public function init() { $data = $_REQUEST; if (isset($data[Profile::GET_CHANGE_PASSWORD_BUTTON])) { $user = Auth::getInstance()->getUser(); if (strlen(trim($data[Profile::GET_CHANGE_MAIL])) > 0) { if ($user->email != trim($data[Profile::GET_CHANGE_MAIL])) { if (User::validEmail(trim(strip_tags($data[Profile::GET_CHANGE_MAIL])))) { $user->email = trim(strip_tags($data[Profile::GET_CHANGE_MAIL])); $user->password = User::getHashPassword($user->password, strtolower($user->email)); } else { Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=2'); } } } if (strlen(trim($data[Profile::GET_CHANGE_PASSWORD])) > 0) { if (!User::passwordIsValid($data[Profile::GET_CHANGE_PASSWORD])) { Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=0'); } else { $user->password = User::getHashPassword(trim(strip_tags($data[Profile::GET_CHANGE_PASSWORD])), strtolower($user->email)); } } $user->save(); Flight::redirect($_SERVER['REDIRECT_URL'] . '?success=1'); return true; } }
} }); $app->post('/signup', function () use($app) { $req = $app->request(); $err = array('db_err' => 0, 'name' => 0, 'username' => 0, 'email' => 0, 'password' => 0, 'conf_password' => 0, 'mismatch' => 0, 'invalid_email' => 0, 'duplicate' => 0); $action = 0; if ($req->post('signup')) { require_once 'core/user.inc.php'; $user = new User(); $name = $req->post('name'); $username = $req->post('username'); $password = $req->post('passwd'); $conf_password = $req->post('con_passwd'); $email = $req->post('email'); if (!empty($name) && !empty($username) && !empty($email) && !empty($password) && !empty($conf_password)) { if ($user->validEmail($email) && $password == $conf_password) { $user_details = array('name' => $name, 'username' => $username, 'password' => $password, 'email' => $email); $result = $user->addUser($user_details); if ($result == 1) { //Succesful Signup, redirect to login to confirm registration $app->redirect('/Blog-It/login'); } elseif (explode(' ', $result)[0] == 'Duplicate') { $err['duplicate'] = 1; $app->render('signup.php', array('err' => $err, 'action' => $action)); } else { $err['db_err'] = 1; $app->render('signup.php', array('err' => $err, 'action' => $action)); } } else { if (!$user->validEmail($email)) { $action = 1;
// yes // handle form submission $changesArray = array(); $valerr = array(); // password if ($_POST['password'] != $pword) { if (strlen($_POST['password']) < 8) { $valerr['password'] = '******'; } else { // has changed $changesArray['password'] = User::hashWithSalt($_POST['password'], $usalt); } } // email if ($_POST['email'] != $email) { if (!User::validEmail($_POST['email'])) { $valerr['email'] = 'Please enter a valid email address.'; } else { $changesArray['email'] = $_POST['email']; $email = $_POST['email']; } } if (User::$role == 2) { // if is an administrator... // can edit more stuff! // username if ($_POST['username'] != $uname && $_POST['username'] != '') { $valerra = User::validateUsername($uname); if ($valerra == true) { $changesArray['username'] = $_POST['username']; $uname = $_POST['username'];