www.pscaluminium.com

Path : /home/vishqocm/pcib.in/a/login/includes/
Current File : /home/vishqocm/pcib.in/a/login/includes/auth.php
<?php
session_start();
require_once 'config/database.php';

function registerUser($email, $password) {
    global $conn;
    
    $email = $conn->real_escape_string($email);
    $hashed_password = password_hash($password, PASSWORD_DEFAULT);
    $verification_token = bin2hex(random_bytes(32));
    
    $sql = "INSERT INTO users (email, password, verification_token) 
            VALUES ('$email', '$hashed_password', '$verification_token')";
    
    if ($conn->query($sql)) {
        sendVerificationEmail($email, $verification_token);
        return true;
    }
    return false;
}

function sendVerificationEmail($email, $token) {
    $to = $email;
    $subject = "Verify your Leafboard account";
    $verification_link = "http://yourdomain.com/verify.php?token=" . $token;
    
    $message = "
    <html>
    <body>
        <h2>Welcome to Leafboard!</h2>
        <p>Please click the link below to verify your account:</p>
        <a href='$verification_link'>Verify Account</a>
    </body>
    </html>
    ";
    
    $headers = "MIME-Version: 1.0" . "\r\n";
    $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
    $headers .= "From: Leafboard <[email protected]>";
    
    mail($to, $subject, $message, $headers);
}

function verifyAccount($token) {
    global $conn;
    
    $token = $conn->real_escape_string($token);
    $sql = "UPDATE users SET is_verified = TRUE, verification_token = NULL 
            WHERE verification_token = '$token'";
    
    return $conn->query($sql);
}

function loginUser($email, $password) {
    global $conn;
    
    $email = $conn->real_escape_string($email);
    $sql = "SELECT * FROM users WHERE email = '$email'";
    $result = $conn->query($sql);
    
    if ($result->num_rows === 1) {
        $user = $result->fetch_assoc();
        if (password_verify($password, $user['password'])) {
            if (!$user['is_verified']) {
                return 'not_verified';
            }
            $_SESSION['user_id'] = $user['id'];
            $_SESSION['email'] = $user['email'];
            return 'success';
        }
    }
    return 'invalid';
}

function initiatePasswordReset($email) {
    global $conn;
    
    $email = $conn->real_escape_string($email);
    $reset_token = bin2hex(random_bytes(32));
    $expiry = date('Y-m-d H:i:s', strtotime('+1 hour'));
    
    $sql = "UPDATE users SET reset_token = '$reset_token', 
            reset_token_expiry = '$expiry' WHERE email = '$email'";
    
    if ($conn->query($sql)) {
        sendPasswordResetEmail($email, $reset_token);
        return true;
    }
    return false;
}

function sendPasswordResetEmail($email, $token) {
    $to = $email;
    $subject = "Reset your Leafboard password";
    $reset_link = "http://yourdomain.com/reset-password.php?token=" . $token;
    
    $message = "
    <html>
    <body>
        <h2>Password Reset Request</h2>
        <p>Click the link below to reset your password:</p>
        <a href='$reset_link'>Reset Password</a>
        <p>This link will expire in 1 hour.</p>
    </body>
    </html>
    ";
    
    $headers = "MIME-Version: 1.0" . "\r\n";
    $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
    $headers .= "From: Leafboard <[email protected]>";
    
    mail($to, $subject, $message, $headers);
}

function resetPassword($token, $new_password) {
    global $conn;
    
    $token = $conn->real_escape_string($token);
    $hashed_password = password_hash($new_password, PASSWORD_DEFAULT);
    
    $sql = "UPDATE users SET password = '$hashed_password', 
            reset_token = NULL, reset_token_expiry = NULL 
            WHERE reset_token = '$token' 
            AND reset_token_expiry > NOW()";
    
    return $conn->query($sql);
}
?>