* see COPYING for details
*
*/
if (!ereg(".*/index.php\$", $_SERVER['PHP_SELF'])) {
header("Location:../index.php");
exit;
}
if (!isset($_REQUEST['mode'])) {
$smarty->display('header.tpl');
$smarty->display('help.tpl');
$smarty->display('footer.tpl');
exit;
} else {
if ($_REQUEST['mode'] == "send_pass") {
// Make sure it's a valid address
if (!check_email_format($_REQUEST['username'])) {
set_msg_err("Error: \"" . $_REQUEST['username'] . "\" does not appear to be a properly formatted email address");
header("Location: " . $_SERVER['PHP_SELF'] . "?" . SID . "&state=help");
exit;
}
// Make sure it's in the database
require 'src/connect.php';
$result = mysql_query("select cid from accounts where Email='" . strtolower($_REQUEST['username']) . "'") or die(mysql_error());
if (mysql_num_rows($result) < 1) {
set_msg_err("Error: \"" . $_REQUEST['username'] . "\" does not appear in our database");
header("Location: " . $_SERVER['PHP_SELF'] . "?" . SID . "&state=help");
exit;
} else {
$fa = mysql_fetch_array($result);
// Send Password
$newpass = substr(md5(rand(0, 10000) . "vegadns_" . $_REQUEST['username'] . rand(0, 10000)), 0, rand(5, 8));
function extract_sms($sms, $type)
{
for ($i = 0; $i < count($sms); $i++) {
if ($type == 'lead_type') {
if (strtolower($sms[$i]) == 'seller') {
unset($sms[$i]);
return array('value' => 'seller', 'sms' => array_values($sms));
} else {
if (strtolower($sms[$i]) == 'buyer') {
unset($sms[$i]);
return array('value' => 'buyer', 'sms' => array_values($sms));
}
}
} else {
if ($type == 'email') {
if (check_email_format($sms[$i])) {
$mail = $sms[$i];
unset($sms[$i]);
return array('value' => $mail, 'sms' => array_values($sms));
}
}
}
}
return array('value' => '', 'sms' => $sms);
}
public function register()
{
$user_name = I('post.username');
$user_email = I('post.email');
$user_password = I('post.password');
$user_password_confirm = I('post.password_confirm');
//$data = array('user_name'=>$user_name,'user_email'=>$user_email,'user_password'=>$user_password,'user_password_confirm'=>$user_password_confirm);
//条件判断
if (empty($user_name)) {
$this->ajaxReturn(array('error' => 1, 'msg' => '用户名不能为空!'));
return;
}
if (empty($user_email)) {
$this->ajaxReturn(array('error' => 1, 'msg' => '邮箱不能为空!'));
return;
}
if (empty($user_password)) {
$this->ajaxReturn(array('error' => 1, 'msg' => '密码不能为空!'));
return;
}
if (!check_username_format($user_name)) {
$this->ajaxReturn(array('error' => 1, 'msg' => '请检查你的用户名格式!'));
return;
}
//用户名格式验证
if (!check_email_format($user_email)) {
$this->ajaxReturn(array('error' => 1, 'msg' => '请检查你的邮箱格式!'));
return;
}
//邮箱格式验证
if (strlen($user_password) < 6) {
$this->ajaxReturn(array('error' => 1, 'msg' => '密码不能小于6位!'));
return;
}
//密码长度验证
if ($user_password !== $user_password_confirm) {
$this->ajaxReturn(array('error' => 1, 'msg' => '两次输入的密码不一致!'));
return;
}
//录入操作
$user_salt = get_random_str(6);
//盐值
$encrypt_times = rand(1, 10);
//encrypy times 加密次数
for ($i = 0; $i < $encrypt_times; $i++) {
$user_password = md5($user_password . $user_salt);
}
//加密
$user = array('user_name' => $user_name, 'user_email' => $user_email, 'user_password' => $user_password, 'user_salt' => $user_salt, 'user_encrypt_times' => $encrypt_times);
$result = $this->user_model->add($user);
if ($result !== false) {
$this->ajaxReturn(array('error' => 0, 'msg' => '注册成功!'));
} else {
$this->ajaxReturn(array('error' => 1, 'msg' => '注册失败!'));
}
}
// Check data
if ($_REQUEST['first_name'] == '') {
set_msg_err("Error: no First Name supplied");
$smarty->display('header.tpl');
require 'src/account_form.php';
$smarty->display('footer.tpl');
exit;
}
if ($_REQUEST['last_name'] == '') {
set_msg_err("Error: no Last Name supplied");
$smarty->display('header.tpl');
require 'src/account_form.php';
$smarty->display('footer.tpl');
exit;
}
if (!check_email_format($_REQUEST['email_address'])) {
set_msg_err("Error: invalid email address");
$smarty->display('header.tpl');
require 'src/account_form.php';
$smarty->display('footer.tpl');
exit;
}
// If the email address is changing, check that it's not already in use
if ($account_info['Email'] != strtolower($_REQUEST['email_address'])) {
$q = mysql_query("select Email from accounts where Email='" . mysql_escape_string(strtolower($_REQUEST['email_address'])) . "'");
$email_rows = mysql_num_rows($q);
if ($email_rows > 0) {
set_msg_err("Error: email address already in use");
$smarty->display('header.tpl');
require 'src/account_form.php';
$smarty->display('footer.tpl');
/*Instanciation du tableau d'erreurs*/
$errors = [];
/*Récupération des données du formulaire*/
if (isset($_POST["submitBtn"])) {
$email = trim(htmlentities($_POST["email"]));
$password = trim(htmlentities($_POST["password"]));
$confirmPassword = trim(htmlentities($_POST["confirmPassword"]));
$lname = trim(htmlentities($_POST["lname"]));
$fname = trim(htmlentities($_POST["fname"]));
$address = trim(htmlentities($_POST["address"]));
$zipcode = trim(htmlentities($_POST["zipcode"]));
$town = trim(htmlentities($_POST["town"]));
$phone = trim(htmlentities($_POST["phone"]));
/*Contrôle de la validité des données*/
/*1. Contrôle du champ "Email" */
$checkEmailMessage = check_email_format($email);
if ($checkEmailMessage !== "") {
$errors["email"] = $checkEmailMessage;
}
/*2. Contrôle du champ "Mot de passe" */
$checkPasswordMessage = check_password_format($password, $confirmPassword);
if ($checkPasswordMessage !== "") {
$errors["password"] = $checkPasswordMessage;
}
/*3. Contrôle du champ "Nom" */
$checkLnameMessage = check_contains_characters_only($lname);
if ($checkLnameMessage !== "") {
$errors["lname"] = $checkLnameMessage;
}
/*4. Contrôle du champ "Prénom" */
$checkFnameMessage = check_contains_characters_only($fname);
