application/controllers/Invite.php - code-igniter-v3-giggi - Gitiles

 <?php

 class Invite extends CI_Controller {
     private function is_valid_file($rel_path = '/', $file_html = 'home.html')
     {
         $abs_path = APPPATH.$rel_path.$file_html;
         if (file_exists($abs_path))
             return true;

         return false;
     }

     private function is_post_invalid()
     {
         return !$this->form_validation->run();
     }

 	public function view($file_name = 'invite')
 	{
         $file_html = $file_name.'.html';
         if ($this->is_valid_file('views/page/', $file_html))
         {
             $this->form_validation->set_rules('username', 'Username',
                 'required|min_length[5]|max_length[12]|is_unique[users.username]',
                 array(
                     'required' => 'You must provide a %s',
                     'min_length' => '%s must be more than 5 chars',
                     'max_length' => '%s must be less than 12 chars',
                     'is_unique' => 'This %s already exists'
                 )
             );

             $this->form_validation->set_rules('password', 'Password', 'required',
                 array('required' => 'You must provide a %s')
             );

             $this->form_validation->set_rules('passconf', 'Password Confirmation',
                 'required|matches[password]',
                 array(
                     'required' => 'You must provide a %s',
                     'matches' => 'Passowrd confirmation didn\'t match'
                 )
             );

             $this->form_validation->set_rules('email', 'Email', 'required',
                 array('required' => 'You must provide a %s')
             );

             if ($this->is_post_invalid())
             {
                 /* Validation errors already set */
             }
             else
             {
                 /* Add backticks on ientifiers */
                 $this->db->protect_identifiers('users', TRUE);

                 /* Always use query bindings as they are automatically escaped */
                 $stmt = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)";
                 $data = $this->input->post(array('username', 'email'));
                 $password = $this->input->post('password');

                 $pepp = getenv('HOST_PEPPER');
                 $pepp_password = hash_hmac("sha256", $password, $pepp);
                 $hash_password = password_hash($pepp_password, PASSWORD_BCRYPT);

                 $data['password'] = $hash_password;

                 if (!$this->db->query($stmt, $data))
                 {
                     /* Debug:
                      *
                      * $error = $this->db->error();
                      * var_dump($error);
                      */
                     $this->form_validation->set_message('submit_msg', 'Didn\'t work, :|');
                 }
                 else
                 {
                     $this->form_validation->set_string('Invite succesfully sent');
                 }
             }

             $this->load->view('page/'.$file_html);
         }
         else
         {
             redirect(base_url('index.html'));
         }
 	}
 }
	<?php

	class Invite extends CI_Controller {
	private function is_valid_file($rel_path = '/', $file_html = 'home.html')
	{
	$abs_path = APPPATH.$rel_path.$file_html;
	if (file_exists($abs_path))
	return true;

	return false;
	}

	private function is_post_invalid()
	{
	return !$this->form_validation->run();
	}

	public function view($file_name = 'invite')
	{
	$file_html = $file_name.'.html';
	if ($this->is_valid_file('views/page/', $file_html))
	{
	$this->form_validation->set_rules('username', 'Username',
	'required\|min_length[5]\|max_length[12]\|is_unique[users.username]',
	array(
	'required' => 'You must provide a %s',
	'min_length' => '%s must be more than 5 chars',
	'max_length' => '%s must be less than 12 chars',
	'is_unique' => 'This %s already exists'
	)
	);

	$this->form_validation->set_rules('password', 'Password', 'required',
	array('required' => 'You must provide a %s')
	);

	$this->form_validation->set_rules('passconf', 'Password Confirmation',
	'required\|matches[password]',
	array(
	'required' => 'You must provide a %s',
	'matches' => 'Passowrd confirmation didn\'t match'
	)
	);

	$this->form_validation->set_rules('email', 'Email', 'required',
	array('required' => 'You must provide a %s')
	);

	if ($this->is_post_invalid())
	{
	/* Validation errors already set */
	}
	else
	{
	/* Add backticks on ientifiers */
	$this->db->protect_identifiers('users', TRUE);

	/* Always use query bindings as they are automatically escaped */
	$stmt = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)";
	$data = $this->input->post(array('username', 'email'));
	$password = $this->input->post('password');

	$pepp = getenv('HOST_PEPPER');
	$pepp_password = hash_hmac("sha256", $password, $pepp);
	$hash_password = password_hash($pepp_password, PASSWORD_BCRYPT);

	$data['password'] = $hash_password;

	if (!$this->db->query($stmt, $data))
	{
	/* Debug:
	*
	* $error = $this->db->error();
	* var_dump($error);
	*/
	$this->form_validation->set_message('submit_msg', 'Didn\'t work, :\|');
	}
	else
	{
	$this->form_validation->set_string('Invite succesfully sent');
	}
	}

	$this->load->view('page/'.$file_html);
	}
	else
	{
	redirect(base_url('index.html'));
	}
	}
	}