Ejemplo n.º 1
0
 public function Validate($id, $item)
 {
     $result = $this->validate_required($item, "email");
     if ($result) {
         if ($this->model->is_exists($item['email'], $id)) {
             $this->ferr('email', 'EXISTS');
         }
         if (!FormUtils::is_email($item['email'])) {
             $this->ferr('email', 'WRONG');
         }
     }
     $this->validate_check_result();
 }
Ejemplo n.º 2
0
 public function Validate($id, $item)
 {
     $result = $this->validate_required($item, $this->required_fields);
     //result here used only to disable further validation if required fields validation failed
     if ($result) {
         if ($this->model->is_exists($item['email'], $id)) {
             $this->ferr('email', 'EXISTS');
         }
         if (!FormUtils::is_email($item['email'])) {
             $this->ferr('email', 'WRONG');
         }
     }
     $this->validate_check_result();
 }
Ejemplo n.º 3
0
 public function Validate($id, $item)
 {
     $result = $this->validate_required($item, "email old_pwd pwd pwd2");
     if ($result) {
         $itemdb = $this->model->one($id);
         if ($item['old_pwd'] != $itemdb['pwd']) {
             $this->ferr('old_pwd', 'WRONG');
         }
         if ($this->model->is_exists($item['email'], $id)) {
             $this->ferr('email', 'EXISTS');
         }
         if (!FormUtils::is_email($item['email'])) {
             $this->ferr('email', 'WRONG');
         }
         if ($item['pwd'] != $item['pwd2']) {
             $this->ferr('pwd2', 'NOTEQUAL');
         }
     }
     $this->validate_check_result();
 }
Ejemplo n.º 4
0
require_once '../classes/lang.class.php';
require_once '../classes/dbutils.class.php';
require_once '../classes/usernotices.class.php';
$notice = UserNotices::get_instance();
$mysqli = DBUtils::get_mysqli_link($configObject->get('cfg_db_host'), $configObject->get('cfg_db_username'), $configObject->get('cfg_db_passwd'), $configObject->get('cfg_db_database'), $configObject->get('cfg_db_charset'), $notice, $configObject->get('dbclass'));
$email = isset($_GET['email']) ? $_GET['email'] : '';
$message = '';
$errors = array();
$form_util = new FormUtils();
if (isset($_POST['submit']) and $_POST['submit'] == $string['send']) {
    $email = $_POST['email'];
    // Process the form submission
    $errors = $form_util->check_required(array('email' => $string['emailaddress']));
    if (count($errors) == 0) {
        // Check if the supplied value is an email address (avoid an unnecessary DB call)
        if (!$form_util->is_email($email)) {
            $errors[] = $string['emailaddressinvalid'];
        } else {
            if ($form_util->is_email_in_cfg_institutional_domains($email)) {
                $errors[] = $string['emailaddressininstitutionaldomains'];
            } else {
                // If it is, look for the user in the database
                $stmt = $mysqli->prepare("SELECT id, title, surname FROM users WHERE email = ? ORDER BY id DESC LIMIT 1");
                $stmt->bind_param('s', $email);
                $stmt->execute();
                $stmt->store_result();
                $stmt->bind_result($user_id, $title, $surname);
                $stmt->fetch();
                if ($stmt->num_rows == 0) {
                    $errors[] = $string['emailaddressnotfound'];
                } else {
Ejemplo n.º 5
0
    // Check if the token exists and has not expired
    $stmt = $mysqli->prepare("SELECT id, user_id FROM password_tokens WHERE token = ? AND time > DATE_ADD(NOW(), INTERVAL -1 DAY) ORDER BY id DESC LIMIT 1");
    $stmt->bind_param('s', $token);
    $stmt->execute();
    $stmt->store_result();
    $stmt->bind_result($id, $user_id);
    $stmt->fetch();
    if ($stmt->num_rows == 0) {
        $critical_errors[] = 'Invalid token';
    }
    $stmt->close();
}
if (count($critical_errors) == 0 and isset($_POST['token']) and $_POST['token'] != '') {
    // Process form submission
    $errors = $form_util->check_required(array('email' => $string['emailaddress'], 'password' => $string['password'], 'password_confirm' => $string['passwordconfirm']));
    if (!$form_util->is_email($_POST['email'])) {
        $email = $_POST['email'];
        $errors[] = $string['emailaddressinvalid'];
    }
    if ($_POST['password'] != $_POST['password_confirm']) {
        $errors[] = $string['passwordsnotmatch'];
    }
    if (count($errors) == 0) {
        $email = $_POST['email'];
        $password = $_POST['password'];
        // Check if email address matches that of the user in the token record
        $stmt = $mysqli->prepare("SELECT username, email, roles FROM users WHERE id = ?");
        $stmt->bind_param('i', $user_id);
        $stmt->execute();
        $stmt->store_result();
        $stmt->bind_result($username, $existing_email, $userroles);