$email = $_POST['email']; } else { $email = ""; } if ($_POST['submit'] && !$create_disabled && !$banned_ip) { $name = striptag($name, $no_tags); $name = trim($name); /* Filter out bad characters. Do the & first to catch SGML entities */ $name = preg_replace("/&/", "&#" . ord('&') . ";", $name); $name = preg_replace("/</", "<", $name); $name = preg_replace("/>/", ">", $name); if (empty($name)) { $error .= "Name is required\n"; } else { /* FIXME: More error codes (empty shortname, etc) */ if (!$user->name($name)) { $error .= "Name '{$name}' is invalid\n"; } } /* We do some sanitizing of the email address first */ $email = trim($email); if (empty($email)) { $error .= "Email address is required\n"; } else { if (!$user->email($email)) { $error .= "Email address '{$email}' is invalid\n"; } } if (isset($_POST['password1'])) { $password1 = $_POST['password2']; } else {
} else { $password2 = ""; } if (isset($_POST['submit'])) { if (!$user->is_valid_token($_POST['token'])) { err_not_found('Invalid token'); } if (!empty($name)) { $name = striptag($name, $no_tags); $name = trim($name); /* Filter out bad characters. Do the & first to catch SGML entities */ $name = preg_replace("/&/", "&#" . ord('&') . ";", $name); $name = preg_replace("/</", "<", $name); $name = preg_replace("/>/", ">", $name); if (!empty($name)) { $user->name($name); } } if (!empty($email)) { $email = trim($email); if (is_valid_email($email)) { $update_email = $email; } else { $error .= "Please supply a valid email address\n"; } } if (!empty($password1) || !empty($password2)) { if (empty($password1) || empty($password2)) { $error .= "Please fill in both passwords\n"; } else { if ($password1 != $password2) {