Example #1
0
/**
 * Ajax function: Checks the availability of a username for registration and echoes a text containing the result of username search.
 *
 * @param string $username
 */
function performCheckEmail( $email, $function ) {
	global $_CB_framework, $_CB_database, $ueConfig;

	if ( ( ! isset( $ueConfig['reg_email_checker'] ) ) || ( ! $ueConfig['reg_email_checker'] ) ) {
		echo ISOtoUtf8( _UE_NOT_AUTHORIZED );
		exit();
	}
	// simple spoof check security
	if ( ( ! cbSpoofCheck( 'registerForm', 'POST', 2 ) ) || ( ! cbRegAntiSpamCheck( 2 ) ) ) {
		echo '<span class="cb_result_error">' . ISOtoUtf8( _UE_SESSION_EXPIRED ) . "</span>";
		exit;
	}

	$email		=	stripslashes( $email );
	$emailISO 	=	utf8ToISO( $email );				// ajax sends in utf8, we need to convert back to the site's encoding.

	if ( $ueConfig['reg_email_checker'] > 1 ) {
		if ( $_CB_database->isDbCollationCaseInsensitive() ) {
			$query	=	"SELECT COUNT(*) AS result FROM #__users WHERE email = " . $_CB_database->Quote( ( trim( $emailISO ) ) );
		} else {
			$query	=	"SELECT COUNT(*) AS result FROM #__users WHERE LOWER(email) = " . $_CB_database->Quote( ( strtolower( trim( $emailISO ) ) ) );
		}
		$_CB_database->setQuery($query);
		$dataObj	=	null;
		if ( $_CB_database->loadObject( $dataObj ) ) {
			if ( $function == 'testexists' ) {
				if ( $dataObj->result ) {
					echo '<span class="cb_result_ok">' . sprintf( ISOtoUtf8( _UE_EMAIL_EXISTS_ON_SITE ), htmlspecialchars( $email ) ) . "</span>";
					return;
				} else {
					echo '<span class="cb_result_error">' . sprintf( ISOtoUtf8( _UE_EMAIL_DOES_NOT_EXISTS_ON_SITE ), htmlspecialchars( $email ) ) . "</span>";
					return;
				}
			} else {
				if ( $dataObj->result ) {
					echo '<span class="cb_result_error">' . sprintf( ISOtoUtf8( _UE_EMAIL_ALREADY_REGISTERED ), htmlspecialchars( $email ) ) . "</span>";
					return;
				}
			}
		}
	}
	if ( $function == 'testexists' ) {
		echo ISOtoUtf8( _UE_NOT_AUTHORIZED );
		return;
	} else {
		$checkResult	=	cbCheckMail( $_CB_framework->getCfg( 'mailfrom' ), $email );
	}
	switch ( $checkResult ) {
		case -2:
			echo '<span class="cb_result_error">' . sprintf( ISOtoUtf8( _UE_EMAIL_NOVALID ), htmlspecialchars( $email ) ) . "</span>";
			break;
		case -1:
			echo '<span class="cb_result_warning">' . sprintf( ISOtoUtf8( _UE_EMAIL_COULD_NOT_CHECK ), htmlspecialchars( $email ) ) . "</span>";
			break;
		case 0:
			if ( $ueConfig['reg_confirmation'] == 0 ) {
				echo '<span class="cb_result_error">' . sprintf( ISOtoUtf8( _UE_EMAIL_INCORRECT_CHECK ), htmlspecialchars( $email ) ) . "</span>";
			} else {
				echo '<span class="cb_result_error">' . sprintf( ISOtoUtf8( _UE_EMAIL_INCORRECT_CHECK_NEEDED ), htmlspecialchars( $email ) ) . "</span>";
			}
			break;
		case 1:
			echo '<span class="cb_result_ok">' . sprintf( ISOtoUtf8( _UE_EMAIL_VERIFIED ), htmlspecialchars( $email ) ) . "</span>";
			break;
		default:
			echo '<span class="cb_result_error">performCheckEmail:: Unexpected cbCheckMail result.</span>';
			break;
	}
}
 /**
  * Direct access to field for custom operations, like for Ajax
  *
  * WARNING: direct unchecked access, except if $user is set, then check
  * that the logged-in user has rights to edit that $user.
  *
  * @param  moscomprofilerFields  $field
  * @param  moscomprofilerUser    $user
  * @param  array                 $postdata
  * @param  string                $reason     'profile' for user profile view, 'edit' for profile edit, 'register' for registration, 'search' for searches
  * @return string                            Expected output.
  */
 function fieldClass(&$field, &$user, &$postdata, $reason)
 {
     global $_CB_framework, $_CB_database, $ueConfig, $_GET;
     parent::fieldClass($field, $user, $postdata, $reason);
     // performs spoofcheck.
     if (($field->type == 'primaryemailaddress' && (isset($ueConfig['reg_email_checker']) && $ueConfig['reg_email_checker'] > 0) || $field->params->get('field_check_email', 0) || $_CB_framework->getUi() == 2) && ($reason == 'edit' || $reason == 'register')) {
         $function = cbGetParam($_GET, 'function', '');
         if ($function == 'checkvalue') {
             $email = stripslashes(cbGetParam($postdata, 'value', ''));
             $emailISO = CBTxt::utf8ToISO($email);
             // ajax sends in utf8, we need to convert back to the site's encoding.
             if ($field->type == 'primaryemailaddress' && ((isset($ueConfig['reg_email_checker']) ? $ueConfig['reg_email_checker'] > 1 : false) && ($reason == 'register' || $reason == 'edit' && $user && $emailISO != $user->email) || $_CB_framework->getUi() == 2)) {
                 if ($_CB_database->isDbCollationCaseInsensitive()) {
                     $query = "SELECT COUNT(*) AS result FROM #__users WHERE email = " . $_CB_database->Quote(trim($emailISO));
                 } else {
                     $query = "SELECT COUNT(*) AS result FROM #__users WHERE LOWER(email) = " . $_CB_database->Quote(strtolower(trim($emailISO)));
                 }
                 $_CB_database->setQuery($query);
                 $dataObj = null;
                 if ($_CB_database->loadObject($dataObj)) {
                     if ($function == 'testexists') {
                         if ($dataObj->result) {
                             return '<span class="cb_result_ok">' . sprintf(ISOtoUtf8(_UE_EMAIL_EXISTS_ON_SITE), htmlspecialchars($email)) . "</span>";
                         } else {
                             return '<span class="cb_result_error">' . sprintf(ISOtoUtf8(_UE_EMAIL_DOES_NOT_EXISTS_ON_SITE), htmlspecialchars($email)) . "</span>";
                         }
                     } else {
                         if ($dataObj->result) {
                             return '<span class="cb_result_error">' . sprintf(ISOtoUtf8(_UE_EMAIL_ALREADY_REGISTERED), htmlspecialchars($email)) . "</span>";
                         }
                     }
                 }
             }
             if ($function == 'testexists') {
                 return ISOtoUtf8(_UE_NOT_AUTHORIZED);
             } else {
                 if ($reason == 'register' || $reason == 'edit' && $user && $emailISO != $user->email || $_CB_framework->getUi() == 2) {
                     $checkResult = cbCheckMail($_CB_framework->getCfg('mailfrom'), $emailISO);
                 } else {
                     return '<span class="cb_result_info">' . sprintf(ISOtoUtf8(CBTxt::T("No changes.")), htmlspecialchars($email)) . "</span>";
                 }
             }
             switch ($checkResult) {
                 case -2:
                     return '<span class="cb_result_error">' . sprintf(ISOtoUtf8(_UE_EMAIL_NOVALID), htmlspecialchars($email)) . "</span>";
                     break;
                 case -1:
                     return '<span class="cb_result_warning">' . sprintf(ISOtoUtf8(_UE_EMAIL_COULD_NOT_CHECK), htmlspecialchars($email)) . "</span>";
                     break;
                 case 0:
                     if ($ueConfig['reg_confirmation'] == 0) {
                         return '<span class="cb_result_error">' . sprintf(ISOtoUtf8(_UE_EMAIL_INCORRECT_CHECK), htmlspecialchars($email)) . "</span>";
                     } else {
                         return '<span class="cb_result_error">' . sprintf(ISOtoUtf8(_UE_EMAIL_INCORRECT_CHECK_NEEDED), htmlspecialchars($email)) . "</span>";
                     }
                     break;
                 case 1:
                     return '<span class="cb_result_ok">' . sprintf(ISOtoUtf8(_UE_EMAIL_VERIFIED), htmlspecialchars($email)) . "</span>";
                     break;
                 default:
                     return '<span class="cb_result_error">' . sprintf(CBTxt::T('Unexpected cbCheckMail result: %s'), $checkResult) . '.</span>';
                     break;
             }
         }
         return null;
     } else {
         return ISOtoUtf8(_UE_NOT_AUTHORIZED);
     }
 }