Ejemplos de validate_mail_address en PHP

Ejemplo n.º 1

Archivo: install.php Proyecto: thunderrabbit/Piwigo

    pwg_db_check_charset();
    $webmaster = trim(preg_replace('/\\s{2,}/', ' ', $admin_name));
    if (empty($webmaster)) {
        $errors[] = l10n('enter a login for webmaster');
    } else {
        if (preg_match('/[\'"]/', $webmaster)) {
            $errors[] = l10n('webmaster login can\'t contain characters \' or "');
        }
    }
    if ($admin_pass1 != $admin_pass2 || empty($admin_pass1)) {
        $errors[] = l10n('please enter your password again');
    }
    if (empty($admin_mail)) {
        $errors[] = l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)');
    } else {
        $error_mail_address = validate_mail_address(null, $admin_mail);
        if (!empty($error_mail_address)) {
            $errors[] = $error_mail_address;
        }
    }
    if (count($errors) == 0) {
        $step = 2;
        $file_content = '<?php
$conf[\'dblayer\'] = \'' . $dblayer . '\';
$conf[\'db_base\'] = \'' . $dbname . '\';
$conf[\'db_user\'] = \'' . $dbuser . '\';
$conf[\'db_password\'] = \'' . $dbpasswd . '\';
$conf[\'db_host\'] = \'' . $dbhost . '\';

$prefixeTable = \'' . $prefixeTable . '\';

Ejemplo n.º 2

Archivo: profile.php Proyecto: lcorbasson/Piwigo

function save_profile_from_post($userdata, &$errors)
{
    global $conf, $page;
    $errors = array();
    if (!isset($_POST['validate'])) {
        return false;
    }
    $special_user = in_array($userdata['id'], array($conf['guest_id'], $conf['default_user_id']));
    if ($special_user) {
        unset($_POST['username'], $_POST['mail_address'], $_POST['password'], $_POST['use_new_pwd'], $_POST['passwordConf'], $_POST['theme'], $_POST['language']);
        $_POST['theme'] = get_default_theme();
        $_POST['language'] = get_default_language();
    }
    if (!defined('IN_ADMIN')) {
        unset($_POST['username']);
    }
    if ($conf['allow_user_customization'] or defined('IN_ADMIN')) {
        $int_pattern = '/^\\d+$/';
        if (empty($_POST['nb_image_page']) or !preg_match($int_pattern, $_POST['nb_image_page'])) {
            $errors[] = l10n('The number of photos per page must be a not null scalar');
        }
        // periods must be integer values, they represents number of days
        if (!preg_match($int_pattern, $_POST['recent_period']) or $_POST['recent_period'] < 0) {
            $errors[] = l10n('Recent period must be a positive integer value');
        }
        if (!in_array($_POST['language'], array_keys(get_languages()))) {
            die('Hacking attempt, incorrect language value');
        }
        if (!in_array($_POST['theme'], array_keys(get_pwg_themes()))) {
            die('Hacking attempt, incorrect theme value');
        }
    }
    if (isset($_POST['mail_address'])) {
        // if $_POST and $userdata have are same email
        // validate_mail_address allows, however, to check email
        $mail_error = validate_mail_address($userdata['id'], $_POST['mail_address']);
        if (!empty($mail_error)) {
            $errors[] = $mail_error;
        }
    }
    if (!empty($_POST['use_new_pwd'])) {
        // password must be the same as its confirmation
        if ($_POST['use_new_pwd'] != $_POST['passwordConf']) {
            $errors[] = l10n('The passwords do not match');
        }
        if (!defined('IN_ADMIN')) {
            // changing password requires old password
            $query = '
  SELECT ' . $conf['user_fields']['password'] . ' AS password
    FROM ' . USERS_TABLE . '
    WHERE ' . $conf['user_fields']['id'] . ' = \'' . $userdata['id'] . '\'
  ;';
            list($current_password) = pwg_db_fetch_row(pwg_query($query));
            if (!$conf['password_verify']($_POST['password'], $current_password)) {
                $errors[] = l10n('Current password is wrong');
            }
        }
    }
    if (count($errors) == 0) {
        // mass_updates function
        include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
        if (isset($_POST['mail_address'])) {
            // update common user informations
            $fields = array($conf['user_fields']['email']);
            $data = array();
            $data[$conf['user_fields']['id']] = $userdata['id'];
            $data[$conf['user_fields']['email']] = $_POST['mail_address'];
            // password is updated only if filled
            if (!empty($_POST['use_new_pwd'])) {
                $fields[] = $conf['user_fields']['password'];
                // password is hashed with function $conf['password_hash']
                $data[$conf['user_fields']['password']] = $conf['password_hash']($_POST['use_new_pwd']);
            }
            // username is updated only if allowed
            if (!empty($_POST['username'])) {
                if ($_POST['username'] != $userdata['username'] and get_userid($_POST['username'])) {
                    $page['errors'][] = l10n('this login is already used');
                    unset($_POST['redirect']);
                } else {
                    $fields[] = $conf['user_fields']['username'];
                    $data[$conf['user_fields']['username']] = $_POST['username'];
                    // send email to the user
                    if ($_POST['username'] != $userdata['username']) {
                        include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
                        switch_lang_to($userdata['language']);
                        $keyargs_content = array(get_l10n_args('Hello', ''), get_l10n_args('Your username has been successfully changed to : %s', $_POST['username']));
                        pwg_mail($_POST['mail_address'], array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Username modification'), 'content' => l10n_args($keyargs_content), 'content_format' => 'text/plain'));
                        switch_lang_back();
                    }
                }
            }
            mass_updates(USERS_TABLE, array('primary' => array($conf['user_fields']['id']), 'update' => $fields), array($data));
        }
        if ($conf['allow_user_customization'] or defined('IN_ADMIN')) {
            // update user "additional" informations (specific to Piwigo)
            $fields = array('nb_image_page', 'language', 'expand', 'show_nb_hits', 'recent_period', 'theme');
            if ($conf['activate_comments']) {
                $fields[] = 'show_nb_comments';
            }
            $data = array();
            $data['user_id'] = $userdata['id'];
            foreach ($fields as $field) {
                if (isset($_POST[$field])) {
                    $data[$field] = $_POST[$field];
                }
            }
            mass_updates(USER_INFOS_TABLE, array('primary' => array('user_id'), 'update' => $fields), array($data));
        }
        trigger_notify('save_profile_from_post', $userdata['id']);
        if (!empty($_POST['redirect'])) {
            redirect($_POST['redirect']);
        }
    }
    return true;
}

Ejemplo n.º 3

Archivo: functions_user.inc.php Proyecto: lcorbasson/Piwigo

/**
 * Creates a new user.
 *
 * @param string $login
 * @param string $password
 * @param string $mail_adress
 * @param bool $notify_admin
 * @param array &$errors populated with error messages
 * @param bool $notify_user
 * @return int|false user id or false
 */
function register_user($login, $password, $mail_address, $notify_admin = true, &$errors = array(), $notify_user = false)
{
    global $conf;
    if ($login == '') {
        $errors[] = l10n('Please, enter a login');
    }
    if (preg_match('/^.* $/', $login)) {
        $errors[] = l10n('login mustn\'t end with a space character');
    }
    if (preg_match('/^ .*$/', $login)) {
        $errors[] = l10n('login mustn\'t start with a space character');
    }
    if (get_userid($login)) {
        $errors[] = l10n('this login is already used');
    }
    if ($login != strip_tags($login)) {
        $errors[] = l10n('html tags are not allowed in login');
    }
    $mail_error = validate_mail_address(null, $mail_address);
    if ('' != $mail_error) {
        $errors[] = $mail_error;
    }
    if ($conf['insensitive_case_logon'] == true) {
        $login_error = validate_login_case($login);
        if ($login_error != '') {
            $errors[] = $login_error;
        }
    }
    $errors = trigger_change('register_user_check', $errors, array('username' => $login, 'password' => $password, 'email' => $mail_address));
    // if no error until here, registration of the user
    if (count($errors) == 0) {
        $insert = array($conf['user_fields']['username'] => pwg_db_real_escape_string($login), $conf['user_fields']['password'] => $conf['password_hash']($password), $conf['user_fields']['email'] => $mail_address);
        single_insert(USERS_TABLE, $insert);
        $user_id = pwg_db_insert_id();
        // Assign by default groups
        $query = '
SELECT id
  FROM ' . GROUPS_TABLE . '
  WHERE is_default = \'' . boolean_to_string(true) . '\'
  ORDER BY id ASC
;';
        $result = pwg_query($query);
        $inserts = array();
        while ($row = pwg_db_fetch_assoc($result)) {
            $inserts[] = array('user_id' => $user_id, 'group_id' => $row['id']);
        }
        if (count($inserts) != 0) {
            mass_inserts(USER_GROUP_TABLE, array('user_id', 'group_id'), $inserts);
        }
        $override = array();
        if ($language = get_browser_language()) {
            $override['language'] = $language;
        }
        create_user_infos($user_id, $override);
        if ($notify_admin and $conf['email_admin_on_new_user']) {
            include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
            $admin_url = get_absolute_root_url() . 'admin.php?page=user_list&username='******'User: %s', stripslashes($login)), get_l10n_args('Email: %s', $mail_address), get_l10n_args(''), get_l10n_args('Admin: %s', $admin_url));
            pwg_mail_notification_admins(get_l10n_args('Registration of %s', stripslashes($login)), $keyargs_content);
        }
        if ($notify_user and email_check_format($mail_address)) {
            include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
            $keyargs_content = array(get_l10n_args('Hello %s,', stripslashes($login)), get_l10n_args('Thank you for registering at %s!', $conf['gallery_title']), get_l10n_args('', ''), get_l10n_args('Here are your connection settings', ''), get_l10n_args('', ''), get_l10n_args('Link: %s', get_absolute_root_url()), get_l10n_args('Username: %s', stripslashes($login)), get_l10n_args('Password: %s', stripslashes($password)), get_l10n_args('Email: %s', $mail_address), get_l10n_args('', ''), get_l10n_args('If you think you\'ve received this email in error, please contact us at %s', get_webmaster_mail_address()));
            pwg_mail($mail_address, array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Registration'), 'content' => l10n_args($keyargs_content), 'content_format' => 'text/plain'));
        }
        trigger_notify('register_user', array('id' => $user_id, 'username' => $login, 'email' => $mail_address));
        return $user_id;
    } else {
        return false;
    }
}

Ejemplo n.º 4

Archivo: pwg.users.php Proyecto: donseba/Piwigo

/**
 * API method
 * Updates users
 * @param mixed[] $params
 *    @option int[] user_id
 *    @option string username (optional)
 *    @option string password (optional)
 *    @option string email (optional)
 *    @option string status (optional)
 *    @option int level (optional)
 *    @option string language (optional)
 *    @option string theme (optional)
 *    @option int nb_image_page (optional)
 *    @option int recent_period (optional)
 *    @option bool expand (optional)
 *    @option bool show_nb_comments (optional)
 *    @option bool show_nb_hits (optional)
 *    @option bool enabled_high (optional)
 */
function ws_users_setInfo($params, &$service)
{
    if (get_pwg_token() != $params['pwg_token']) {
        return new PwgError(403, 'Invalid security token');
    }
    global $conf, $user;
    include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
    $updates = $updates_infos = array();
    $update_status = null;
    if (count($params['user_id']) == 1) {
        if (get_username($params['user_id'][0]) === false) {
            return new PwgError(WS_ERR_INVALID_PARAM, 'This user does not exist.');
        }
        if (!empty($params['username'])) {
            $user_id = get_userid($params['username']);
            if ($user_id and $user_id != $params['user_id'][0]) {
                return new PwgError(WS_ERR_INVALID_PARAM, l10n('this login is already used'));
            }
            if ($params['username'] != strip_tags($params['username'])) {
                return new PwgError(WS_ERR_INVALID_PARAM, l10n('html tags are not allowed in login'));
            }
            $updates[$conf['user_fields']['username']] = $params['username'];
        }
        if (!empty($params['email'])) {
            if (($error = validate_mail_address($params['user_id'][0], $params['email'])) != '') {
                return new PwgError(WS_ERR_INVALID_PARAM, $error);
            }
            $updates[$conf['user_fields']['email']] = $params['email'];
        }
        if (!empty($params['password'])) {
            $updates[$conf['user_fields']['password']] = $conf['password_hash']($params['password']);
        }
    }
    if (!empty($params['status'])) {
        if (in_array($params['status'], array('webmaster', 'admin')) and !is_webmaster()) {
            return new PwgError(403, 'Only webmasters can grant "webmaster/admin" status');
        }
        if (!in_array($params['status'], array('guest', 'generic', 'normal', 'admin', 'webmaster'))) {
            return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid status');
        }
        $protected_users = array($user['id'], $conf['guest_id'], $conf['webmaster_id']);
        // an admin can't change status of other admin/webmaster
        if ('admin' == $user['status']) {
            $query = '
SELECT
    user_id
  FROM ' . USER_INFOS_TABLE . '
  WHERE status IN (\'webmaster\', \'admin\')
;';
            $protected_users = array_merge($protected_users, query2array($query, null, 'user_id'));
        }
        // status update query is separated from the rest as not applying to the same
        // set of users (current, guest and webmaster can't be changed)
        $params['user_id_for_status'] = array_diff($params['user_id'], $protected_users);
        $update_status = $params['status'];
    }
    if (!empty($params['level']) or @$params['level'] === 0) {
        if (!in_array($params['level'], $conf['available_permission_levels'])) {
            return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid level');
        }
        $updates_infos['level'] = $params['level'];
    }
    if (!empty($params['language'])) {
        if (!in_array($params['language'], array_keys(get_languages()))) {
            return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid language');
        }
        $updates_infos['language'] = $params['language'];
    }
    if (!empty($params['theme'])) {
        if (!in_array($params['theme'], array_keys(get_pwg_themes()))) {
            return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid theme');
        }
        $updates_infos['theme'] = $params['theme'];
    }
    if (!empty($params['nb_image_page'])) {
        $updates_infos['nb_image_page'] = $params['nb_image_page'];
    }
    if (!empty($params['recent_period']) or @$params['recent_period'] === 0) {
        $updates_infos['recent_period'] = $params['recent_period'];
    }
    if (!empty($params['expand']) or @$params['expand'] === false) {
        $updates_infos['expand'] = boolean_to_string($params['expand']);
    }
    if (!empty($params['show_nb_comments']) or @$params['show_nb_comments'] === false) {
        $updates_infos['show_nb_comments'] = boolean_to_string($params['show_nb_comments']);
    }
    if (!empty($params['show_nb_hits']) or @$params['show_nb_hits'] === false) {
        $updates_infos['show_nb_hits'] = boolean_to_string($params['show_nb_hits']);
    }
    if (!empty($params['enabled_high']) or @$params['enabled_high'] === false) {
        $updates_infos['enabled_high'] = boolean_to_string($params['enabled_high']);
    }
    // perform updates
    single_update(USERS_TABLE, $updates, array($conf['user_fields']['id'] => $params['user_id'][0]));
    if (isset($update_status) and count($params['user_id_for_status']) > 0) {
        $query = '
UPDATE ' . USER_INFOS_TABLE . ' SET
    status = "' . $update_status . '"
  WHERE user_id IN(' . implode(',', $params['user_id_for_status']) . ')
;';
        pwg_query($query);
    }
    if (count($updates_infos) > 0) {
        $query = '
UPDATE ' . USER_INFOS_TABLE . ' SET ';
        $first = true;
        foreach ($updates_infos as $field => $value) {
            if (!$first) {
                $query .= ', ';
            } else {
                $first = false;
            }
            $query .= $field . ' = "' . $value . '"';
        }
        $query .= '
  WHERE user_id IN(' . implode(',', $params['user_id']) . ')
;';
        pwg_query($query);
    }
    // manage association to groups
    if (!empty($params['group_id'])) {
        $query = '
DELETE
  FROM ' . USER_GROUP_TABLE . '
  WHERE user_id IN (' . implode(',', $params['user_id']) . ')
;';
        pwg_query($query);
        // we remove all provided groups that do not really exist
        $query = '
SELECT
    id
  FROM ' . GROUPS_TABLE . '
  WHERE id IN (' . implode(',', $params['group_id']) . ')
;';
        $group_ids = array_from_query($query, 'id');
        // if only -1 (a group id that can't exist) is in the list, then no
        // group is associated
        if (count($group_ids) > 0) {
            $inserts = array();
            foreach ($group_ids as $group_id) {
                foreach ($params['user_id'] as $user_id) {
                    $inserts[] = array('user_id' => $user_id, 'group_id' => $group_id);
                }
            }
            mass_inserts(USER_GROUP_TABLE, array_keys($inserts[0]), $inserts);
        }
    }
    invalidate_user_cache();
    return $service->invoke('pwg.users.getList', array('user_id' => $params['user_id'], 'display' => 'basics,' . implode(',', array_keys($updates_infos))));
}