private function validateRegistration()
{
loadLibrary("validation.lib");
$user = secure($_POST["username"]);
$display = secure($_POST["display"]);
$pass1 = secure($_POST["pass1"]);
$pass2 = secure($_POST["pass2"]);
$email1 = secure($_POST["email1"]);
$email2 = secure($_POST["email2"]);
$res = valid_username($user);
if ($res !== true) {
$this->errors[] = $res;
}
$res = valid_displayname($display);
if ($res !== true) {
$this->errors[] = $res;
}
if ($pass1 !== $pass2) {
$this->errors[] = "passwords_dont_match";
} else {
$res = valid_password($pass1);
if ($res !== true) {
$this->errors[] = $res;
}
}
if ($email1 !== $email2) {
$this->errors[] = "emails_dont_match";
} else {
$res = valid_email($email1);
if ($res !== true) {
$this->errors[] = $res;
}
}
// Validate these next two for the most protective method.
if ($_POST["hideemail"] == "no") {
$hideemail = false;
} else {
$hideemail = true;
}
if ($_POST["receiveemail"] == "yes") {
$receiveemail = true;
} else {
$receiveemail = false;
}
// Check ToS box
if (!$_POST["tos"]) {
$this->errors[] = "tos_not_checked";
}
if (count($this->errors) == 0) {
// Add the user
global $yakbb;
$yakbb->db->insert("users", array("id" => 0, "username" => $user, "displayname" => $display, "password" => sha256($pass1), "email" => $email1, "emailshow" => $hideemail ? 0 : 1, "emailoptin" => $receiveemail ? 1 : 0, "activated" => 1, "activationcode" => "", "pending" => 0, "registeredtime" => time(), "lastip" => $yakbb->ip, "template" => $yakbb->config["default_template"], "language" => $yakbb->config["default_language"], "timezone" => $yakbb->config["default_timezone"]));
redirect("?action=login®=true");
}
}
function insert_user($userdat)
{
// Creates a new user on the forum
global $yakbb;
// List fields that this function can provide.
$valid_fields = array("username", "displayname", "password", "email", "emailshow", "emailoptin");
$required_fields = array("username", "password", "email");
// Validate that ONLY these fields are provided. Then, validate required fields
$fields_provided = array_keys($userdat);
foreach ($fields_provided as $k => $item) {
if (!in_array($item, $valid_fields)) {
unset($userdat[$item]);
// Remove the invalid item
}
}
foreach ($required_fields as $k => $item) {
if (!in_array($item, $fields_provided)) {
record_yakbb_error("Missed field \"" . $item . "\" in call to insert_user().");
return false;
}
}
// Set the data that will ALWAYS be this way
$userdat["group"] = 0;
$userdat["activated"] = 1;
$userdat["activationcode"] = "";
// Sent via e-mail
$userdat["pending"] = 0;
// Admin approval required?
$userdat["registeredtime"] = time();
$userdat["lastip"] = $yakbb->ip;
$userdat["template"] = $yakbb->config["default_template"];
$userdat["language"] = $yakbb->config["default_language"];
$userdat["timezone"] = $yakbb->config["default_timezone"];
// Set the data that is optional. intval() is used to force integer value upon certain ones
$userdat["emailshow"] = isset($userdat["emailshow"]) ? intval($userdat["emailshow"]) : 0;
$userdat["emailoptin"] = isset($userdat["emailoptin"]) ? intval($userdat["emailoptin"]) : 0;
$userdat["displayname"] = isset($userdat["displayname"]) ? $userdat["displayname"] : $userdat["username"];
// Validate inputted data
if (!function_exists("valid_username")) {
loadLibrary("validation.lib");
}
$errors = array();
$res = valid_username($userdat["username"]);
if ($res !== true) {
$errors[] = $res;
}
$res = valid_displayname($userdat["displayname"]);
if ($res !== true) {
$errors[] = $res;
}
$res = valid_password($userdat["password"]);
if ($res !== true) {
$errors[] = $res;
}
$res = valid_email($userdat["email"]);
if ($res !== true) {
$errors[] = $res;
}
if (count($errors) == 0) {
$yakbb->db->insert("users", $userdat);
return true;
} else {
return $errors;
}
}
