I just finished writing a php script for android user registration and login which is working perfectly but i need to add
a theft of identity mechanism to the script. Here are my questions is there a way for me to
1. make the username and password self destruct through cron job immediately after successfull login
or after 30 seconds login of the user i.e if the user logs out of the app and wants to access the app
again he will have to register.
2. Is there a way to make the password locked to phone number or imei of a device. If the user B wants to use user A password
the app should prompt or show dialog "password already in use by another user".
See my code below
<?php
class DbOperations{
private $con;
function __construct(){
require_once dirname(__FILE__).'/DbConnect.php';
$db = new DbConnect();
$this->con = $db->connect();
}
/*CRUD -> C -> CREATE */
public function createUser($username, $pass, $email){
if($this->isUserExist($username,$email)){
return 0;
}else{
$password = md5($pass);
$stmt = $this->con->prepare("INSERT INTO `users` (`id`, `username`, `password`, `email`) VALUES (NULL, ?, ?, ?);");
$stmt->bind_param("sss",$username,$password,$email);
if($stmt->execute()){
return 1;
}else{
return 2;
}
}
}
public function userLogin($username, $pass){
$password = md5($pass);
$stmt = $this->con->prepare("SELECT id FROM users WHERE username = ? AND password = ?");
$stmt->bind_param("ss",$username,$password);
$stmt->execute();
$stmt->store_result();
return $stmt->num_rows > 0;
}
public function getUserByUsername($username){
$stmt = $this->con->prepare("SELECT * FROM users WHERE username = ?");
$stmt->bind_param("s",$username);
$stmt->execute();
return $stmt->get_result()->fetch_assoc();
}
private function isUserExist($username, $email){
$stmt = $this->con->prepare("SELECT id FROM users WHERE username = ? OR email = ?");
$stmt->bind_param("ss", $username, $email);
$stmt->execute();
$stmt->store_result();
return $stmt->num_rows > 0;
}
}
Kindly help
What I have tried:
I posted the above question in stackoverflow and gdg no response yet