public static function registerUser() { $newUser = new User(); $username = $_POST['username']; $password = $_POST['password']; $password2 = $_POST['password2']; $boo = FALSE; $errors = User::validateUsername($username); if (count($errors) > 0) { View::make('/user/register.html', array('message' => $errors[0])); } $errors = User::validatePassword($password); if (count($errors) > 0) { View::make('/user/register.html', array('username' => $username, 'message' => $errors[0])); } $newUser->setUsername($username); $newUser->setPassword($password); $newUser->setAdmin($boo); if ($password == $password2) { $newUser->saveUser(); $_SESSION['user'] = $newUser->user_id; } else { Redirect::to('/register', array('username' => $username, 'message' => 'Passwords do not match.')); } Redirect::to('/', array('message' => 'User has been registered.')); }
public function actionView($productId) { $categories = array(); $categories = Platform::getPlatformList(); $product = Products::getProductById($productId); $productId = $product['id']; $platform = Platform::getPlatformById($product['platform_id']); $comments = Comment::getCommentsByProductId($productId); //COMMENTS if (isset($_POST['submit'])) { $userComment = $_POST['message']; $errors = false; if (!Comment::validateMessage($userComment)) { $errors[] = "Введите собщение"; } if (User::isGuest()) { $userName = $_POST['name']; $userEmail = $_POST['email']; if (!User::validateUsername($userName)) { $errors[] = "Неверное имя"; } if (!User::validateEmail($userEmail)) { $errors[] = "Неверный Email"; } $userId = false; } else { $userId = User::validateLogged(); $user = User::getUserById($userId); $userName = $user['name']; } Comment::addComment($userComment, $userId, $userName, $productId); } require_once ROOT . '/views/product/view.php'; return true; }
public function actionRegister() { $result = false; $username = ''; $password = ''; $email = ''; $confirm_password = ''; if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $email = $_POST['email']; $confirm_password = $_POST['confirm-password']; $errors = false; if (!User::validateUsername($username)) { $errors[] = "Имя должно быть больше 5 символов и не должно содержать пробелы"; } if (!User::validateEmail($email)) { $errors[] = "Неккоректный email"; } if (User::validateEmailExist($email)) { $errors[] = "Такой email уже существует"; } if (!User::validatePassword($password)) { $errors[] = "Пароль должен быть больше 3 символов"; } if (!User::comparPassword($password, $confirm_password)) { $errors[] = "Пароли не совпадают"; } if ($errors == false) { $result = User::register($username, $email, $password); } } require_once ROOT . '/views/user/register.php'; return true; }
public function actionEdit() { $userId = User::validateLogged(); $user = User::getUserById($userId); $result = false; $username = $user['name']; if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $confirm_password = $_POST['confirm-password']; $errors = false; if (!User::validateUsername($username)) { $errors[] = "Имя должно быть больше 5 символов"; } if ($errors == false) { $result = User::edit($userId, $username, $password); } } require_once ROOT . '/views/cabinet/edit.php'; return true; }
} try { if ($filtered['register-submit']) { $t->username = $username = $filtered['register-username']; $t->email = $email = $filtered['register-email' ]; $t->emailv = $emailv = $filtered['register-emailv' ]; $t->nation = $nation = max(0, min($filtered['register-nation'], 4)); $t->rules = $rules = $filtered['register-rules' ]; $t->referrerId = $filtered['register-referrer']; $captcha = $filtered['register-captcha' ]; $uLength = strlen($username); if (!User::validateUsername($username)) { throw new Exception('Invalid Username'); } if ($email != $emailv) { throw new Exception('The Email addresses do not match'); } if (!$email or !verifyEmail($email)) { throw new Exception('Invalid Email address'); } if (stripos($email, "ww2game.net") !== false) { throw new Exception('Invalid Email address'); }
/** * Verifies the account data present in the session * @param boolean $silent If true, no messages are created. * Defaults to false * @return boolean True if the account data is complete * and valid, false otherwise */ static function verify_account($silent = false) { global $_ARRAYLANG; //\DBG::log("Verify account"); $status = true; //\DBG::log("POST: ". var_export($_POST, true)); if (isset($_POST) && !self::verifySessionAddress()) { if ($silent) { return false; } $status = \Message::error($_ARRAYLANG['TXT_FILL_OUT_ALL_REQUIRED_FIELDS']); } // Registered Customers are okay now if (self::$objCustomer) { return $status; } if (\Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_MANDATORY || \Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_OPTIONAL && empty($_SESSION['shop']['dont_register'])) { if (isset($_SESSION['shop']['password']) && !\User::isValidPassword($_SESSION['shop']['password'])) { if ($silent) { return false; } global $objInit; $objInit->loadLanguageData('Access'); $status = \Message::error(\Cx\Core_Modules\Access\Controller\AccessLib::getPasswordInfo()); } } else { // User is not trying to register, so she doesn't need a password. // Mind that this is necessary in order to avoid passwords filled // in automatically by the browser, which may be wrong, or // invalid, or both. $_SESSION['shop']['password'] = NULL; } if (isset($_SESSION['shop']['email']) && !\FWValidator::isEmail($_SESSION['shop']['email'])) { if ($silent) { return false; } $status = \Message::error($_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS']); } if (!$status) { return false; } if (isset($_SESSION['shop']['email'])) { // Ignore "unregistered" Customers. These will silently be updated if (Customer::getUnregisteredByEmail($_SESSION['shop']['email'])) { return true; } $objUser = new \User(); $objUser->setUsername($_SESSION['shop']['email']); $objUser->setEmail($_SESSION['shop']['email']); \Message::save(); // This method will set an error message we don't want here // (as soon as it uses the Message class, that is) if (!($objUser->validateUsername() && $objUser->validateEmail())) { //\DBG::log("Shop::verify_account(): Username or e-mail in use"); \Message::restore(); $_POST['email'] = $_SESSION['shop']['email'] = NULL; if ($silent) { return false; } return \Message::error(sprintf($_ARRAYLANG['TXT_EMAIL_USED_BY_OTHER_CUSTOMER'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'login') . '?redirect=' . base64_encode(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'account')))) || \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_GOTO_SENDPASS'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'sendpass'))); } \Message::restore(); } return $status; }
"/></td> </tr><tr> <td> </td> <td><input type="submit" value="Submit"/></td> <td><input type="hidden" name="submitted" value="1"/></td> </tr><tr> </table> </form> <?php $form = ob_get_clean(); // show the form if this is the first time the page is viewed if (!isset($_POST['submitted'])) { $GLOBALS['TEMPLATE']['content'] = $form; } else { // validate username if (User::validateUsername($_POST['username'])) { $user = User::getByUsername($_POST['username']); if (!$user->userId) { $GLOBALS['TEMPLATE']['content'] = '<p><strong>Sorry, that ' . 'account does not exist.</strong></p> <p>Please try a ' . 'different username.</p>'; $GLOBALS['TEMPLATE']['content'] .= $form; } else { // generate new password $password = random_text(8); // send the new password to the email address on record $message = 'Your new password is: ' . $password; mail($user->emailAddr, 'New password', $message); $GLOBALS['TEMPLATE']['content'] = '<p><strong>A new ' . 'password has been emailed to you.</strong></p>'; // store the new password $user->password = $password; $user->save(); }
<?php require_once "../includes/initialize.php"; // redirect to main page if already logged in if ($session->is_logged_in()) { header("Location: ../main"); exit; } // Process submitted form data if (isset($_POST["submit"])) { $username = trim($_POST["username"]); $password = $_POST["password"]; $password2 = $_POST["password2"]; $passwordErrors = User::validatePassword($password, $password2); $usernameErrors = User::validateUsername($username); $errors = null; if (!empty($passwordErrors) && !empty($usernameErrors)) { $errors = array_merge($usernameErrors, $passwordErrors); } elseif (!empty($usernameErrors)) { $errors = $usernameErrors; } elseif (!empty($passwordErrors)) { $errors = $passwordErrors; } // No errors. Create the user if (empty($errors)) { $hashed_password = password_hash($password, PASSWORD_DEFAULT); $user = new User(); $user->username = $username; $user->password = $hashed_password; $user->save(); Session::setMessage("You have successfully registered");
<?php // dołączenie kodu współużytkowanego include '../lib/common.php'; include '../lib/db.php'; include '../lib/functions.php'; include '../lib/User.php'; // rozpoczęcie lub dołączenie do sesji session_start(); header('Cache-control: private'); // logowanie, jeśli ustawiono zmienną login if (isset($_GET['login'])) { if (isset($_POST['username']) && isset($_POST['password'])) { // odczytanie rekordu użytkownika $user = User::validateUsername($_POST['username']) ? User::getByUsername($_POST['username']) : new User(); if ($user->userId && $user->password == sha1($_POST['password'])) { // zapisanie wartości w sesji, aby móc śledzić użytkownika // i przekierować go do strony głównej $_SESSION['access'] = TRUE; $_SESSION['userId'] = $user->userId; $_SESSION['username'] = $user->username; header('Location: main.php'); } else { // nieprawidłowy użytkownik i (lub) hasło $_SESSION['access'] = FALSE; $_SESSION['username'] = null; header('Location: 401.php'); } } else { $_SESSION['access'] = FALSE; $_SESSION['username'] = null;
public static function register() { //If form hasn't been posted, return form... if (!isset($_POST['username'])) { return User::processRegisterForm(); } //Check if form was filled out completely... if ($_POST['username'] == '') { return User::processRegisterForm(User::config('register_no_username_error'), NULL, $_POST['email']); } if ($_POST['email'] == '') { return User::processRegisterForm(User::config('register_no_email_error'), $_POST['username']); } if ($_POST['password'] == '') { return User::processRegisterForm(User::config('register_no_password_error'), $_POST['username'], $_POST['email']); } if ($_POST['passwordConfirm'] == '') { return User::processRegisterForm(User::config('register_no_confirm_password_error'), $_POST['username'], $_POST['email']); } //Check if entered details are valid... if (!User::validateUsername($_POST['username'])) { return User::processRegisterForm(User::config('register_invalid_username_error'), NULL, $_POST['email']); } if (!User::validateEmail($_POST['email'])) { return User::processRegisterForm(User::config('register_invalid_email_error'), $_POST['username']); } if (!User::validatePassword($_POST['password'])) { return User::processRegisterForm(User::config('register_invalid_password_error'), $_POST['username'], $_POST['email']); } //Check if username & email are available... if (!User::availableUsername($_POST['username'])) { return User::processRegisterForm(User::config('register_unavailable_username_error'), NULL, $_POST['email']); } if (!User::availableEmail($_POST['email'])) { return User::processRegisterForm(User::config('register_unavailable_email_error'), $_POST['username']); } //Ensure passwords match... if ($_POST['password'] != $_POST['passwordConfirm']) { return User::processRegisterForm(User::config('register_password_mismatch_error'), $_POST['username'], $_POST['email']); } //Add user to the usersPending table.. User::addPending($_POST['username'], $_POST['password'], $_POST['email']); //Process any onRegister callbacks, passing them, at present, nothing... User::processEventHandlers('onRegister'); return User::config('register_success_template'); }
public function actionOrder() { $platform = array(); $errors = array(); $userName = ''; $userEmail = ''; $userPhone = ''; $userComment = ''; $platform = Platform::getPlatformList(); $result = false; if (isset($_POST['submit'])) { $userName = $_POST['name']; $userEmail = $_POST['email']; $userPhone = $_POST['phone']; $userComment = $_POST['message']; $errors = false; if (!User::validateUsername($userName)) { $errors[] = "Неверное имя"; } if (!User::validateEmail($userEmail)) { $errors[] = "Неверный Email"; } if (!User::validatePhone($userPhone)) { $errors[] = "Неккоректный телефон"; } if ($errors == false) { $productsBasket = Basket::getProducts(); if (User::isGuest()) { $userId = false; } else { $userId = User::validateLogged(); } $result = Order::save($userName, $userEmail, $userPhone, $userComment, $userId, $productsBasket); if ($result) { $adminEmail = "*****@*****.**"; $subject = "Новый заказ"; mail($adminEmail, $subject, $userComment); Basket::clear(); } } else { $productsInBasket = Basket::getProducts(); $productId = array_keys($productsInBasket); $products = Products::getProductsByIdInBasket($productId); $totalPrice = Basket::getTotalPrice($products); $total = array_sum($totalPrice); $totalQuantity = Basket::countItem(); } } else { $productsInbasket = Basket::getProducts(); if ($productsInbasket == false) { header("Loaction: /"); } else { $productId = array_keys($productsInbasket); $products = Products::getProductsByIdInBasket($productId); $totalPrice = Basket::getTotalPrice($products); $totalQuantity = Basket::countItem(); $userName = false; $userEmail = false; $userPhone = false; $userComment = false; if (User::isGuest()) { } else { $userId = User::validateLogged(); $user = User::getUserById($userId); $userName = $user['name']; $userEmail = $user['email']; } } } require_once ROOT . "/views/basket/order.php"; return true; }
</table> </form> <?php $form = ob_get_clean(); // show the form if this is the first time the page is viewed if (!isset($_POST['submitted'])) { $GLOBALS['TEMPLATE']['content'] = $form; } else { // validate password $password1 = isset($_POST['password1']) ? $_POST['password1'] : ''; $password2 = isset($_POST['password2']) ? $_POST['password2'] : ''; $password = $password1 && $password1 == $password2 ? sha1($password1) : ''; // validate CAPTCHA $captcha = isset($_POST['captcha']) && strtoupper($_POST['captcha']) == $_SESSION['captcha']; // add the record if all input validates if ($password && $captcha && User::validateUsername($_POST['username']) && User::validateEmailAddr($_POST['email'])) { // make sure the user doesn't already exist $user = User::getByUsername($_POST['username']); if ($user->userId) { $GLOBALS['TEMPLATE']['content'] = '<p><strong>Sorry, that ' . 'account already exists.</strong></p> <p>Please try a ' . 'different username.</p>'; $GLOBALS['TEMPLATE']['content'] .= $form; } else { // create an inactive user record $u = new User(); $u->username = $_POST['username']; $u->password = $password; $u->emailAddr = $_POST['email']; $token = $u->setInactive(); $GLOBALS['TEMPLATE']['content'] = '<p><strong>Thank you for ' . 'registering.</strong></p> <p>Be sure to verify your ' . 'account by visiting <a href="verify.php?uid=' . $u->userId . '&token=' . $token . '">verify.php?uid=' . $u->userId . '&token=' . $token . '</a></p>'; } } else {
} // email if ($_POST['email'] != $email) { if (!User::validEmail($_POST['email'])) { $valerr['email'] = 'Please enter a valid email address.'; } else { $changesArray['email'] = $_POST['email']; $email = $_POST['email']; } } if (User::$role == 2) { // if is an administrator... // can edit more stuff! // username if ($_POST['username'] != $uname && $_POST['username'] != '') { $valerra = User::validateUsername($uname); if ($valerra == true) { $changesArray['username'] = $_POST['username']; $uname = $_POST['username']; } else { $valerr['username'] = $valerra; } } // user role if ($_POST['role'] != $urole && is_numeric($_POST['role']) && $_POST['role'] >= 0 && $_POST['role'] <= 2) { $changesArray['role'] = $_POST['role']; $urole = $_POST['role']; } // user status if ($_POST['status'] != $status && is_numeric($_POST['status']) && $_POST['status'] >= 0 && $_POST['status'] <= 2) { $changesArray['status'] = $_POST['status'];