$email = strtolower(trim($_POST['email'])); try { $config = new \NRG\Configuration(CONFIG_FILE); $dbconf = $config->Database; //Make sure the username is registered with this application $db = new Database($dbconf['host'], $dbconf['user'], $dbconf['pass'], $dbconf['name'], $dbconf['port']); $user = $db->searchUser($email); if (!empty($user)) { if ($user['requested'] == 1) { ajax_error('Your access request is pending approval.'); } if ($user['roleID']) { ajax_error('Your username has been enabled, please log in.'); } else { ajax_error('Your access request is currently being reviewed.'); } } //Looks like there is nothing else left to do, except add the user to the Acl table with //NULL privileges $db->createUser($email); $ur = $config->UserRegistration; //Prepare an e-mail message $message = "User {$email} requested access to " . $_SERVER['HTTP_HOST'] . " from " . $_SERVER['REMOTE_ADDR'] . "."; //Send e-mail $result = mail($ur['to'], $ur['subject'], $message, get_mail_headers($config)); //Send the result back to the server ajax_result(array("success" => 1, "mail" => $result)); } catch (Exception $e) { error_log($e->getMessage(), 0); ajax_error("Internal server error. Please try again later"); }
private function create() { $hasher = new PasswordHash(8, false); $hashedPwd = $hasher->HashPassword($this->password); if (strlen($hashedPwd) < 20) { $this->errno = 5; $this->error = 'Beim Speichern des Passwortes ist ein unbekannter Fehler aufgetreten.'; $this->fail(); } $success = Database::createUser($this->user, $this->email, $hashedPwd); if ($success === TIPPSPIEL_USER_SUCCESS) { $this->success(); } else { if ($success === TIPPSPIEL_USER_EXIST) { $this->errno = 6; $this->error = 'Ein Benutzer mit diesem Namen existiert bereits.'; $this->fail(); } else { if ($success === TIPPSPIEL_USER_UNKNOWN_ERROR) { $this->errno = 7; $this->error = 'Beim Erstellen des Benutzers ist ein unbekannter Fehler aufgetreten. ' . 'Sollte dieser Fehler weiterhin auftreten, wenden Sie sich bitte an einen Administrator.'; $this->fail(); } } } }
} $courseInfo = Database::getCourseByID($_POST['course']); if (!isset($courseInfo['id'])) { $message = urlencode("The course provided is not valid."); header("Location: error.php?error={$message}"); exit; } $myAcc = Database::getAccount(Database::getUserId(Session::user()), $courseInfo['id']); if ($myAcc === NULL || !$myAcc->canPromote()) { $message = urlencode("You do not have permission to add uploaders for this course."); header("Location: error.php?error={$message}"); exit; } $id = Database::getUserId($_POST['user']); if ($id === -1) { $id = Database::createUser($_POST['user']); } $acc = Database::getAccount($id, $_POST['course']); if ($acc !== NULL && $acc->canUpload()) { $message = urlencode("The uploader you want to add is already an uploader."); header("Location: error.php?error={$message}"); exit; } Database::createAccount($id, $_POST['course'], Uploader::getName()); header("Location: admin.php?course={$courseInfo['id']}"); exit; } else { if (isset($_POST['remove']) && isset($_POST['removed']) && isset($_POST['token'])) { if (!Session::verifyToken($_POST['token'])) { $message = urlencode("The token provided does not match."); header("Location: error.php?error={$message}");