPermitted($flo_id); if ($permitted_status == true){ From 52312f1ecc23855994928239e1fbbad5cb48d4d3 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Wed, 17 Nov 2021 12:24:59 +0530 Subject: [PATCH 29/57] Update index.php --- index.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/index.php b/index.php index 1c3df3a..5b009a5 100644 --- a/index.php +++ b/index.php @@ -1,6 +1,10 @@ From 2efb8382e7c43cc4eb98afac0c209a9ff34d187a Mon Sep 17 00:00:00 2001 From: tripathyr Date: Wed, 17 Nov 2021 16:31:27 +0530 Subject: [PATCH 30/57] Update authenticateMe.php --- ajax/authenticateMe.php | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/ajax/authenticateMe.php b/ajax/authenticateMe.php index 353c02d..baad8aa 100644 --- a/ajax/authenticateMe.php +++ b/ajax/authenticateMe.php @@ -1,16 +1,18 @@ message = array(); $std->error = true; - if (isset($_POST['flo_id'], $_POST['flo_pub_key'], $_SESSION['session_id'], $_POST['signDataWithFlo'] )){ + if (isset($_POST['floID'], $_POST['floPubKey'], $_SESSION['session_id'], $_POST['signDataWithFlo'] )){ ob_start(); - + function callAPI($method, $url, $data){ $curl = curl_init(); switch ($method){ @@ -43,8 +45,8 @@ $std->error = true; return $result; } - $floID = $_POST['flo_id']; - $pubKey = $_POST['flo_pub_key']; + $floID = $_POST['floID']; + $pubKey = $_POST['floPubKey']; $s_id = $_SESSION['session_id']; $signDataWithFlo = $_POST['signDataWithFlo']; @@ -76,16 +78,18 @@ $std->error = true; //Now I need to enter public key and session ID in database .. but first I need to know the username // This check can be suspended here. If the user has correct FLO signature, but does not exist in database, he will fail the gate at acc_deact.php if (isset($UserClass)) { - $permitted_status = $UserClass->checkIfFloIDPermitted($flo_id); + $permitted_status = $UserClass->checkIfFloIDPermitted($floID); if ($permitted_status == true){ - $UserClass->insert_flo_details($floID, $s_id, $pubKey);} + $UserClass->update_flo_details($floID, $s_id, $pubKey); + $_SESSION['user_id'] = $UserClass->getUserID($floID); + } } else { $std->message[] = "FLO ID is either not registered or not active."; $std->error = true; echo json_encode($std); return false; - } - + } + $std->message[] = "Authentication Succeeded."; $std->error = false; echo json_encode($std); return true; From faccc503108f1940bab5b462ddc9c9d420599a5d Mon Sep 17 00:00:00 2001 From: tripathyr Date: Wed, 17 Nov 2021 16:36:45 +0530 Subject: [PATCH 31/57] Update Users.php --- classes/Users.php | 56 +++++++++++++++++++++++++++++++++-------------- 1 file changed, 39 insertions(+), 17 deletions(-) diff --git a/classes/Users.php b/classes/Users.php index 5d520f4..ffeac32 100644 --- a/classes/Users.php +++ b/classes/Users.php @@ -142,18 +142,20 @@ public function does_fb_id_exist($flo_id){ public function doInitialUserHandling($flo_id) { -//CAREFUL this will update the username with FLO ID FOR NEW USERS -// If username exists then do only FLO ID insertion + +// If username exists only then do FLO ID insertion if ($this->databaseConnection()) { $now = $this->time_now(); - $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE `flo_id`=:flo_id"); + +// I have added LIMIT 1 .. so only the first FLO ID is allowed. If there are two FLO IDs for same user, the second one will be discarded. MAYBE I SHOULD ADD AN EXPLICT CHECK LATER FOR DUPLICATE FLO ID WHILE BEING INSERTED + $query = $this->db_connection->prepare("SELECT * FROM $this->customers_table WHERE `flo_id`=:flo_id LIMIT 1"); $query->bindValue(':flo_id', $flo_id, PDO::PARAM_STR); $query->execute(); $rowCount = $query->rowCount(); if($rowCount) { - + //The case where FLO ID exists in database $user_obj = $query->fetchObject(); $update_query = $this->db_connection->prepare("UPDATE $this->customers_table @@ -164,11 +166,8 @@ public function does_fb_id_exist($flo_id){ $update_query->execute(); $_SESSION['user_id'] = $user_obj->CustomerId; - // $_SESSION['user_name'] = $user_obj->Username; - // $_SESSION['email'] = $user_obj->Email; - $_SESSION['user_name'] = $flo_id; - $_SESSION['email'] = $flo_id; - + $_SESSION['user_name'] = $user_obj->Username; + $_SESSION['email'] = $user_obj->Email; if (!isset($_SESSION['last_trade_date'])) { @@ -178,24 +177,31 @@ public function does_fb_id_exist($flo_id){ } else { - //NOT NEEDED - //$this->user_name = $_SESSION['first_name'].time(); + //The case when FLO ID does not exist in database + //NOT NEEDED .. These session variables are set in authenticateMe.php + $this->user_name = $flo_id.time(); + // $this->user_name = $_SESSION['first_name'].time(); + //$this->name = $_SESSION['full_name']; - //$this->email = $_SESSION['email']; + // $this->email = $_SESSION['email']; + $this->email = (isset($_SESSION['email'])) ? $_SESSION['email'] : ""; $query = $this->db_connection->prepare(" INSERT INTO $this->customers_table (`CustomerId`, `flo_id`, `Username`, `Email`, `Name`, `UpdateDate`, `InsertDate`, `SaveDate`, `is_active`) - VALUES ('',:flo_id,:flo_id,:flo_id,:flo_id,NULL,'$now',NULL,0) + VALUES ('',:flo_id,:Username,:Email,:flo_id,NULL,'$now',NULL,0) "); +// Here we are setting name = FLO ID. Later we can ask for actual name and email when user logs in second time if both are same, and update +//Also email will be blank here for first time FLO user. That will give a signature to update the email later. + $query->bindValue(':flo_id', $flo_id, PDO::PARAM_INT); $query->bindValue(':Username', $this->user_name, PDO::PARAM_STR); $query->bindValue(':Email', $this->email, PDO::PARAM_STR); $query->bindValue(':Name', $this->name, PDO::PARAM_STR); if($query->execute()) { $_SESSION['user_id'] = $this->db_connection->lastInsertId(); - // $_SESSION['user_name'] = $this->user_name; - $_SESSION['user_name'] = $flo_id; + $_SESSION['user_name'] = $this->user_name; + $AssetTypeId = 'btc'; $Balance = 0.00; $FrozenBalance = 0.00; @@ -269,7 +275,7 @@ public function checkIfFloIDPermitted($flo_id){ return false; } -public function insert_floPublicKey($flo_id, $floPublicKey) { +public function update_floPublicKey($flo_id, $floPublicKey) { if ($this->databaseConnection()) { @@ -294,7 +300,7 @@ public function insert_floPublicKey($flo_id, $floPublicKey) { } -public function insert_flo_details($floID, $auth_random, $floPublicKey) { +public function update_flo_details($floID, $auth_random, $floPublicKey) { $now = $this->time_now(); if ($this->databaseConnection()) { @@ -437,6 +443,22 @@ public function insert_flo_details($floID, $auth_random, $floPublicKey) { return false; } + public function getUserID($flo_id) { + + if ($this->databaseConnection()) { + $customerId = (int) $customerId; + $query = $this->db_connection->prepare("SELECT CustomerId FROM ".USERS_TABLE." WHERE flo_id = :id LIMIT 1"); + $query->bindParam('id', $flo_id); + + $query->execute(); + $row_count = $query->rowCount(); + if ($row_count == 1) { + return $query->fetchObject()->CustomerId; + } + } + return false; + } + public function input_user_email($email=null, $user_id=null) { if ($this->databaseConnection()) { $query = $this->db_connection->prepare(" From 60d8d7443f1fcf677dfaf0112f0f4000de49183e Mon Sep 17 00:00:00 2001 From: tripathyr Date: Wed, 17 Nov 2021 17:11:57 +0530 Subject: [PATCH 32/57] Update header.php --- views/header.php | 87 ++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 77 insertions(+), 10 deletions(-) diff --git a/views/header.php b/views/header.php index 55c1d4c..305c9ca 100644 --- a/views/header.php +++ b/views/header.php @@ -3,16 +3,17 @@ // Turn off error reporting error_reporting(0); @ini_set('display_errors', 0); +session_start(); $tradersList = array(); $buy_list = array(); $sell_list = array(); -include_once 'floconfig.php'; + $validate_user = null; if (isset($UserClass)) { - if (isset($flo_id)): + if (isset($_SESSION['flo_id'])): // check if user already registered - $validate_user = $UserClass->is_flo_registered($flo_id); + $validate_user = $UserClass->doInitialUserHandling($_SESSION['flo_id']); if($validate_user == "" || $validate_user == false) { redirect_to('index.php'); } @@ -32,6 +33,7 @@ if(checkLoginStatus()) { $action_class_market = 'market_submit_btn'; $action_class_buy_sell = 'process'; } + ?> @@ -81,18 +83,83 @@ $type = isset($_GET['type']) ? trim($_GET['type']) : 'danger';
- + - - - - + + +
+

Login using FLO Private Key

+
+
+ + +
+ +
+ +
+ + +
+ + + +
From e1a96ca77e7c7b7c77fc1f4f8f7ea20e01d1b8fb Mon Sep 17 00:00:00 2001 From: tripathyr Date: Fri, 19 Nov 2021 18:31:24 +0530 Subject: [PATCH 33/57] Create logout.php --- ajax/logout.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 ajax/logout.php diff --git a/ajax/logout.php b/ajax/logout.php new file mode 100644 index 0000000..9c5ec9c --- /dev/null +++ b/ajax/logout.php @@ -0,0 +1,17 @@ + From c5dec5a0b9bea78ab3e80dca3704daa3769ffc26 Mon Sep 17 00:00:00 2001 From: tripathyr Date: Fri, 19 Nov 2021 18:31:53 +0530 Subject: [PATCH 34/57] Update authenticateMe.php --- ajax/authenticateMe.php | 28 ++++++++++++++++------------ 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/ajax/authenticateMe.php b/ajax/authenticateMe.php index baad8aa..d66071a 100644 --- a/ajax/authenticateMe.php +++ b/ajax/authenticateMe.php @@ -82,17 +82,24 @@ $std->error = true; if ($permitted_status == true){ $UserClass->update_flo_details($floID, $s_id, $pubKey); $_SESSION['user_id'] = $UserClass->getUserID($floID); - } - } else { - $std->message[] = "FLO ID is either not registered or not active."; - $std->error = true; + $std->message[] = "Authentication Succeeded."; + $std->error = false; echo json_encode($std); - return false; + return true; + } else { + if (($UserClass->check_flo_id_registration_status($floID) == true) && ($UserClass->check_flo_id_active_status($floID) != true)) { + $std->message[] = "FLO ID is not active. Please contact RanchiMall Team. "; + $std->error = true; + echo json_encode($std); + return false; } + if ($UserClass->check_flo_id_registration_status($floID) != true ) { + $std->message[] = "Your FLO ID is not registered. Please contact RanchiMall Team and get yourself registered."; + $std->error = true; + echo json_encode($std); + return false; } + } } - $std->message[] = "Authentication Succeeded."; - $std->error = false; - echo json_encode($std); - return true; + } @@ -108,6 +115,3 @@ $std->error = true; echo json_encode($std); return false; } - - - From 9c3dd698546cd21f2c98b84bf28438b5a322b9df Mon Sep 17 00:00:00 2001 From: tripathyr Date: Fri, 19 Nov 2021 18:32:51 +0530 Subject: [PATCH 35/57] Update header.php --- views/header.php | 40 +++++++++++++++++++++++++++------------- 1 file changed, 27 insertions(+), 13 deletions(-) diff --git a/views/header.php b/views/header.php index 305c9ca..93e719f 100644 --- a/views/header.php +++ b/views/header.php @@ -3,7 +3,6 @@ // Turn off error reporting error_reporting(0); @ini_set('display_errors', 0); -session_start(); $tradersList = array(); $buy_list = array(); @@ -13,7 +12,8 @@ $validate_user = null; if (isset($UserClass)) { if (isset($_SESSION['flo_id'])): // check if user already registered - $validate_user = $UserClass->doInitialUserHandling($_SESSION['flo_id']); + $validate_user = $UserClass->doInitialUserHandling($flo_id); + if($validate_user == "" || $validate_user == false) { redirect_to('index.php'); } @@ -95,51 +95,58 @@ $type = isset($_GET['type']) ? trim($_GET['type']) : 'danger';

Login using FLO Private Key

- +
- - + From 6b438159b06317dd08f0ff012c5938561686d05c Mon Sep 17 00:00:00 2001 From: tripathyr Date: Fri, 19 Nov 2021 18:41:27 +0530 Subject: [PATCH 36/57] Update authenticateMe.php --- ajax/authenticateMe.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/ajax/authenticateMe.php b/ajax/authenticateMe.php index d66071a..e3d3f3b 100644 --- a/ajax/authenticateMe.php +++ b/ajax/authenticateMe.php @@ -40,7 +40,12 @@ $std->error = true; curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // EXECUTE: $result = curl_exec($curl); - if(!$result){die("Connection Failure");} + if(!$result){ + $std->message[] = "Authentication Service is not working "; + $std->error = true; + echo json_encode($std); + return false; + } curl_close($curl); return $result; } @@ -115,3 +120,6 @@ $std->error = true; echo json_encode($std); return false; } + + + From 461cbe6a3dcb57198e53bc4f16c369fcf083f2da Mon Sep 17 00:00:00 2001 From: tripathyr Date: Fri, 19 Nov 2021 20:30:45 +0530 Subject: [PATCH 37/57] Update header.php --- views/header.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/views/header.php b/views/header.php index 93e719f..87b314f 100644 --- a/views/header.php +++ b/views/header.php @@ -91,18 +91,20 @@ $type = isset($_GET['type']) ? trim($_GET['type']) : 'danger'; -
+
+

Login using FLO Private Key

- +
-