public static function registerUser()
{
$newUser = new User();
$username = $_POST['username'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
$boo = FALSE;
$errors = User::validateUsername($username);
if (count($errors) > 0) {
View::make('/user/register.html', array('message' => $errors[0]));
}
$errors = User::validatePassword($password);
if (count($errors) > 0) {
View::make('/user/register.html', array('username' => $username, 'message' => $errors[0]));
}
$newUser->setUsername($username);
$newUser->setPassword($password);
$newUser->setAdmin($boo);
if ($password == $password2) {
$newUser->saveUser();
$_SESSION['user'] = $newUser->user_id;
} else {
Redirect::to('/register', array('username' => $username, 'message' => 'Passwords do not match.'));
}
Redirect::to('/', array('message' => 'User has been registered.'));
}
public function actionView($productId)
{
$categories = array();
$categories = Platform::getPlatformList();
$product = Products::getProductById($productId);
$productId = $product['id'];
$platform = Platform::getPlatformById($product['platform_id']);
$comments = Comment::getCommentsByProductId($productId);
//COMMENTS
if (isset($_POST['submit'])) {
$userComment = $_POST['message'];
$errors = false;
if (!Comment::validateMessage($userComment)) {
$errors[] = "Введите собщение";
}
if (User::isGuest()) {
$userName = $_POST['name'];
$userEmail = $_POST['email'];
if (!User::validateUsername($userName)) {
$errors[] = "Неверное имя";
}
if (!User::validateEmail($userEmail)) {
$errors[] = "Неверный Email";
}
$userId = false;
} else {
$userId = User::validateLogged();
$user = User::getUserById($userId);
$userName = $user['name'];
}
Comment::addComment($userComment, $userId, $userName, $productId);
}
require_once ROOT . '/views/product/view.php';
return true;
}
public function actionRegister()
{
$result = false;
$username = '';
$password = '';
$email = '';
$confirm_password = '';
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$confirm_password = $_POST['confirm-password'];
$errors = false;
if (!User::validateUsername($username)) {
$errors[] = "Имя должно быть больше 5 символов и не должно содержать пробелы";
}
if (!User::validateEmail($email)) {
$errors[] = "Неккоректный email";
}
if (User::validateEmailExist($email)) {
$errors[] = "Такой email уже существует";
}
if (!User::validatePassword($password)) {
$errors[] = "Пароль должен быть больше 3 символов";
}
if (!User::comparPassword($password, $confirm_password)) {
$errors[] = "Пароли не совпадают";
}
if ($errors == false) {
$result = User::register($username, $email, $password);
}
}
require_once ROOT . '/views/user/register.php';
return true;
}
public function actionEdit()
{
$userId = User::validateLogged();
$user = User::getUserById($userId);
$result = false;
$username = $user['name'];
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$confirm_password = $_POST['confirm-password'];
$errors = false;
if (!User::validateUsername($username)) {
$errors[] = "Имя должно быть больше 5 символов";
}
if ($errors == false) {
$result = User::edit($userId, $username, $password);
}
}
require_once ROOT . '/views/cabinet/edit.php';
return true;
}
}
try {
if ($filtered['register-submit']) {
$t->username = $username = $filtered['register-username'];
$t->email = $email = $filtered['register-email' ];
$t->emailv = $emailv = $filtered['register-emailv' ];
$t->nation = $nation = max(0, min($filtered['register-nation'], 4));
$t->rules = $rules = $filtered['register-rules' ];
$t->referrerId = $filtered['register-referrer'];
$captcha = $filtered['register-captcha' ];
$uLength = strlen($username);
if (!User::validateUsername($username)) {
throw new Exception('Invalid Username');
}
if ($email != $emailv) {
throw new Exception('The Email addresses do not match');
}
if (!$email or !verifyEmail($email)) {
throw new Exception('Invalid Email address');
}
if (stripos($email, "ww2game.net") !== false) {
throw new Exception('Invalid Email address');
}
/**
* Verifies the account data present in the session
* @param boolean $silent If true, no messages are created.
* Defaults to false
* @return boolean True if the account data is complete
* and valid, false otherwise
*/
static function verify_account($silent = false)
{
global $_ARRAYLANG;
//\DBG::log("Verify account");
$status = true;
//\DBG::log("POST: ". var_export($_POST, true));
if (isset($_POST) && !self::verifySessionAddress()) {
if ($silent) {
return false;
}
$status = \Message::error($_ARRAYLANG['TXT_FILL_OUT_ALL_REQUIRED_FIELDS']);
}
// Registered Customers are okay now
if (self::$objCustomer) {
return $status;
}
if (\Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_MANDATORY || \Cx\Core\Setting\Controller\Setting::getValue('register', 'Shop') == ShopLibrary::REGISTER_OPTIONAL && empty($_SESSION['shop']['dont_register'])) {
if (isset($_SESSION['shop']['password']) && !\User::isValidPassword($_SESSION['shop']['password'])) {
if ($silent) {
return false;
}
global $objInit;
$objInit->loadLanguageData('Access');
$status = \Message::error(\Cx\Core_Modules\Access\Controller\AccessLib::getPasswordInfo());
}
} else {
// User is not trying to register, so she doesn't need a password.
// Mind that this is necessary in order to avoid passwords filled
// in automatically by the browser, which may be wrong, or
// invalid, or both.
$_SESSION['shop']['password'] = NULL;
}
if (isset($_SESSION['shop']['email']) && !\FWValidator::isEmail($_SESSION['shop']['email'])) {
if ($silent) {
return false;
}
$status = \Message::error($_ARRAYLANG['TXT_INVALID_EMAIL_ADDRESS']);
}
if (!$status) {
return false;
}
if (isset($_SESSION['shop']['email'])) {
// Ignore "unregistered" Customers. These will silently be updated
if (Customer::getUnregisteredByEmail($_SESSION['shop']['email'])) {
return true;
}
$objUser = new \User();
$objUser->setUsername($_SESSION['shop']['email']);
$objUser->setEmail($_SESSION['shop']['email']);
\Message::save();
// This method will set an error message we don't want here
// (as soon as it uses the Message class, that is)
if (!($objUser->validateUsername() && $objUser->validateEmail())) {
//\DBG::log("Shop::verify_account(): Username or e-mail in use");
\Message::restore();
$_POST['email'] = $_SESSION['shop']['email'] = NULL;
if ($silent) {
return false;
}
return \Message::error(sprintf($_ARRAYLANG['TXT_EMAIL_USED_BY_OTHER_CUSTOMER'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'login') . '?redirect=' . base64_encode(\Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'account')))) || \Message::error(sprintf($_ARRAYLANG['TXT_SHOP_GOTO_SENDPASS'], \Cx\Core\Routing\Url::fromModuleAndCmd('Shop', 'sendpass')));
}
\Message::restore();
}
return $status;
}
"/></td>
</tr><tr>
<td> </td>
<td><input type="submit" value="Submit"/></td>
<td><input type="hidden" name="submitted" value="1"/></td>
</tr><tr>
</table>
</form>
<?php
$form = ob_get_clean();
// show the form if this is the first time the page is viewed
if (!isset($_POST['submitted'])) {
$GLOBALS['TEMPLATE']['content'] = $form;
} else {
// validate username
if (User::validateUsername($_POST['username'])) {
$user = User::getByUsername($_POST['username']);
if (!$user->userId) {
$GLOBALS['TEMPLATE']['content'] = '<p><strong>Sorry, that ' . 'account does not exist.</strong></p> <p>Please try a ' . 'different username.</p>';
$GLOBALS['TEMPLATE']['content'] .= $form;
} else {
// generate new password
$password = random_text(8);
// send the new password to the email address on record
$message = 'Your new password is: ' . $password;
mail($user->emailAddr, 'New password', $message);
$GLOBALS['TEMPLATE']['content'] = '<p><strong>A new ' . 'password has been emailed to you.</strong></p>';
// store the new password
$user->password = $password;
$user->save();
}
<?php
require_once "../includes/initialize.php";
// redirect to main page if already logged in
if ($session->is_logged_in()) {
header("Location: ../main");
exit;
}
// Process submitted form data
if (isset($_POST["submit"])) {
$username = trim($_POST["username"]);
$password = $_POST["password"];
$password2 = $_POST["password2"];
$passwordErrors = User::validatePassword($password, $password2);
$usernameErrors = User::validateUsername($username);
$errors = null;
if (!empty($passwordErrors) && !empty($usernameErrors)) {
$errors = array_merge($usernameErrors, $passwordErrors);
} elseif (!empty($usernameErrors)) {
$errors = $usernameErrors;
} elseif (!empty($passwordErrors)) {
$errors = $passwordErrors;
}
// No errors. Create the user
if (empty($errors)) {
$hashed_password = password_hash($password, PASSWORD_DEFAULT);
$user = new User();
$user->username = $username;
$user->password = $hashed_password;
$user->save();
Session::setMessage("You have successfully registered");
<?php
// dołączenie kodu współużytkowanego
include '../lib/common.php';
include '../lib/db.php';
include '../lib/functions.php';
include '../lib/User.php';
// rozpoczęcie lub dołączenie do sesji
session_start();
header('Cache-control: private');
// logowanie, jeśli ustawiono zmienną login
if (isset($_GET['login'])) {
if (isset($_POST['username']) && isset($_POST['password'])) {
// odczytanie rekordu użytkownika
$user = User::validateUsername($_POST['username']) ? User::getByUsername($_POST['username']) : new User();
if ($user->userId && $user->password == sha1($_POST['password'])) {
// zapisanie wartości w sesji, aby móc śledzić użytkownika
// i przekierować go do strony głównej
$_SESSION['access'] = TRUE;
$_SESSION['userId'] = $user->userId;
$_SESSION['username'] = $user->username;
header('Location: main.php');
} else {
// nieprawidłowy użytkownik i (lub) hasło
$_SESSION['access'] = FALSE;
$_SESSION['username'] = null;
header('Location: 401.php');
}
} else {
$_SESSION['access'] = FALSE;
$_SESSION['username'] = null;
public static function register()
{
//If form hasn't been posted, return form...
if (!isset($_POST['username'])) {
return User::processRegisterForm();
}
//Check if form was filled out completely...
if ($_POST['username'] == '') {
return User::processRegisterForm(User::config('register_no_username_error'), NULL, $_POST['email']);
}
if ($_POST['email'] == '') {
return User::processRegisterForm(User::config('register_no_email_error'), $_POST['username']);
}
if ($_POST['password'] == '') {
return User::processRegisterForm(User::config('register_no_password_error'), $_POST['username'], $_POST['email']);
}
if ($_POST['passwordConfirm'] == '') {
return User::processRegisterForm(User::config('register_no_confirm_password_error'), $_POST['username'], $_POST['email']);
}
//Check if entered details are valid...
if (!User::validateUsername($_POST['username'])) {
return User::processRegisterForm(User::config('register_invalid_username_error'), NULL, $_POST['email']);
}
if (!User::validateEmail($_POST['email'])) {
return User::processRegisterForm(User::config('register_invalid_email_error'), $_POST['username']);
}
if (!User::validatePassword($_POST['password'])) {
return User::processRegisterForm(User::config('register_invalid_password_error'), $_POST['username'], $_POST['email']);
}
//Check if username & email are available...
if (!User::availableUsername($_POST['username'])) {
return User::processRegisterForm(User::config('register_unavailable_username_error'), NULL, $_POST['email']);
}
if (!User::availableEmail($_POST['email'])) {
return User::processRegisterForm(User::config('register_unavailable_email_error'), $_POST['username']);
}
//Ensure passwords match...
if ($_POST['password'] != $_POST['passwordConfirm']) {
return User::processRegisterForm(User::config('register_password_mismatch_error'), $_POST['username'], $_POST['email']);
}
//Add user to the usersPending table..
User::addPending($_POST['username'], $_POST['password'], $_POST['email']);
//Process any onRegister callbacks, passing them, at present, nothing...
User::processEventHandlers('onRegister');
return User::config('register_success_template');
}
public function actionOrder()
{
$platform = array();
$errors = array();
$userName = '';
$userEmail = '';
$userPhone = '';
$userComment = '';
$platform = Platform::getPlatformList();
$result = false;
if (isset($_POST['submit'])) {
$userName = $_POST['name'];
$userEmail = $_POST['email'];
$userPhone = $_POST['phone'];
$userComment = $_POST['message'];
$errors = false;
if (!User::validateUsername($userName)) {
$errors[] = "Неверное имя";
}
if (!User::validateEmail($userEmail)) {
$errors[] = "Неверный Email";
}
if (!User::validatePhone($userPhone)) {
$errors[] = "Неккоректный телефон";
}
if ($errors == false) {
$productsBasket = Basket::getProducts();
if (User::isGuest()) {
$userId = false;
} else {
$userId = User::validateLogged();
}
$result = Order::save($userName, $userEmail, $userPhone, $userComment, $userId, $productsBasket);
if ($result) {
$adminEmail = "*****@*****.**";
$subject = "Новый заказ";
mail($adminEmail, $subject, $userComment);
Basket::clear();
}
} else {
$productsInBasket = Basket::getProducts();
$productId = array_keys($productsInBasket);
$products = Products::getProductsByIdInBasket($productId);
$totalPrice = Basket::getTotalPrice($products);
$total = array_sum($totalPrice);
$totalQuantity = Basket::countItem();
}
} else {
$productsInbasket = Basket::getProducts();
if ($productsInbasket == false) {
header("Loaction: /");
} else {
$productId = array_keys($productsInbasket);
$products = Products::getProductsByIdInBasket($productId);
$totalPrice = Basket::getTotalPrice($products);
$totalQuantity = Basket::countItem();
$userName = false;
$userEmail = false;
$userPhone = false;
$userComment = false;
if (User::isGuest()) {
} else {
$userId = User::validateLogged();
$user = User::getUserById($userId);
$userName = $user['name'];
$userEmail = $user['email'];
}
}
}
require_once ROOT . "/views/basket/order.php";
return true;
}
</table>
</form>
<?php
$form = ob_get_clean();
// show the form if this is the first time the page is viewed
if (!isset($_POST['submitted'])) {
$GLOBALS['TEMPLATE']['content'] = $form;
} else {
// validate password
$password1 = isset($_POST['password1']) ? $_POST['password1'] : '';
$password2 = isset($_POST['password2']) ? $_POST['password2'] : '';
$password = $password1 && $password1 == $password2 ? sha1($password1) : '';
// validate CAPTCHA
$captcha = isset($_POST['captcha']) && strtoupper($_POST['captcha']) == $_SESSION['captcha'];
// add the record if all input validates
if ($password && $captcha && User::validateUsername($_POST['username']) && User::validateEmailAddr($_POST['email'])) {
// make sure the user doesn't already exist
$user = User::getByUsername($_POST['username']);
if ($user->userId) {
$GLOBALS['TEMPLATE']['content'] = '<p><strong>Sorry, that ' . 'account already exists.</strong></p> <p>Please try a ' . 'different username.</p>';
$GLOBALS['TEMPLATE']['content'] .= $form;
} else {
// create an inactive user record
$u = new User();
$u->username = $_POST['username'];
$u->password = $password;
$u->emailAddr = $_POST['email'];
$token = $u->setInactive();
$GLOBALS['TEMPLATE']['content'] = '<p><strong>Thank you for ' . 'registering.</strong></p> <p>Be sure to verify your ' . 'account by visiting <a href="verify.php?uid=' . $u->userId . '&token=' . $token . '">verify.php?uid=' . $u->userId . '&token=' . $token . '</a></p>';
}
} else {
}
// email
if ($_POST['email'] != $email) {
if (!User::validEmail($_POST['email'])) {
$valerr['email'] = 'Please enter a valid email address.';
} else {
$changesArray['email'] = $_POST['email'];
$email = $_POST['email'];
}
}
if (User::$role == 2) {
// if is an administrator...
// can edit more stuff!
// username
if ($_POST['username'] != $uname && $_POST['username'] != '') {
$valerra = User::validateUsername($uname);
if ($valerra == true) {
$changesArray['username'] = $_POST['username'];
$uname = $_POST['username'];
} else {
$valerr['username'] = $valerra;
}
}
// user role
if ($_POST['role'] != $urole && is_numeric($_POST['role']) && $_POST['role'] >= 0 && $_POST['role'] <= 2) {
$changesArray['role'] = $_POST['role'];
$urole = $_POST['role'];
}
// user status
if ($_POST['status'] != $status && is_numeric($_POST['status']) && $_POST['status'] >= 0 && $_POST['status'] <= 2) {
$changesArray['status'] = $_POST['status'];
