Beispiel #1
0
 }
 if (!is_valid_password($_POST['passwordx'], $_POST['password2']) && ($_POST['passwordx'] != "" || $_POST['password2'] != "")) {
     $errorString[] = "Passwords do not match or are not of required length";
 }
 if ($_POST['email'] != $user->data['email'] && !is_rfc3696_valid_email_address($_POST['email']) && $_POST['email'] != "") {
     $errorString[] = "Invalid email address";
 }
 if ($_POST['email'] != $user->data['email'] && email_exists($_POST['email'], true)) {
     $errorString[] = "Email address already in use";
 }
 if ($_POST['name_format'] != $user->data['name_format']) {
     if ($_POST['name_format'] > 4 || $_POST['name_format'] < 1) {
         $errorString[] = "Invalid name format! (what are you doing?)";
     }
 }
 if (!is_valid_amount($_POST['amount']) && strtolower($_POST['amount']) != "always" && $_POST['amount'] != "" && $_POST['amount'] != "0" && $_POST['email_notify']) {
     $errorString[] = "Invalid notify amount";
 }
 if (!empty($errorString)) {
     $editprofile = true;
 } else {
     if ($_POST['realname'] != $user->data['real_name'] && $_POST['realname'] != "") {
         $update['realname'] = $_POST['realname'];
     }
     if ($_POST['email'] != $user->data['email'] && $_POST['email'] != "") {
         $update['email'] = $_POST['email'];
     }
     if ($_POST['passwordx'] != "") {
         $update['password'] = $_POST['passwordx'];
     }
     if ($_POST['name_format'] != $user->data['name_format']) {
Beispiel #2
0
     break;
 case "validate":
     $timestamp = mktime($_POST['start_hour'], $_POST['start_minute'], 0, $_POST['start_month'], $_POST['start_day'], $_POST['start_year']);
     $errorString = "";
     if ($_POST['token'] != $_SESSION['token']) {
         $errorString[] = "Invalid token! (what are you doing??)<br />";
     }
     $token_age = time() - $_SESSION['token_time'];
     // force to resubmit after 5 minutes
     if ($token_age > 300) {
         $errorString[] = "Timout value exceeded, resubmit<br />";
     }
     if (!is_valid_real_name($_POST['description']) && $_POST['event_id'] == 0) {
         $errorString[] = "Invalid description <br />";
     }
     if (!is_valid_amount($_POST['amount'])) {
         $errorString[] = "Invalid amount <br />";
     }
     if (!is_valid_bookdate($timestamp)) {
         $errorString[] = "Invalid bookdate (more than 3 months ago)<br />";
         // month limit is set in function is_valid_bookdate
     }
     if (!array_key_exists($_POST['type_id'], $expense_types)) {
         $errorString[] = "Invalid expense type! (what are you doing??) <br />";
     }
     for ($i = 0; $i < $members_size; $i++) {
         $member_ids[] = $members[$i]['user_id'];
     }
     $post_members_size = count($_POST['members']);
     for ($i = 0; $i < $post_members_size; $i++) {
         if (!in_array($_POST['members'][$i], $member_ids)) {