/** * Processing registration * * This is a POST callback function * * Sets following errors in POST-vars: * username - general username fault * uinuse - username already in use * email - general email fault, email format error * einuse - email in use * pw - general password fault * pwmismatch - password mismatch * inserror - error performing db insertion * * @param void */ public function registerProcess() { $c = PFunctions::hex2base64(sha1(__METHOD__)); if (PPostHandler::isHandling()) { $vars =& PPostHandler::getVars(); $errors = array(); // check username if (!isset($vars['u']) || !preg_match(User::HANDLE_PREGEXP, $vars['u']) || strpos($vars['u'], 'xn--') !== false) { $errors[] = 'username'; } elseif ($this->handleInUse($vars['u'])) { $errors[] = 'uinuse'; } // email if (!isset($vars['e']) || !PFunctions::isEmailAddress($vars['e'])) { $errors[] = 'email'; } elseif ($this->emailInUse($vars['e'])) { $errors[] = 'einuse'; } // password if (!isset($vars['p']) || !isset($vars['pc']) || !$vars['p'] || !$vars['pc'] || strlen($vars['p']) < 8) { $errors[] = 'pw'; } elseif ($vars['p'] != $vars['pc']) { $errors[] = 'pwmismatch'; } else { if (substr_count($vars['p'], '*') != strlen($vars['p'])) { // set encoded pw $vars['pwenc'] = MOD_user::passwordEncrypt($vars['p']); $shadow = str_repeat('*', strlen($vars['p'])); $vars['p'] = $shadow; $vars['pc'] = $shadow; } } if (count($errors) > 0) { $vars['errors'] = $errors; return false; } $Auth = new MOD_user_Auth(); $authId = $Auth->checkAuth('defaultUser'); $query = ' INSERT INTO `user` (`id`, `auth_id`, `handle`, `email`, `pw`, `active`) VALUES ( ' . $this->dao->nextId('user') . ', ' . (int) $authId . ', \'' . $this->dao->escape($vars['u']) . '\', \'' . $this->dao->escape($vars['e']) . '\', \'' . $this->dao->escape($vars['pwenc']) . '\', 0 )'; $s = $this->dao->query($query); if (!$s->insertId()) { $vars['errors'] = array('inserror'); return false; } $userId = $s->insertId(); $key = PFunctions::randomString(16); // save register key if (!APP_User::addSetting($userId, 'regkey', $key)) { $vars['errors'] = array('inserror'); return false; } // save lang if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) { $vars['errors'] = array('inserror'); return false; } $View = new UserView($this); $View->registerMail($userId); PPostHandler::clearVars(); return PVars::getObj('env')->baseuri . 'user/register/finish'; } else { PPostHandler::setCallback($c, __CLASS__, __FUNCTION__); return $c; } }
function logout() { if (isset($_SESSION['IdMember'])) { MOD_log::get()->write("Logout in bwauth.lib.php", "Login"); // todo optimize periodically online table because it will be a gruyere // remove from online list $query = "delete from online where IdMember=" . $_SESSION['IdMember']; $this->dao->query($query); } unset($_SESSION['IdMember']); unset($_SESSION['IsVol']); unset($_SESSION['Username']); unset($_SESSION['MemberStatus']); unset($_SESSION['Status']); unset($_SESSION["stylesheet"]); if (isset($_SESSION['Param'])) { unset($_SESSION["Param"]); } if (isset($_SESSION['TimeOffset'])) { unset($_SESSION["TimeOffset"]); } if (isset($_SESSION['PreferenceDayLight'])) { unset($_SESSION["PreferenceDayLight"]); } if (isset($_SESSION['MemberCryptKey'])) { unset($_SESSION['MemberCryptKey']); } if (isset($_SESSION['LogCheck'])) { unset($_SESSION['LogCheck']); } foreach ($_SESSION as $key => $name) { if (strpos($key, "RightLevel") !== false) { unset($_SESSION[$key]); } if (strpos($key, "RightScope") !== false) { unset($_SESSION[$key]); } if (strpos($key, "FlagLevel") !== false) { unset($_SESSION[$key]); } // if (isset($_SESSION[$key])) print_r( $key ); echo " "; print_r( $name ); echo "<br />\n" ; } // die(0) ; //$_SESSION = array() ; // Raz the session properly , beware not compatible with signup parent::logout(); }