MAINHACK

Viewing / Editing File: functions.php

<?php
use PHPMailer\PHPMailer\PHPMailer;
include_once "../includes/PHPMailer/PHPMailer.php";
include_once "../includes/PHPMailer/Exception.php";

function getTitle()
	{
		global $pageTitle;
		if(isset($pageTitle))
			echo $pageTitle.' | Barbershop Salon';
		else
			echo "Barbershop | Barbershop Salon";
	}

/*
		=============================================================
		** Count Items Function
		** This function counts and return the number of elements in a given table
		==============================================================

function countItems($item,$table)
	{
		global $con;
		$stat_ = $con->prepare("SELECT COUNT($item) FROM $table");
		$stat_->execute();
		
		return $stat_->fetchColumn();
	}

/*
		=============================================================
		** Check Items Function
		** Function to Check Item In Database [Function with Parameters]
		** $select = the item to select [Example : user, item, category]
		** $from = the table to select from [Example : users, items, categories]
		** $value = The value of select [Example: Ossama, Box, Electronics]
		==============================================================

function checkItem($select, $from, $value)
	{
		global $con;
		$statment = $con->prepare("SELECT $select FROM $from WHERE $select = ? ");
		$statment->execute(array($value));
		$count = $statment->rowCount();
		
		return $count;
	}

/*
		==============================================
		TEST INPUT FUNCTION, IS USED FOR SANITIZING USER INPUTS
		AND REMOVE SUSPICIOUS CHARS and Remove Extra Spaces
		==============================================

function test_input($data) 
	{
  		$data = trim($data);
  		$data = stripslashes($data);
  		$data = htmlspecialchars($data);
  		//$data = mysqli_real_escape_string($con,$data);
  		return $data;
	}

// Must call session_start() before this loads

// Generate a token for use with CSRF protection.
// Does not store the token.
function csrf_token() {
	return md5(uniqid(rand(), TRUE));
}

// Generate and store CSRF token in user session.
// Requires session to have been started already.
function create_csrf_token() {
	$token = csrf_token();
  $_SESSION['csrf_token'] = $token;
 	$_SESSION['csrf_token_time'] = time();
	return $token;
}

// Destroys a token by removing it from the session.
function destroy_csrf_token() {
  $_SESSION['csrf_token'] = null;
 	$_SESSION['csrf_token_time'] = null;
	return true;
}

// Return an HTML tag including the CSRF token 
// for use in a form.
// Usage: echo csrf_token_tag();
function csrf_token_tag() {
	$token = create_csrf_token();
	return "<input type=\"hidden\" name=\"csrf_token\" value=\"".$token."\">";
}

// Returns true if user-submitted POST token is
// identical to the previously stored SESSION token.
// Returns false otherwise.
function csrf_token_is_valid() {
	if(isset($_POST['csrf_token'])) {
		$user_token = $_POST['csrf_token'];
		$stored_token = $_SESSION['csrf_token'];
		return $user_token === $stored_token;
	} else {
		return false;
	}
}

// You can simply check the token validity and 
// handle the failure yourself, or you can use 
// this "stop-everything-on-failure" function. 
function die_on_csrf_token_failure() {
	if(!csrf_token_is_valid()) {
		die("CSRF token validation failed.");
	}
}

// Optional check to see if token is also recent
function csrf_token_is_recent() {
	$max_elapsed = 60 * 60 * 24; // 1 day
	if(isset($_SESSION['csrf_token_time'])) {
		$stored_time = $_SESSION['csrf_token_time'];
		return ($stored_time + $max_elapsed) >= time();
	} else {
		// Remove expired token
		destroy_csrf_token();
		return false;
	}
}

Cancel / Back

[ MAINHACK ]

Viewing / Editing File: functions.php

Server Info

System Features

User Info