added class mxDatabase; store credentials; implement login.php

public/register.php

@@ -7,7 +7,6 @@ if (!file_exists("../config.php")) {
 	exit();
 }
 require_once "../config.php";
-require_once "../mail_templates.php";
 
 // enforce admin via https
 if (!isset($_SERVER['HTTPS'])) {
@@ -17,8 +16,6 @@ if (!isset($_SERVER['HTTPS'])) {
 
 session_start();
 
-require_once("../database.php");
-
 if ($_SERVER["REQUEST_METHOD"] == "POST") {
 	try {
 		if (!isset($_SESSION["token"]) || !isset($_POST["token"]) || $_SESSION["token"] != $_POST["token"]) {
@@ -53,48 +50,27 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
 		$username = filter_var($_POST["username"], FILTER_SANITIZE_STRING);
 		$note   = filter_var($_POST["note"], FILTER_SANITIZE_STRING);
 		$email  = filter_var($_POST["email"], FILTER_VALIDATE_EMAIL);
-		$verify_token = bin2hex(random_bytes(16));
-		$admin_token = bin2hex(random_bytes(16));
 
-		#	$first="test"; $last="test2"; $user="test3"; $note="empty"; $email="mail+test1@matthias-kesler.de";
+		require_once("../database.php");
+		$res = $mx_db->addRegistration($first_name, $last_name, $username, $note, $email);
 
-		$sql = "SELECT COUNT(*) FROM registrations WHERE username = '" . $username . "' AND NOT state = "
-		       . RegisterState::RegistrationDeclined . " LIMIT 1;";
-		$res = $db->query($sql);
-		if ($res->fetchColumn() > 0) {
-			throw new Exception($language["USERNAME_PENDING_REGISTRATION"]);
+		if (!isset($res["verify_token"])) {
+			error_log("sth. went wrong. registration did not throw but admin_token not set");
+			throw Exception ("Unknown Error");
 		}
-		require_once("../MatrixConnection.php");
-		$mxConn = new MatrixConnection($homeserver, $access_token);
-		if ($mxConn->hasUser($username)) {
-			throw new Exception($language["USERNAME_REGISTERED"]);
-		}
-
-		$db->exec('INSERT INTO registrations
-			(first_name, last_name, username, note, email, verify_token, admin_token)
-			VALUES ("' . $first_name.'","' . $last_name . '","' . $username . '","'	. $note . '","'
-			. $email.'","'	.$verify_token.'","'	.$admin_token.'")');
-		#		$ins_stmt->bindValue(':first_name', $first);
-		#		$ins_stmt->bindValue(':last_lame', $last);
-		#		$ins_stmt->bindValue(':username', $user);
-		#		$ins_stmt->bindValue(':note', $note);
-		#		$ins_stmt->bindValue(':email', $email);
-		#		$ins_stmt->bindValue(':verify_token', $vToken);
-		#		$ins_stmt->bindValue(':admin_token', $adminToken);
-		#		$ins_stmt->bindValue(':now', date('Y-m-d H:i:s'));
-		#
-		#		$ins_stmt->execute();
+		$verify_token = $res["verify_token"];
 
 		$verify_url = $webroot . "/verify.php?t=" . $verify_token;
+		require_once "../mail_templates.php";
 		$success = send_mail_pending_verification(
 			$homeserver,
 			$first_name . " " . $last_name,
 			$email,
 			$verify_url);
 
-		$db->exec("UPDATE registrations SET state = " .
-			($success ? RegisterState::PendingEmailVerify : RegisterState::PendingEmailSend)
-			. " WHERE verify_token = \"" . $verify_token. "\";");
+		$mx_db->setRegistrationStateVerify(
+			($success ? RegisterState::PendingEmailVerify : RegisterState::PendingEmailSend),
+			$verify_token);
 
 		print("<title>Erfolgreich</title>");
 		print("</head><body>");