Database File

Encrypted Messenger PHP

mysqli

Represents a connection between PHP and a MySQL database.

query

mysqli::query — mysqli_query — Performs a query on the database

close

mysqli::close — mysqli_close — Closes a previously opened database connection

prepare

mysqli::prepare — mysqli_prepare — Prepare an SQL statement for execution

bind_param

mysqli_stmt::bind_param — mysqli_stmt_bind_param — Binds variables to a prepared statement as parameters

execute

mysqli_stmt::execute — mysqli_stmt_execute — Executes a prepared Query

PDO

Represents a connection between PHP and a database server.

setAttribute

PDO::setAttribute — Set an attribute

fetchColumn

PDOStatement::fetchColumn — Returns a single column from the next row of a result set

catch

PHP 5 has an exception model similar to that of other programming languages. An exception can be thrown, and caught (“catched”) within PHP. Code may be surrounded in a try block, to facilitate the catching of potential exceptions. Each try must have at least one corresponding catch or finally block.

Create a file named secured-database.php


<?php

//***********************************************************************************************

require 'secured-configuration.php';

//***********************************************************************************************

function gns_query($xgnsx)
{
$xsecuredx = new mysqli(XXXSGNSDBHXXX,XXXSGNSDBUXXX,XXXSGNSDBPXXX,XXXSGNSDBNXXX);

if ($xsecuredx->connect_error)
die("Secured By Omid Bahrami");

$xrx=$xsecuredx->query($xgnsx);
if($xrx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xsecuredx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

return $xrx;
}

//***********************************************************************************************

function gns_sign_up($xux,$xpx,$xex,$xmx)
{
$xsecuredx = new mysqli(XXXSGNSDBHXXX,XXXSGNSDBUXXX,XXXSGNSDBPXXX,XXXSGNSDBNXXX);

if ($xsecuredx->connect_error)
die("Secured By Omid Bahrami");

$xxxuxxx=$xux;
$xxxpxxx=$xpx;
$xxxexxx=$xex;
$xxxmxxx=$xmx;

$xtoxicx = $xsecuredx->prepare("INSERT INTO `users` ( `user` , `pass` , `email` , `xuser` ) VALUES ( ? , ? , ? , ? );");
if($xtoxicx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->bind_param("ssss", $xxxuxxx, $xxxpxxx, $xxxexxx , $xxxmxxx);
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->execute();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xsecuredx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");
}

//***********************************************************************************************

function gns_sign_in($xux)
{
$servername = XXXSGNSDBHXXX;
$username = XXXSGNSDBUXXX;
$password = XXXSGNSDBPXXX;
$dbname = XXXSGNSDBNXXX;
$xxxuxxx=$xux;

try
{
$xsecuredx = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);

$xsecuredx->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

$xtoxicx = $xsecuredx->prepare("SELECT COUNT(`pass`) FROM `users` WHERE `user` = :xuserx ; ");

$xtoxicx->bindParam(':xuserx', $xxxuxxx);

$xtoxicx->execute();

$n=$xtoxicx->fetchColumn();

if ($n == 1)
{
$xtoxicx = $xsecuredx->prepare("SELECT `pass` FROM `users` WHERE `user` = :xuserx ; ");

$xtoxicx->bindParam(':xuserx', $xxxuxxx);

$xtoxicx->execute();

$xrx=$xtoxicx->fetchColumn();
}

else
$xrx=false;

}

catch(PDOException $x)
{
die("Secured By Omid Bahrami");
}

$xtoxicx = null;
$xsecuredx = null;

return $xrx;
}

//***********************************************************************************************

function gns_update_email($xex,$xux)
{
$xsecuredx = new mysqli(XXXSGNSDBHXXX,XXXSGNSDBUXXX,XXXSGNSDBPXXX,XXXSGNSDBNXXX);

if ($xsecuredx->connect_error)
die("Secured By Omid Bahrami");

$xxxexxx=$xex;
$xxxuxxx=$xux;

$xtoxicx = $xsecuredx->prepare( "UPDATE `users` SET `email` = ? WHERE `user`= ? ; " );
if($xtoxicx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->bind_param("ss", $xxxexxx , $xxxuxxx );
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->execute();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xsecuredx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");
}

//***********************************************************************************************

function gns_get_email($xux)
{
$xsqlx="SELECT `email` FROM `users` WHERE `user`= '$xux' ; ";

$xrx=gns_query($xsqlx);

return $xrx;
}

//***********************************************************************************************

function gns_new($xsx,$xkx,$xjx,$xmx,$xdx,$xxsx,$xxkx)
{
$xsecuredx = new mysqli(XXXSGNSDBHXXX,XXXSGNSDBUXXX,XXXSGNSDBPXXX,XXXSGNSDBNXXX);

if ($xsecuredx->connect_error)
die("Secured By Omid Bahrami");

$xxxsxxx=$xsx;
$xxxkxxx=$xkx;
$xxxjxxx=$xjx;
$xxxmxxx=$xmx;
$xxxdxxx=$xdx;
$sxxxsxxx=$xxsx;
$kxxxkxxx=$xxkx;

$xtoxicx = $xsecuredx->prepare("INSERT INTO `pms` ( `sender`, `taker`, `subject` , `text`, `time` , `xsender` , `xtaker` , `delete_sender` , `delete_taker` ) VALUES ( ?,?,?,?,?,?,? , '0' , '0' ) ; ");
if($xtoxicx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->bind_param("sssssss", $xxxsxxx, $xxxkxxx, $xxxjxxx , $xxxmxxx , $xxxdxxx ,$sxxxsxxx ,$kxxxkxxx);
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->execute();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xsecuredx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");
}

//***********************************************************************************************

function gns_get_inbox($xux)
{
$xsqlx="SELECT * FROM `pms` WHERE `taker`= '$xux' AND `delete_taker`= '0' ORDER BY `id` DESC ; ";

$xrx=gns_query($xsqlx);

return $xrx;
}

//***********************************************************************************************

function gns_delete_inbox($xix,$xux)
{
$xsecuredx = new mysqli(XXXSGNSDBHXXX,XXXSGNSDBUXXX,XXXSGNSDBPXXX,XXXSGNSDBNXXX);

if ($xsecuredx->connect_error)
die("Secured By Omid Bahrami");

$xxxixxx=$xix;
$xxxuxxx=$xux;

$xtoxicx = $xsecuredx->prepare( "UPDATE `pms` SET `delete_taker` = '1' WHERE `pms`.`id`= ? AND `taker`= ? ; " );
if($xtoxicx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->bind_param("ss", $xxxixxx , $xxxuxxx );
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->execute();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xsecuredx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");
}

//***********************************************************************************************

function gns_get_sent($xux)
{
$xsqlx="SELECT * FROM `pms` WHERE `sender`= '$xux' AND `delete_sender`= '0' ORDER BY `id` DESC ; ";

$xrx=gns_query($xsqlx);

return $xrx;
}

//***********************************************************************************************

function gns_delete_sent($xix,$xux)
{
$xsecuredx = new mysqli(XXXSGNSDBHXXX,XXXSGNSDBUXXX,XXXSGNSDBPXXX,XXXSGNSDBNXXX);

if ($xsecuredx->connect_error)
die("Secured By Omid Bahrami");

$xxxixxx=$xix;
$xxxuxxx=$xux;

$xtoxicx = $xsecuredx->prepare( "UPDATE `pms` SET `delete_sender` = '1' WHERE `pms`.`id`= ? AND `sender`= ? ; " );
if($xtoxicx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->bind_param("ss", $xxxixxx , $xxxuxxx );
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->execute();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xsecuredx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");
}

//***********************************************************************************************

function gns_check_https()
{
if(XSSLX)
if(!isset($_SERVER['HTTPS']))
header("Location:https://".$_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"]);
}

//***********************************************************************************************

function gns_save_cookie($xax,$xbx,$xcx,$xux,$xtx)
{
$xsecuredx = new mysqli(XXXSGNSDBHXXX,XXXSGNSDBUXXX,XXXSGNSDBPXXX,XXXSGNSDBNXXX);

if ($xsecuredx->connect_error)
die("Secured By Omid Bahrami");

$xhx = $xax;
$xxhxx = $xbx;
$xxxhxxx = $xcx;
$xxxuxxx = $xux;
$xxxtxxx = $xtx;

$xtoxicx = $xsecuredx->prepare( "UPDATE `users` SET `pass1` = ? , `pass2` = ? , `pass3` = ? , `time` = ? WHERE `user` = ? ; " );
if($xtoxicx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->bind_param( "sssss" , $xhx , $xxhxx , $xxxhxxx , $xxxtxxx , $xxxuxxx );
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->execute();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xtoxicx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");

$xtx=$xsecuredx->close();
if($xtx==FALSE)
die("Secured By Omid Bahrami");
}

//***********************************************************************************************

function gns_sign_in_cookie($xax,$xbx,$xcx)
{
$servername = XXXSGNSDBHXXX;
$username = XXXSGNSDBUXXX;
$password = XXXSGNSDBPXXX;
$dbname = XXXSGNSDBNXXX;

$xhx = $xax;
$xxhxx = $xbx;
$xxxhxxx = $xcx;

try
{
$xsecuredx = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);

$xsecuredx->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

$xtoxicx = $xsecuredx->prepare("SELECT COUNT(`pass3`) FROM `users` WHERE `pass1` = :xpass1x AND `pass2` = :xpass2x ; ");

$xtoxicx->bindParam(':xpass1x', $xhx);
$xtoxicx->bindParam(':xpass2x', $xxhxx);

$xtoxicx->execute();

$n=$xtoxicx->fetchColumn();

if ($n == 1)
{
$xtoxicx = $xsecuredx->prepare("SELECT `pass3` FROM `users` WHERE `pass1` = :xpass1x AND `pass2` = :xpass2x ; ");

$xtoxicx->bindParam(':xpass1x', $xhx);
$xtoxicx->bindParam(':xpass2x', $xxhxx);

$xtoxicx->execute();

$xrx=$xtoxicx->fetchColumn();

if( password_verify($xxxhxxx,$xrx) )
{
$xtoxicx = $xsecuredx->prepare("SELECT `xuser` FROM `users` WHERE `pass1` = :xpass1x AND `pass2` = :xpass2x ; ");

$xtoxicx->bindParam(':xpass1x', $xhx);
$xtoxicx->bindParam(':xpass2x', $xxhxx);

$xtoxicx->execute();

$xrx=$xtoxicx->fetchColumn();
}

else
$xrx=false;

}

else
$xrx=false;

}

catch(PDOException $x)
{
die("Secured By Omid Bahrami");
}

$xtoxicx = null;
$xsecuredx = null;

return $xrx;
}

//***********************************************************************************************

function gns_check_cookie()
{

if( isset($_COOKIE[XFIRSTNX]) && isset($_COOKIE[XSECONDNX]) && isset($_COOKIE[XTHIRDNX]) )
{

if ( gns_validate_cookie($_COOKIE[XFIRSTNX]) && gns_validate_cookie($_COOKIE[XSECONDNX]) && gns_validate_cookie($_COOKIE[XTHIRDNX])) 
{

$xhx = gns_hash_xvx($_COOKIE[XFIRSTNX]);
$xxhxx = gns_hash_xxvxx($_COOKIE[XSECONDNX]);
$xxxhxxx = $_COOKIE[XTHIRDNX];

$xrx=gns_sign_in_cookie($xhx,$xxhxx,$xxxhxxx);

if($xrx!=false)
{
$xpx=gns_decode($xrx);
$xux=gns_hash_fix($xpx);

if( gns_time_cookie($xux) )
{
$_SESSION["secured"] = $xpx;
$_SESSION["xkeyx"]= random_int(100000000,999999999) * 7 ;

gns_create_cookie();
header('location:../profile/');

}

}

}

}

}

//***********************************************************************************************

function gns_create_cookie()
{
$xvx = hash( 'sha3-512' , openssl_random_pseudo_bytes(64) ) ;
$xxvxx = hash( 'sha3-512' , openssl_random_pseudo_bytes(64) ) ;
$xxxvxxx = hash( 'sha3-512' , openssl_random_pseudo_bytes(64) ) ;

$xhx = gns_hash_xvx($xvx);
$xxhxx = gns_hash_xxvxx($xxvxx);
$xxxhxxx = gns_hash_xxxvxxx($xxxvxxx);

$xux=gns_hash_fix($_SESSION["secured"]);
$xtx=gns_encode( time() + XCXPX );
gns_save_cookie($xhx,$xxhxx,$xxxhxxx,$xux,$xtx);

setcookie( XFIRSTNX , $xvx , time() + XCXPX , "/" , XDOMAINX , true , true );
setcookie( XSECONDNX , $xxvxx , time() + XCXPX , "/" , XDOMAINX , true , true );
setcookie( XTHIRDNX , $xxxvxxx , time() + XCXPX , "/" , XDOMAINX , true , true );
}

//***********************************************************************************************

function gns_time_cookie($xux)
{
$xsqlx="SELECT `time` FROM `users` WHERE `user` = '$xux' ; ";

$xrx=gns_query($xsqlx);
$xcx=$xrx->fetch_assoc();
$xtx=gns_decode($xcx["time"]);
$xnx=time();

if($xtx < $xnx)
{
$xtx=gns_encode(7);
gns_save_cookie("","","",$xux,$xtx);
return false;
}

return true;
}

//***********************************************************************************************

function gns_check_user($xux)
{
$servername = XXXSGNSDBHXXX;
$username = XXXSGNSDBUXXX;
$password = XXXSGNSDBPXXX;
$dbname = XXXSGNSDBNXXX;
$xxxuxxx=$xux;

try
{
$xsecuredx = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);

$xsecuredx->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

$xtoxicx = $xsecuredx->prepare("SELECT COUNT(`user`) FROM `users` WHERE `user` = :xuserx ; ");

$xtoxicx->bindParam(':xuserx', $xxxuxxx);

$xtoxicx->execute();

$n=$xtoxicx->fetchColumn();

if ($n == 1)
$xrx=false;

else
$xrx=true;

}

catch(PDOException $x)
{
die("Secured By Omid Bahrami");
}

$xtoxicx = null;
$xsecuredx = null;

return $xrx;
}

//***********************************************************************************************

?>

Full structure is available at Encrypted Messenger PHP