RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #342 from TheSerapher/issue-329

Browse Source 
Fixing strict PHP warnings when registering a user
This commit is contained in:
Sebastian Grewe 2013-07-02 11:59:45 -07:00
commit e3d9bbcb96
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
public/include/classes/user.class.php
View File

@ -449,7 +449,6 @@ class User {
$this->setErrorMessage( 'Invalid PIN' ); $this->setErrorMessage( 'Invalid PIN' );
return false; return false;
} }
$apikey = hash("sha256",$username.$this->salt);
if ($this->mysqli->query("SELECT id FROM $this->table LIMIT 1")->num_rows > 0) { if ($this->mysqli->query("SELECT id FROM $this->table LIMIT 1")->num_rows > 0) {
$stmt = $this->mysqli->prepare(" $stmt = $this->mysqli->prepare("
INSERT INTO $this->table (username, pass, email, pin, api_key) INSERT INTO $this->table (username, pass, email, pin, api_key)
@ -461,12 +460,16 @@ class User {
VALUES (?, ?, ?, ?, ?, 1) VALUES (?, ?, ?, ?, ?, 1)
"); ");
} }
if ($this->checkStmt($stmt)) {
$stmt->bind_param('sssss', $username, hash("sha256", $password1.$this->salt), $email1, hash("sha256", $pin.$this->salt), $apikey); // Create hashed strings using original string and salt
$password_hash = hash('sha256', $password1.$this->salt);
$pin_hash = hash('sha256', $pin.$this->salt);
$apikey_hash = hash('sha256', $username.$this->salt);
if ($this->checkStmt($stmt) && $stmt->bind_param('sssss', $username, $password_hash, $email1, $pin_hash, $apikey_hash)) {
if (!$stmt->execute()) { if (!$stmt->execute()) {
$this->setErrorMessage( 'Unable to register' ); $this->setErrorMessage( 'Unable to register' );
if ($stmt->sqlstate == '23000') $this->setErrorMessage( 'Username already exists' ); if ($stmt->sqlstate == '23000') $this->setErrorMessage( 'Username already exists' );
echo $this->mysqli->error;
return false; return false;
} }
$stmt->close(); $stmt->close();