Beispiel #1
0
 /**
  * create() - Create a new user.
  *
  * @param	string	The unix username.
  * @param	string	The real firstname.
  * @param	string	The real lastname.
  * @param	string	The first password.
  * @param	string	The confirmation password.
  * @param	string	The users email address.
  * @param	string	The users preferred default language.
  * @param	string	The users preferred default timezone.
  * @param	string	The users preference for receiving site updates by email.
  * @param	string	The users preference for receiving community updates by email.
  * @param	int		The ID of the language preference.
  * @param	string	The users preferred timezone.
  * @param	string	The users Jabber address.
  * @param	int		The users Jabber preference.
  * @param	int		The users theme_id.
  * @param	string	The users unix_box.
  * @param	string	The users address.
  * @param	string	The users address part 2.
  * @param	string	The users phone.
  * @param	string	The users fax.
  * @param	string	The users title.
  * @param	char(2)	The users ISO country_code.
  * @param	bool	Whether to send an email or not
  * @returns The newly created user ID
  *
  */
 function create($unix_name, $firstname, $lastname, $password1, $password2, $email, $mail_site, $mail_va, $language_id, $timezone, $jabber_address, $jabber_only, $theme_id, $unix_box = 'shell', $address = '', $address2 = '', $phone = '', $fax = '', $title = '', $ccode = 'US', $send_mail = true)
 {
     if (!$theme_id) {
         $this->setError(_('You must supply a theme'));
         return false;
     }
     if (!$unix_name) {
         $this->setError(_('You must supply a username'));
         return false;
     }
     if (!$firstname) {
         $this->setError(_('You must supply a first name'));
         return false;
     }
     if (!$lastname) {
         $this->setError(_('You must supply a last name'));
         return false;
     }
     if (!$password1) {
         $this->setError(_('You must supply a password'));
         return false;
     }
     if ($password1 != $password2) {
         $this->setError(_('Passwords do not match'));
         return false;
     }
     if (!account_pwvalid($password1)) {
         $this->setError(_('Invalid Password:'******'Invalid Unix Name.'));
         return false;
     }
     if (!validate_email($email)) {
         $this->setError(_('Invalid Email Address'));
         return false;
     }
     if ($jabber_address && !validate_email($jabber_address)) {
         $this->setError(_('Invalid Jabber Address'));
         return false;
     }
     if (!$jabber_only) {
         $jabber_only = 0;
     } else {
         $jabber_only = 1;
     }
     if (db_numrows(db_query("SELECT user_id FROM users WHERE user_name LIKE '{$unix_name}'")) > 0) {
         $this->setError(_('That username already exists.'));
         return false;
     }
     if ($GLOBALS['sys_require_unique_email']) {
         if (db_numrows(db_query("SELECT user_id FROM users WHERE email='{$email}'")) > 0) {
             $this->setError(_('User with this email already exists - use people search to recover your login.'));
             return false;
         }
     }
     // if we got this far, it must be good
     $confirm_hash = substr(md5($password1 . rand() . microtime()), 0, 16);
     db_begin();
     $sql = "INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,\n\t\t\tstatus,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,\n\t\t\tunix_box,address,address2,phone,fax,title,ccode,theme_id) \n\t\t\tVALUES ('{$unix_name}',\n\t\t\t'" . md5($password1) . "',\n\t\t\t'" . account_genunixpw($password1) . "',\n\t\t\t'" . htmlspecialchars($firstname . ' ' . $lastname) . "',\n\t\t\t'" . htmlspecialchars($firstname) . "',\n\t\t\t'" . htmlspecialchars($lastname) . "',\n\t\t\t'{$email}',\n\t\t\t'" . time() . "',\n\t\t\t'P',\n\t\t\t'{$confirm_hash}',\n\t\t\t'" . ($mail_site ? "1" : "0") . "',\n\t\t\t'" . ($mail_va ? "1" : "0") . "',\n\t\t\t'{$language_id}',\n\t\t\t'{$timezone}',\n\t\t\t'{$jabber_address}',\n\t\t\t'{$jabber_only}',\n\t\t\t'{$unix_box}',\n\t\t\t'" . htmlspecialchars($address) . "',\n\t\t\t'" . htmlspecialchars($address2) . "',\n\t\t\t'" . htmlspecialchars($phone) . "',\n\t\t\t'" . htmlspecialchars($fax) . "',\n\t\t\t'" . htmlspecialchars($title) . "',\n\t\t\t'{$ccode}',\n\t\t\t'{$theme_id}')";
     $result = db_query($sql);
     if (!$result) {
         $this->setError(_('Insert Failed') . db_error() . $sql);
         db_rollback();
         return false;
     } else {
         $id = db_insertid($result, 'users', 'user_id');
         if (!$id) {
             $this->setError('Could Not Get USERID: ' . db_error());
             db_rollback();
             return false;
         }
         // send mail
         if (!$this->fetchData($id)) {
             db_rollback();
             return false;
         }
         $hook_params = array();
         $hook_params['user'] = $this;
         $hook_params['user_id'] = $this->getID();
         $hook_params['user_name'] = $unix_name;
         $hook_params['user_password'] = $password1;
         plugin_hook("user_create", $hook_params);
         if ($send_mail) {
             setup_gettext_from_lang_id($language_id);
             $this->sendRegistrationEmail();
             setup_gettext_from_browser();
         }
         db_commit();
         return $id;
     }
 }
Beispiel #2
0
        $mail->AddBCC($tbl_admins['email']);
    }
    $copyAdmins = "Yes";
}
// initial message
$message = $lang[REG_NEW];
if ($_POST['registerSubmit']) {
    global $feedback, $hidden_hash_var, $db_link;
    $username = $_POST['username'];
    $password1 = $_POST['password1'];
    $password2 = $_POST['password2'];
    $email = $_POST['email'];
    //all vars present and passwords match?
    if ($username && $password1 && $password1 == $password2 && $email && validate_email($email)) {
        //password and name are valid?
        if (account_namevalid($username) && account_pwvalid($password1)) {
            $username = strtolower($username);
            //does the name exist in the database?
            $sql = "SELECT * FROM " . TABLE_USERS . " WHERE username='******'";
            $result = mysql_query($sql, $db_link);
            if ($result && mysql_numrows($result) > 0) {
                $feedback .= "ERR_USERNAME_RESERVED";
            } else {
                //create a new hash to insert into the db and the confirmation email
                $hash = md5($email . $hidden_hash_var);
                $sql = "INSERT INTO " . TABLE_USERS . " (username, usertype, password, email, confirm_hash, is_confirmed) " . "VALUES ('{$username}','user','" . md5($password1) . "','{$email}', '{$hash}','0')";
                $result = mysql_query($sql, $db_link);
                if (!$result) {
                    $feedback .= ' MySQL ERROR - ' . mysql_error();
                } else {
                    //send the confirm email
Beispiel #3
0
function account_groupnamevalid($name)
{
    if (!account_namevalid($name)) {
        return 0;
    }
    // illegal names
    if (eregi("^((www[0-9]?)|(cvs[0-9]?)|(shell[0-9]?)|(ftp[0-9]?)|(irc[0-9]?)|(news[0-9]?)" . "|(mail[0-9]?)|(ns[0-9]?)|(download[0-9]?)|(pub)|(users)|(compile)|(lists)" . "|(slayer)|(orbital)|(tokyojoe)|(webdev)|(projects)|(cvs)|(slayer)|(monitor)|(backup)|(mirrors?))\$", $name)) {
        $GLOBALS['register_error'] = "Name is reserved for DNS purposes.";
        return 0;
    }
    if (eregi("_", $name)) {
        $GLOBALS['register_error'] = "Group name cannot contain underscore for DNS reasons.";
        return 0;
    }
    return 1;
}
//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
// $Id: editaliases-new.php,v 1.2 2003/11/13 11:29:26 helix Exp $
require "pre.php";
require "account.php";
require $DOCUMENT_ROOT . '/project/admin/project_admin_utils.php';
session_require(array('group' => $group_id, 'admin_flags' => 'A'));
if ($GLOBALS[Submit]) {
    /*
    	PROBLEM - no feedbacks or checks for success/failure
    */
    if (account_namevalid(strtolower($form_username))) {
        $res_domain = db_query("SELECT http_domain FROM groups WHERE group_id={$group_id}");
        $row_domain = db_fetch_array($res_domain);
        $res = db_query("INSERT INTO mailaliases (group_id,domain,user_name,email_forward) VALUES " . "({$group_id},'{$row_domain['http_domain']}','" . strtolower($form_username) . "','{$form_email}')");
        if (!$res) {
            exit_error('Error in Query', 'This database query had an unknown failure. Please email
admin@' . $GLOBALS['sys_default_domain'] . ' with details of the problem.');
        }
        session_redirect("/project/admin/editaliases.php?group_id={$group_id}");
    }
}
project_admin_header(array('title' => 'Add Mail Alias', 'group' => $group_id));
?>
<P>Add email alias/forward for project: <B><?php 
html_a_group($group_id);
?>
Beispiel #5
0
function user_register($user_name, $password1, $password2, $email, $real_name)
{
    global $feedback, $hidden_hash_var;
    //all vars present and passwords match?
    if ($user_name && $password1 && $password1 == $password2 && $email && validate_email($email)) {
        //password and name are valid?
        if (account_namevalid($user_name) && account_pwvalid($password1)) {
            $user_name = strtolower($user_name);
            $password1 = strtolower($password1);
            //does the name exist in the database?
            $sql = "SELECT * FROM user WHERE user_name='{$user_name}'";
            $result = db_query($sql);
            if ($result && db_numrows($result) > 0) {
                $feedback .= ' ERROR - USER NAME EXISTS ';
                return false;
            } else {
                //create a new hash to insert into the db and the confirmation email
                $hash = md5($email . $hidden_hash_var);
                $sql = "INSERT INTO user (user_name,real_name,password,email,remote_addr,confirm_hash,is_confirmed) " . "VALUES ('{$user_name}','{$real_name}','" . md5($password1) . "','{$email}','{$GLOBALS['REMOTE_ADDR']}','{$hash}','0')";
                $result = db_query($sql);
                if (!$result) {
                    $feedback .= ' ERROR - ' . db_error();
                    return false;
                } else {
                    //send the confirm email
                    user_send_confirm_email($email, $hash);
                    $feedback .= ' Successfully Registered. You Should Have a Confirmation Email Waiting ';
                    return true;
                }
            }
        } else {
            $feedback .= ' Account Name or Password Invalid ';
            return false;
        }
    } else {
        $feedback .= ' ERROR - Must Fill In User Name, Matching Passwords, And Provide Valid Email Address ';
        return false;
    }
}