ajax_error('You have reached the maximum number of registration requests allowed. Please try again later.');
}
//Check for errors
if (empty($_POST)) {
ajax_error('Invalid request.');
}
if (empty($_POST['email'])) {
ajax_error('Please enter your e-mail address.');
}
$email = strtolower(trim($_POST['email']));
try {
$config = new \NRG\Configuration(CONFIG_FILE);
$dbconf = $config->Database;
//Make sure the username is registered with this application
$db = new Database($dbconf['host'], $dbconf['user'], $dbconf['pass'], $dbconf['name'], $dbconf['port']);
$user = $db->searchUser($email);
if (!empty($user)) {
if ($user['requested'] == 1) {
ajax_error('Your access request is pending approval.');
}
if ($user['roleID']) {
ajax_error('Your username has been enabled, please log in.');
} else {
ajax_error('Your access request is currently being reviewed.');
}
}
//Looks like there is nothing else left to do, except add the user to the Acl table with
//NULL privileges
$db->createUser($email);
$ur = $config->UserRegistration;
//Prepare an e-mail message
ajax_error('Your password contains invalid characters or is empty.');
}
//$login=new NRG\Login($username,$txtPassword);
//Check the username and password
try {
$config = new \NRG\Configuration(CONFIG_FILE);
$logged_in = false;
$user = array();
$setupconf = $config->Setup;
$dbconf = $config->Database;
//Make sure the username is registered with this application
$db = new Database($dbconf['host'], $dbconf['user'], $dbconf['pass'], $dbconf['name'], $dbconf['port']);
if (!empty($setupconf) && isset($setupconf['setupkey'])) {
$setupkey = trim($setupconf['setupkey']);
if (strlen($setupkey) > 0 && $txtPassword === $setupkey) {
$user = $db->searchUser(SYSTEM_USERNAME);
if (empty($user)) {
ajax_error('OnlineScoring was not setup properly. Please backup your current database, drop all the tables and recreate the table structure using db/onlinescoring.sql from the installation package.');
}
$logged_in = true;
}
}
if ($logged_in === false) {
$user = $db->searchUser($username);
if (empty($user)) {
ajax_error('You must <a href="javascript:showRegistrationForm()">request access</a> first.');
}
if ($user['requested'] == 1) {
ajax_error('Your access request is pending approval.');
}
if (!$user['enabled']) {
if (empty($_POST) || empty($_POST['username'])) {
ajax_error('Invalid request.');
}
$username = strtolower(trim($_POST['username']));
//Make sure the username and password contain only valid characters
if (!preg_match('/^[A-Za-z0-9@\\.]+$/', $username)) {
ajax_error('Your username contains invalid characters or is empty.');
}
//Check the username and password
try {
$config = new \NRG\Configuration(CONFIG_FILE);
$user = array();
$dbconf = $config->Database;
//Make sure the username is registered with this application
$db = new Database($dbconf['host'], $dbconf['user'], $dbconf['pass'], $dbconf['name'], $dbconf['port']);
$user = $db->searchUser($username);
if (empty($user)) {
ajax_error('Invalid user.');
}
if ($user['requested'] == 1) {
ajax_error('This user is still pending for approval.');
}
if (!$user['enabled']) {
ajax_error('This user account has been disabled.');
}
if (!isset($user['roleID']) || $user['roleID'] == NULL) {
ajax_error('Please assign privileges to this account prior to switching users.');
}
$_SESSION['auth'] = true;
$_SESSION['username'] = $user['username'];
$_SESSION['role'] = $user['name'];
