From 5379f1b5d533213b996266f73d5411a76b6bd403 Mon Sep 17 00:00:00 2001
From: junco <junco@mailinator.com>
Date: Thu, 10 Sep 2015 20:00:59 -0500
Subject: [PATCH] some little changes

---
 login.php | 63 ++++++++++++++++++++++++++++++-------------------------
 1 file changed, 35 insertions(+), 28 deletions(-)

diff --git a/login.php b/login.php
index e3d0bab..115d0a5 100644
--- a/login.php
+++ b/login.php
@@ -1,4 +1,4 @@
-<?php 
+<?php
 //If the page was gotten to by clicking the submit button then run the login() function
 if($_POST){
     if(isset($_POST['Submit'])){
@@ -6,37 +6,43 @@
 	}
 }
 
+function generate_uid() {
+  $str1 = str_pad(dechex(mt_rand()), 8, "0", STR_PAD_LEFT);
+  $str2 = str_pad(dechex(mt_rand()), 8, "0", STR_PAD_LEFT);
+  return $str1 . $str2;
+}
+
 function login() {
 	//make sure user inputted a username
 	if(isset($_POST['username']) && $_POST['username'] != "") {
-		if(!isset($_COOKIE['uniqueID'])) {
-			//If no cookie is found on device add cookie
-			$expire=time()+60*60*24*30;//however long you want (current expires in 30 days)
-			setcookie('uniqueID', uniqid(), $expire);
-		}
-		
+
+		//If no cookie is found on device add cookie
+		$expire=time()+60*60*24*30;//however long you want (current expires in 30 days)
+    $new_uniqueID = generate_uid();
+		setcookie('uniqueID', $new_uniqueID , $expire);
+
 		$username = $_POST['username'];
 		echo 'username: ' . $username . '</br>';
-		
-		//database server 
-		define('db_server', 'localhost'); 
 
-		//user, password, and database variables 
-		$db_user = 'dro'; 
-		$db_password = 'password';     
-		$db_dbname = 'saltybet'; 
+		//database server
+		define('db_server', 'localhost');
 
-		//connect to the database server 
-		$db = mysql_connect(db_server, $db_user, $db_password); 
-		if ($db) { 
-			//select database name 
-			mysql_select_db($db_dbname); 
+		//user, password, and database variables
+		$db_user = 'dro';
+		$db_password = 'password';
+		$db_dbname = 'saltybet';
+
+		//connect to the database server
+		$db = mysql_connect(db_server, $db_user, $db_password);
+		if ($db) {
+			//select database name
+			mysql_select_db($db_dbname);
 
 			//check to see if user exists
 			$user_exists_query = 'SELECT * FROM users WHERE username=\'' . $username . '\';';
 			echo $user_exists_query . '</br>';
 			$user_exists = mysql_query($user_exists_query);
-			$unique_id_exists_query = 'SELECT * FROM users WHERE uniqueId=\'' . $_COOKIE['uniqueID'] . '\';';
+			$unique_id_exists_query = 'SELECT * FROM users WHERE uniqueId=\'' . $new_uniqueID . '\';';
 			echo $unique_id_exists_query . '</br>';
 			$unique_id_exists = mysql_query($unique_id_exists_query);
 
@@ -45,16 +51,17 @@ function login() {
 
 			if(mysql_num_rows($user_exists)==0 && mysql_num_rows($unique_id_exists) == 0) {
 				//Insert user by uniqueID into users table
-				$insert_query = "INSERT INTO users (uniqueId,username,saltyBucks) VALUES ('" . $_COOKIE['uniqueID'] . "','" . $username . "',10);";
+				$insert_query = "INSERT INTO users (uniqueId,username,saltyBucks)
+              VALUES ('" . $new_uniqueID . "','" . $username . "',10);";
 				echo $insert_query . '</br>';
 				mysql_query($insert_query, $db) or die("Error: ".mysql_error());
-				
+
 				//Redirect back to test.php
 				header("Location: user.php");
 				die();
 			} else if(mysql_num_rows($unique_id_exists)!=0) {
 				echo 'Device is already registered';
-				
+
 				//Redirect back to test.php
 				header("Location: user.php");
 				die();
@@ -63,8 +70,8 @@ function login() {
 			} else {
 				echo 'SHOULD NOT GET HERE!';
 			}
-		} 
-		//close database connection 
+		}
+		//close database connection
 		mysql_close($db);
 	} else {
 		echo 'Please input a username </br>';
@@ -72,14 +79,14 @@ function login() {
 }
 ?>
 
-<H1>Login to Salty Bet Dream Casino</H1>
+<h1>Welcome to Salty Bet Dream Casino</h1>
 <form action="login.php" method="POST">
 <table>
 	<tr>
-		<td>Username: <input type="text" id="username" name="username"/></td>
+		<td>Pick a username: <input type="text" id="username" name="username"/></td>
 	</tr>
 	<tr>
 		<td><input type="submit" name="Submit" value="Submit"/></td>
 	</tr>
 </table>
-</form>
\ No newline at end of file
+</form>