//$id = $_POST['uid'];
$user = $_POST['sso'];
$posted_token = $user['token'];
$secret = CODOF\Util::get_opt('sso_secret');
if (!empty($user)) {
unset($user['token']);
$sso_token = md5(urlencode(json_encode($user)) . $secret . $_POST['timestamp']);
}
$username = $user['name'];
$mail = $user['mail'];
if ($sso_token != $posted_token) {
echo 'error';
exit;
}
$db = DB::getPDO();
if (!CODOF\User\User::mailExists($mail)) {
//this user does not have an account in codoforum
$reg = new \CODOF\User\Register($db);
if (\CODOF\User\User::usernameExists($username)) {
$username .= time();
}
$reg->username = $username;
$reg->name = $username;
$reg->mail = $mail;
$reg->user_status = 1;
$ret = $reg->register_user();
$reg->login();
if (!empty($ret)) {
echo "error";
}
} else {
$res['avatar'] = str_replace("admin/", "", $res['avatar']);
$sroles = get_roles();
$smarty->assign('prole_selected', $u->rid);
$smarty->assign('role_options', $sroles);
$role = $u->rids;
$smarty->assign('role_selected', $role);
$smarty->assign('user', $res);
$content = $smarty->fetch('user_edit.tpl');
} else {
//NEW
if (isset($_POST['a_username']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) {
if (CODOF\Util::is_field_present($_POST['a_username'], 'username') === TRUE) {
} else {
if (CODOF\Util::is_field_present($_POST['a_email'], 'mail') === TRUE) {
} else {
if (CODOF\User\User::usernameExists($_POST['a_username']) || CODOF\User\User::mailExists($_POST['a_email'])) {
$msg = 'username or email already exists!';
} else {
$reg = new CODOF\User\Register($db);
$reg->username = $_POST['a_username'];
$reg->name = $_POST['a_username'];
$reg->mail = $_POST['a_email'];
$reg->password = $_POST['a_password'];
$reg->user_status = 1;
$errors = $reg->register_user();
$msg = implode('<br>', $errors);
}
//$msg = $errors[0];
$err = 1;
$smarty->assign("msg", $msg);
}
