public function init()
{
$data = $_REQUEST;
if (isset($data[Profile::GET_CHANGE_PASSWORD_BUTTON])) {
$user = Auth::getInstance()->getUser();
if (strlen(trim($data[Profile::GET_CHANGE_MAIL])) > 0) {
if ($user->email != trim($data[Profile::GET_CHANGE_MAIL])) {
if (User::validEmail(trim(strip_tags($data[Profile::GET_CHANGE_MAIL])))) {
$user->email = trim(strip_tags($data[Profile::GET_CHANGE_MAIL]));
$user->password = User::getHashPassword($user->password, strtolower($user->email));
} else {
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=2');
}
}
}
if (strlen(trim($data[Profile::GET_CHANGE_PASSWORD])) > 0) {
if (!User::passwordIsValid($data[Profile::GET_CHANGE_PASSWORD])) {
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=0');
} else {
$user->password = User::getHashPassword(trim(strip_tags($data[Profile::GET_CHANGE_PASSWORD])), strtolower($user->email));
}
}
$user->save();
Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=1');
return true;
}
}
}
});
$app->post('/signup', function () use($app) {
$req = $app->request();
$err = array('db_err' => 0, 'name' => 0, 'username' => 0, 'email' => 0, 'password' => 0, 'conf_password' => 0, 'mismatch' => 0, 'invalid_email' => 0, 'duplicate' => 0);
$action = 0;
if ($req->post('signup')) {
require_once 'core/user.inc.php';
$user = new User();
$name = $req->post('name');
$username = $req->post('username');
$password = $req->post('passwd');
$conf_password = $req->post('con_passwd');
$email = $req->post('email');
if (!empty($name) && !empty($username) && !empty($email) && !empty($password) && !empty($conf_password)) {
if ($user->validEmail($email) && $password == $conf_password) {
$user_details = array('name' => $name, 'username' => $username, 'password' => $password, 'email' => $email);
$result = $user->addUser($user_details);
if ($result == 1) {
//Succesful Signup, redirect to login to confirm registration
$app->redirect('/Blog-It/login');
} elseif (explode(' ', $result)[0] == 'Duplicate') {
$err['duplicate'] = 1;
$app->render('signup.php', array('err' => $err, 'action' => $action));
} else {
$err['db_err'] = 1;
$app->render('signup.php', array('err' => $err, 'action' => $action));
}
} else {
if (!$user->validEmail($email)) {
$action = 1;
// yes
// handle form submission
$changesArray = array();
$valerr = array();
// password
if ($_POST['password'] != $pword) {
if (strlen($_POST['password']) < 8) {
$valerr['password'] = '******';
} else {
// has changed
$changesArray['password'] = User::hashWithSalt($_POST['password'], $usalt);
}
}
// email
if ($_POST['email'] != $email) {
if (!User::validEmail($_POST['email'])) {
$valerr['email'] = 'Please enter a valid email address.';
} else {
$changesArray['email'] = $_POST['email'];
$email = $_POST['email'];
}
}
if (User::$role == 2) {
// if is an administrator...
// can edit more stuff!
// username
if ($_POST['username'] != $uname && $_POST['username'] != '') {
$valerra = User::validateUsername($uname);
if ($valerra == true) {
$changesArray['username'] = $_POST['username'];
$uname = $_POST['username'];
