1

I'm working on Php web services which are working on localhost when I upload it to Cpanel server it is not responding. it is used is registered but response message is not showing while checking with postman DB_Function has the main function where it is connected to table to insert data.Which is working.

DB_Function.php

 <?php
class DB_Functions {

    private $conn;

    // constructor
    function __construct() {
        require_once 'DB_Connect.php';
        // connecting to database
        $db = new Db_Connect();
        $this->conn = $db->connect();
    }

    // destructor
    function __destruct() {

    }

    /**
     * Storing new user
     * returns user details
     */
    public function storeUser($name, $email, $password, $phone, $address, $address_2,$education, $position, $gender, $bank_account_no, $experience, $company_name, $company_temp, $references_description, $amount ) {
        //$uuid = uniqid('', true);
        $hash = $this->hashSSHA($password);
        $encrypted_password = $hash["encrypted"]; // encrypted password
        $salt = $hash["salt"]; // salt

        $stmt = $this->conn->prepare("INSERT INTO emp_registration( full_name, email, password, salt, phone, address, address_2, education, position, gender, bank_account_no, experience, company_name, company_temp,references_description,amount, created_at) VALUES(?,?, ?, ?, ?, ?, ?, ?,?,?,?,?,?,?,?,?, NOW())");
        $stmt->bind_param("sssssssssssssssi", $name, $email, $encrypted_password, $salt, $phone, $address, $address_2,$education, $position, $gender, $bank_account_no, $experience, $company_name, $company_temp, $references_description, $amount );
        $result = $stmt->execute();
        $stmt->close();

        // check for successful store
        if ($result) {
            $stmt = $this->conn->prepare("SELECT * FROM emp_registration WHERE email = ?");
            $stmt->bind_param("s", $email);
            $stmt->execute();
            $user = $stmt->get_result()->fetch_assoc();
            $stmt->close();

            return $user;
        } else {
            return false;
        }
    }

    /**
     * Get user by email and password
     */
    public function getUserByEmailAndPassword($email, $password) {

        $stmt = $this->conn->prepare("SELECT * FROM emp_registration WHERE email = ?");

        $stmt->bind_param("s", $email);

        if ($stmt->execute()) {
            $user = $stmt->get_result()->fetch_assoc();
            $stmt->close();

            // verifying user password
            $salt = $user['salt'];
            $encrypted_password = $user['password'];
            $hash = $this->checkhashSSHA($salt, $password);
            // check for password equality
            if ($encrypted_password == $hash) {
                // user authentication details are correct
                return $user;
            }
        } else {
            return NULL;
        }
    }

    /**
     * Check user is existed or not
     */
    public function isUserExisted($email) {
        $stmt = $this->conn->prepare("SELECT email from emp_registration WHERE email = ?");

        $stmt->bind_param("s", $email);

        $stmt->execute();

        $stmt->store_result();

        if ($stmt->num_rows > 0) {
            // user existed
            $stmt->close();
            return true;
        } else {
            // user not existed
            $stmt->close();
            return false;
        }
    }

    /**
     * Encrypting password
     * @param password
     * returns salt and encrypted password
     */
    public function hashSSHA($password) {

        $salt = sha1(rand());
        $salt = substr($salt, 0, 10);
        $encrypted = base64_encode(sha1($password . $salt, true) . $salt);
        $hash = array("salt" => $salt, "encrypted" => $encrypted);
        return $hash;
    }

    /**
     * Decrypting password
     * @param salt, password
     * returns hash string
     */
    public function checkhashSSHA($salt, $password) {

        $hash = base64_encode(sha1($password . $salt, true) . $salt);

        return $hash;
    }

}

?>

In Emp_registration it is sending store_user fuction in DB_Functions class but Response is not comming from it on server.

Emp_registration.php

<?php

require_once 'include/DB_Function.php';
$db = new DB_Functions();

// json response array
$response = array("error" => FALSE);

if (isset($_POST['name']) && isset($_POST['email']) && isset($_POST['password']) && isset($_POST['phone']) && isset($_POST['address'])  && isset($_POST['address_2']) &&
    isset($_POST['education']) && isset($_POST['position']) && isset($_POST['gender']) && isset($_POST['bank_account_no']) && isset($_POST['experience'])  && isset($_POST['company_name'])  && isset($_POST['company_temp']) && isset($_POST['references_description'])
    && isset($_POST['amount']) )  {

    // receiving the post params
    $name = $_POST['name'];
    $email = $_POST['email'];
    $password = $_POST['password'];
    $phone = $_POST['phone'];
    $address = $_POST['address'];
    $address_2 = $_POST['address_2'];
    $education = $_POST['education'];
    $position = $_POST['position'];
    $gender = $_POST['gender'];
    $bank_account_no = $_POST['bank_account_no'];
    $experience = $_POST['experience'];
    $company_name = $_POST['company_name'];
    $company_temp = $_POST['company_temp'];
    $references_description = $_POST['references_description'];
    $amount =  intval( $_POST['amount']);



    // check if emp_registration is already existed with the same email
    if ($db->isUserExisted($email)) {
        // emp_registration already existed
        $response["error"] = TRUE;
        $response["error_msg"] = "User already existed with " . $email;
        echo json_encode($response);
    } else {
        // create a new emp_registration
        $emp_registration = $db->storeUser($name, $email, $password, $phone, $address, $address_2, $education, $position, $gender, $bank_account_no, $experience, $company_name, $company_temp, $references_description, $amount);
        if ($emp_registration) {
            // emp_registration stored successfully
            $response["error"] = FALSE;
           $response["emp_id"] = $emp_registration["id"];
            $response["emp_registration"]["full_name"] = $emp_registration["full_name"];
            $response["emp_registration"]["email"] = $emp_registration["email"];
                      $response["emp_registration"]["created_at"] = $emp_registration["created_at"];
            $response["emp_registration"]["updated_at"] = $emp_registration["updated_at"];
            echo json_encode($response);
        } else {
            // emp_registration failed to store
            $response["error"] = TRUE;
            $response["error_msg"] = "Unknown error occurred in registration!";
            echo json_encode($response);
        }
    }
} else {
    $response["error"] = TRUE;
    $response["error_msg"] = "Required parameters (name, email or password) is missing!";
    echo json_encode($response);
}
?>

.htaccess

RewriteEngine on
RewriteCond %{HTTP_HOST} ^web\.ddagroindore\.com$ [OR]
RewriteCond %{HTTP_HOST} ^www\.web\.ddagroindore\.com$
RewriteRule ^/?$ "http\:\/\/ddagroindore\.com\/webservice" [R=301,L]
  • Have you checked the error log on the server? (I'm guessing that _"it is used is registered"_ means that the user gets added to the database?) – M. Eriksson Jul 06 '17 at 06:00
  • **WARNING**: Writing your own access control layer is not easy and there are many opportunities to get it severely wrong. Please, do not write your own authentication system when any modern [development framework](http://codegeekz.com/best-php-frameworks-for-developers/) like [Laravel](http://laravel.com/) comes with a robust [authentication system](https://laravel.com/docs/5.4/authentication) built-in. At the absolute least follow [recommended security best practices](http://www.phptherightway.com/#security) and **never store passwords with a uselessly weak hash like SHA1 or MD5**. – tadman Jul 06 '17 at 06:03
  • I check it using Postman app. It is working fine But only the response message is not showing –  Jul 06 '17 at 06:03
  • If `hashSSHA()` is from [this example](https://stackoverflow.com/questions/12296155/which-hashing-algorithm-to-use-for-password-php) then it's wildly inadequate by modern standards. At the absolute least follow [recommended security best practices](http://www.phptherightway.com/#security). – tadman Jul 06 '17 at 06:04
  • Check in console, what you get the response by using server web service – Saroj Jul 06 '17 at 06:09
  • So, have you checked the error log on the server to see if there's something going wrong? – M. Eriksson Jul 06 '17 at 06:17
  • ddagroindore.com is currently unable to handle this request. HTTP ERROR 500 –  Jul 06 '17 at 06:39
  • Where is hashSSHA() defined? Your calling it with $this, but it isn't in the listing. – Nigel Ren Jul 06 '17 at 06:44
  • please view edit. –  Jul 06 '17 at 06:48
  • Whenever I am trying to get response in form of JSON from server it is showing me HTTP ERROR 500 –  Jul 06 '17 at 07:10
  • PHP Fatal error: Call to undefined method mysqli_stmt::get_result() in /home/ddagroindore/public_html/webservice/include/DB_Function.php on line 64 –  Jul 06 '17 at 10:06

0 Answers0