$profile = get_user_profile($uid); $backurl = $_SERVER['PHP_SELF']; break; case "validate": include "inc/email_validator.php"; // validate fields $errorString = ""; if ($_POST['token'] != $_SESSION['token']) { $errorString[] = "Invalid token! (what are you doing??)<br />"; } $token_age = time() - $_SESSION['token_time']; // force to resubmit after 5 minutes if ($token_age > 300) { $errorString[] = "Timout value exceeded, resubmit<br />"; } if ($_POST['realname'] != $user->data['real_name'] && !is_valid_real_name($_POST['realname']) && $_POST['realname'] != "") { $errorString[] = "Invalid name"; } if (!is_curr_password($_POST['curpassword'], $user)) { $errorString[] = "Current password not correct"; } if (!is_valid_password($_POST['passwordx'], $_POST['password2']) && ($_POST['passwordx'] != "" || $_POST['password2'] != "")) { $errorString[] = "Passwords do not match or are not of required length"; } if ($_POST['email'] != $user->data['email'] && !is_rfc3696_valid_email_address($_POST['email']) && $_POST['email'] != "") { $errorString[] = "Invalid email address"; } if ($_POST['email'] != $user->data['email'] && email_exists($_POST['email'], true)) { $errorString[] = "Email address already in use"; } if ($_POST['name_format'] != $user->data['name_format']) {
$uid = false; // first check email for existing user if (!is_rfc3696_valid_email_address($_POST["invite-email-{$i}"]) && !empty($_POST["invite-email-{$i}"])) { $errorString[] = "Not a valid email address for number {$i}<br />"; } if (email_exists($_POST["invite-email-{$i}"]) && !empty($_POST["invite-email-{$i}"])) { // $errorString .= "<b>Error:</b> Email address already in use for number $i<br />"; // user is already registered, take that user_id by storing it in temp array $uid = get_userid_by_email($_POST["invite-email-{$i}"]); $existing_users[$uid] = $_POST["invite-email-{$i}"]; } // ignore empty field sets if (empty($_POST["invite-name-{$i}"]) && !empty($_POST["invite-email-{$i}"]) && !$uid) { $errorString[] = "Name is mandatory, but only email given for number {$i}<br />"; } elseif (!empty($_POST["invite-name-{$i}"])) { if (!is_valid_real_name($_POST["invite-name-{$i}"])) { $errorString[] = "Invalid name for number {$i}<br />"; } elseif (realname_exists($_POST["invite-name-{$i}"])) { $errorString[] = "Name exists for number {$i} (try adding by email)<br />"; } } } if (!empty($errorString)) { $add_form = true; } else { // no errors add members $resultString = ""; for ($i = 1; $i < $membersize + 1; $i++) { if (!empty($_POST["invite-name-{$i}"]) && !in_array($_POST["invite-email-{$i}"], $existing_users)) { $newuserid = add_member($_POST["invite-name-{$i}"], $_POST["invite-email-{$i}"], $groupdetails['group_id']); if ($newuserid != false) {
$errorString = ""; if ($_POST['token'] != $_SESSION['token']) { $errorString[] = "Invalid token! (what are you doing??)<br />"; } $token_age = time() - $_SESSION['token_time']; // force to resubmit after 5 minutes if ($token_age > 300) { $errorString[] = "Timout value exceeded, resubmit<br />"; } if (!is_valid_real_name($_POST['name'])) { $errorString[] = "Invalid groupname"; } elseif (group_exists($_POST['name'])) { $errorString[] = "Groupname already in use <br />"; //$showgrouplist = false; // do not show group list when dealing with add errors } if (!is_valid_real_name($_POST['description'])) { $errorString[] = "Invalid description"; } if (!empty($errorString)) { $showgroupaddform = true; } else { // group does not exist, create group $addgroupresult = ""; if (!add_group($_POST['name'], $_POST['description'], $user->data['user_id'])) { $errorString[] = "Could not add group to database"; $showgroupaddform = true; } else { $addgroupresult[] = "Group " . $_POST['name'] . " has been created"; } } }
case "add": //$user = new uFlex(); $showaddform = true; break; case "validate": $timestamp = mktime($_POST['start_hour'], $_POST['start_minute'], 0, $_POST['start_month'], $_POST['start_day'], $_POST['start_year']); $errorString = ""; if ($_POST['token'] != $_SESSION['token']) { $errorString[] = "Invalid token! (what are you doing??)<br />"; } $token_age = time() - $_SESSION['token_time']; // force to resubmit after 5 minutes if ($token_age > 300) { $errorString[] = "Timout value exceeded, resubmit<br />"; } if (!is_valid_real_name($_POST['description']) && $_POST['event_id'] == 0) { $errorString[] = "Invalid description <br />"; } if (!is_valid_amount($_POST['amount'])) { $errorString[] = "Invalid amount <br />"; } if (!is_valid_bookdate($timestamp)) { $errorString[] = "Invalid bookdate (more than 3 months ago)<br />"; // month limit is set in function is_valid_bookdate } if (!array_key_exists($_POST['type_id'], $expense_types)) { $errorString[] = "Invalid expense type! (what are you doing??) <br />"; } for ($i = 0; $i < $members_size; $i++) { $member_ids[] = $members[$i]['user_id']; }
$errorString[] = "Password could not be reset :-("; $sendpasserror = true; } } else { $errorString[] = "Email address not found"; $showlostpassform = true; } break; case "processregister": include "inc/email_validator.php"; // validate fields $errorString = ""; if (!is_valid_name($_POST['username'])) { $errorString[] = "Invalid username"; } if (!is_valid_real_name($_POST['realname'])) { $errorString[] = "Invalid name"; } elseif (username_exists($_POST['username'])) { $errorString[] = "Username already in use"; } /* elseif (realname_exists($_POST['realname'])) { $errorString[] = "Name already in use"; } */ if (!is_valid_password($_POST['password'], $_POST['password2'])) { $errorString[] = "Passwords do not match or are not of required length"; } if (!is_rfc3696_valid_email_address($_POST['email'])) { $errorString[] = "Invalid email address"; } if (email_exists($_POST['email'], true)) { $errorString[] = "Email address already in use";