function addUser($username, $email, $password, $avatar, $steamid)
{
//Check if user exists
$checkLogin = checkUserLogin($username);
if ($checkLogin == FALSE) {
//Loginname doesn't exist
//Check if email exists
$checkEmail = checkEmail($email);
if ($checkEmail == FALSE) {
//Email doesn't exist
$thisUser = new User();
$thisUser->username = $username;
$thisUser->loginname = $username;
$thisUser->password = encryptPassword($password);
$thisUser->email = $email;
$thisUser->avatar = $avatar;
$thisUser->steamid = $steamid;
$thisUser->save();
return TRUE;
} else {
//Email exists
return FALSE;
}
} else {
//Loginname exists
return FALSE;
}
}
function registerFormValidate($email, $username, $passwd, $cpasswd, $phone)
{
$msg = "";
// if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
// $msg = " Please Enter a valid email id.";
// }
if (existAccount($username)) {
$msg .= " Try a different username.";
}
if (checkEmail($email)) {
$msg .= " Invalid email format";
} else {
if (existEmail($email)) {
$msg .= " Email already taken up.";
}
}
if (existPhone($phone)) {
$msg .= " Phone number already registered.";
}
if ($passwd != $cpasswd) {
$msg .= " Confirm password doesn't match with password.";
} else {
if (strlen($passwd) < 6) {
$msg .= " Password should be atleast 6 characters long.";
}
}
if ($msg == "") {
$valid = 1;
} else {
$valid = $msg;
}
return $valid;
}
function userCheck($uname, $email, $pass, $vpass)
{
global $myxoopsConfigUser;
$xoopsDB =& Database::getInstance();
$stop = '';
if (!checkEmail($email)) {
$stop .= _US_INVALIDMAIL . '<br />';
}
foreach ($myxoopsConfigUser['bad_emails'] as $be) {
if (!empty($be) && preg_match('/' . $be . '/i', $email)) {
$stop .= _US_INVALIDMAIL . '<br />';
break;
}
}
if (strrpos($email, ' ') > 0) {
$stop .= _US_EMAILNOSPACES . '<br />';
}
$uname = xoops_trim($uname);
$restrictions = array(0 => '/[^a-zA-Z0-9\\_\\-]/', 1 => '/[^a-zA-Z0-9\\_\\-\\<\\>\\,\\.\\$\\%\\#\\@\\!\\\'\\"]/', 2 => '/[\\000-\\040]/');
$restriction = $restrictions[$myxoopsConfigUser['uname_test_level']];
if (empty($uname) || preg_match($restriction, $uname)) {
$stop .= _US_INVALIDNICKNAME . '<br />';
}
if (strlen($uname) > $myxoopsConfigUser['maxuname']) {
$stop .= sprintf(_US_NICKNAMETOOLONG, $myxoopsConfigUser['maxuname']) . '<br />';
}
if (strlen($uname) < $myxoopsConfigUser['minuname']) {
$stop .= sprintf(_US_NICKNAMETOOSHORT, $myxoopsConfigUser['minuname']) . '<br />';
}
foreach ($myxoopsConfigUser['bad_unames'] as $bu) {
if (!empty($bu) && preg_match('/' . $bu . '/i', $uname)) {
$stop .= _US_NAMERESERVED . '<br />';
break;
}
}
if (strrpos($uname, ' ') > 0) {
$stop .= _US_NICKNAMENOSPACES . '<br />';
}
$u_handler =& xoonips_getormhandler('xoonips', 'xoops_users');
$criteria = new Criteria('uname', addslashes($uname));
if ($u_handler->getCount($criteria) > 0) {
$stop .= _US_NICKNAMETAKEN . "<br />";
}
if ($email) {
$criteria = new Criteria('email', addslashes($email));
if ($u_handler->getCount($criteria) > 0) {
$stop .= _US_EMAILTAKEN . "<br />";
}
}
if (!isset($pass) || $pass == '' || !isset($vpass) || $vpass == '') {
$stop .= _US_ENTERPWD . '<br />';
}
if (isset($pass) && $pass != $vpass) {
$stop .= _US_PASSNOTSAME . '<br />';
} elseif ($pass != '' && strlen($pass) < $myxoopsConfigUser['minpass']) {
$stop .= sprintf(_US_PWDTOOSHORT, $myxoopsConfigUser['minpass']) . '<br />';
}
return $stop;
}
function checkVar_user_email(&$value)
{
if ($value) {
//メール形式のチェックは既に行っているが、メッセージを判りやすく
if (!checkEmail($value)) {
$this->setErrors(_LANG_WPF_ERR_CORRECT);
return false;
}
}
}
function valCamps($Email, $Message)
{
if (empty($Email) || empty($Message)) {
echo '<div class="alert alert-warning" role="alert">check the inputs</div>';
} else {
if (!checkEmail($Email)) {
echo '<div class="alert alert-success" role="alert">Message Send</div>';
} else {
echo '<div class="alert alert-warning" role="alert">Check the Email</div>';
}
}
}
function signup()
{
//connect to database
require 'mysql.php';
$fname = mysql_real_escape_string($_POST['fname']);
$lname = mysql_real_escape_string($_POST['lname']);
$email = mysql_real_escape_string($_POST['email']);
$pkey = 'Torah';
$hash = crypt($email . $pkey);
$sql = "INSERT INTO maillist (fname, lname, email, hash)\nVALUES\n('{$fname}','{$lname}','{$email}', '{$hash}')";
$sqlcheck = "SELECT email FROM maillist WHERE email ='{$email}' ";
$query = mysql_query($sqlcheck, $con);
// validate submission
if (!empty($_POST["email"]) && checkEmail($_POST["email"]) && mysql_num_rows($query) == 0) {
$to = $email;
$subject = "You have been added to the mailing list!";
$body = 'Dear ' . $fname . ',<br /><br />' . 'Thank you for joining my mailing list. <br /><br />' . 'Sincerely,<br /><br />' . 'Marty Goodman' . '<br /><br />' . '<a href="http://bais-mordechai.com/unsubscribe.php?u=' . $hash . '">Unsubscribe</a>';
$message = '
<html>
<head>
<title>You have been added to the mailing list!</title>
</head>
<body>' . $body . '</body>
</html>
';
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
$headers .= "From:Marty@bais-mordechai.com\r\n";
mail($to, $subject, $message, $headers);
$to = "*****@*****.**";
$subject = "New Member";
$body = "Name = " . $_POST["fname"] . " " . $_POST["lname"] . "\n\n" . "Email = " . $_POST["email"];
mail($to, $subject, $body, $headers);
mysql_query($sql);
echo '<h3>You have been added to the mailing list.</h3>';
} else {
$query = mysql_query($sqlcheck, $con);
if (empty($_POST["email"])) {
echo '<h3>You must enter an e-mail address</h3>';
} else {
if (!checkEmail($_POST["email"])) {
echo '<h3>Please enter a valid e-mail address.</h3>';
} else {
if (mysql_num_rows($query) > 0) {
echo '<h3>You are already on the mailing list.</h3>';
}
}
}
echo '<br /><a href="MailList.php">Back</a>';
}
mysql_close($con);
}
/**
* Verify Input on add
*/
function verifyUserModInput($userModDetails)
{
# real name must be entered
if (!$userModDetails['real_name']) {
$errors[] = _('Real name field is mandatory!');
}
# Both passwords must be same
if ($userModDetails['password1'] != $userModDetails['password2']) {
$errors[] = _("Passwords do not match!");
}
# pass must be at least 8 chars long for non-domain users
if ($userModDetails['domainUser'] != 1) {
if (strlen($userModDetails['password1orig']) < 8 && strlen($userModDetails['password1orig']) != 0) {
$errors[] = _("Password must be at least 8 characters long!");
} else {
if ($userModDetails['action'] == "add" && strlen($userModDetails['password1orig']) < 8) {
$errors[] = _("Password must be at least 8 characters long!");
}
}
}
# email format must be valid
if (!checkEmail($userModDetails['email'])) {
$errors[] = _("Invalid email address!");
}
# username must not already exist (if action is add)
if ($userModDetails['action'] == "add") {
global $db;
# get variables from config file
$database = new database($db['host'], $db['user'], $db['pass'], $db['name']);
# open db connection
$query = 'select * from users where username = "******";';
# set query and fetch results
/* execute */
try {
$details = $database->getArray($query);
} catch (Exception $e) {
$error = $e->getMessage();
die("<div class='alert alert-error'>" . _('Error') . ": {$error}</div>");
}
# user already exists
if (sizeof($details) != 0) {
$errors[] = _("User") . " " . $userModDetails['username'] . " " . _("already exists!");
}
}
# return errors
return $errors;
}
function send_message()
{
global $xoopsModule, $xoopsModuleConfig, $xoopsUser;
$name = rmc_server_var($_POST, 'name', '');
$email = rmc_server_var($_POST, 'email', '');
$company = rmc_server_var($_POST, 'company', '');
$phone = rmc_server_var($_POST, 'phone', '');
$subject = rmc_server_var($_POST, 'subject', '');
$message = rmc_server_var($_POST, 'message', '');
if ($name == '' || $email == '' || !checkEmail($email) || $subject == '' || $message == '') {
redirect_header($xoopsModuleConfig['url'], 1, __('Please fill all required fileds before to send this message!', 'contact'));
die;
}
// Recaptcha check
if (!RMEvents::get()->run_event('rmcommon.captcha.check', true)) {
redirect_header($xoopsModuleConfig['url'], 1, __('Please check the security words and write it correctly!', 'contact'));
die;
}
$xoopsMailer =& getMailer();
$xoopsMailer->useMail();
$xoopsMailer->setBody($message . "\n--------------\n" . __('Message sent with ContactMe!', 'contact') . "\n" . $xoopsModuleConfig['url']);
$xoopsMailer->setToEmails($xoopsModuleConfig['mail']);
$xoopsMailer->setFromEmail($email);
$xoopsMailer->setFromName($name);
$xoopsMailer->setSubject($subject);
if (!$xoopsMailer->send(true)) {
redirect_header($xoopsModuleConfig['url'], 1, __('Message could not be delivered. Please try again.', 'contact'));
die;
}
// Save message on database for further use
$msg = new CTMessage();
$msg->setVar('subject', $subject);
$msg->setVar('ip', $_SERVER['REMOTE_ADDR']);
$msg->setVar('email', $email);
$msg->setVar('name', $name);
$msg->setVar('org', $company);
$msg->setVar('body', $message);
$msg->setVar('phone', $phone);
$msg->setVar('register', $xoopsUser ? 1 : 0);
if ($xoopsUser) {
$msg->setVar('xuid', $xoopsUser->uid());
}
$msg->setVar('date', time());
$msg->save();
redirect_header(XOOPS_URL, 1, __('Your message has been sent successfully!', 'contact'));
}
function upload_contacts($file)
{
$file_handle = fopen($file, "r");
$count = 0;
while (!feof($file_handle)) {
$line_of_text = fgetcsv($file_handle, 1024);
$row['subscriber_email_address'] = $line_of_text[0];
$row['subscriber_newsletter_agree'] = 1;
$row['subscriber_date_added'] = time();
$row['subscriber_name'] = $line_of_text[1];
if (checkEmail($line_of_text[0])) {
dbPerform('subscribers', $row, 'insert');
}
$count++;
}
fclose($file_handle);
return $count;
}
function validateEmail($email)
{
if ($email == '') {
$_SESSION['error']['email'] = 'email should not be blank';
return false;
} else {
$emailRegEx = '/^[_A-Za-z0-9-\\+]+(\\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\\.[A-Za-z0-9]+)*(\\.[A-Za-z]{2,})$/';
if (preg_match($emailRegEx, $email)) {
$checkEmail = checkEmail($email);
if ($checkEmail === false) {
$_SESSION['error']['email'] = 'user already exists';
return false;
} else {
return true;
}
} else {
$_SESSION['error']['email'] = 'enter valid email';
return false;
}
}
}
/**
* Created by Yogesh on 11/30/2015.
*
*/
function relinquishContacts($contact)
{
$phone = "";
$website = "";
$email = "";
if ($contact != "null") {
$contacts = explode(',', $contact);
foreach ($contacts as $value) {
if (checkWebsite($value)) {
$website = $value;
} else {
if (checkEmail($value)) {
$email = $value;
} else {
$phone = $value;
}
}
}
}
return array($phone, $email, $website);
}
function validate_fields()
{
/* Make sure the name field is filled in from the form. */
if (empty($_POST['name'])) {
$response_array['status'] = 'name error';
$response_array['message'] = '<div class="alert alert-error">Name is blank</div>';
} else {
if (!checkEmail($_POST['email'])) {
$response_array['status'] = 'check email error';
$response_array['message'] = '<div class="alert alert-error">Email is blank or invalid</div>';
return false;
} else {
if (empty($_POST['message'])) {
$response_array['status'] = 'message error';
$response_array['message'] = '<div class="alert alert-error">Message is blank</div>';
return false;
} else {
return true;
}
}
}
}
function getConfirmView()
{
global $xoopsConfig;
$myts =& MyTextSanitizer::getInstance();
$usersName = $myts->stripSlashesGPC($this->utils->getPost('usersName', ''));
$usersEmail = $myts->stripSlashesGPC($this->utils->getPost('usersEmail', ''));
$usersComments = $myts->stripSlashesGPC($this->utils->getPost('usersComments', ''));
//チケットの確認
// if(!$ticket_check = $this->ticket->check())
if (!($ticket_check = $this->ticket->check(true, '', false))) {
return _MD_XMOBILE_TICKET_ERROR;
}
if (!checkEmail($usersEmail)) {
return _MD_XMOBILE_INVALIDMAIL;
}
$detail4html = '';
if ($usersName !== '' && $usersEmail !== '' && $usersComments !== '') {
$subject = $xoopsConfig['sitename'] . ' - ' . _MD_XMOBILE_FROM_MOBILE . _CT_CONTACTFORM;
$adminMessage = "";
$adminMessage .= sprintf(_CT_SUBMITTED, $usersName) . "\n";
$adminMessage .= _CT_EMAIL . " " . $usersEmail . "\n";
$adminMessage .= "HTTP_USER_AGENT:" . $_SERVER['HTTP_USER_AGENT'] . "\n";
$adminMessage .= _CT_COMMENTS . "\n";
$adminMessage .= $usersComments . "\n";
$xoopsMailer =& getMailer();
$xoopsMailer->useMail();
$xoopsMailer->setToEmails($xoopsConfig['adminmail']);
$xoopsMailer->setFromEmail($usersEmail);
$xoopsMailer->setFromName($xoopsConfig['sitename']);
$xoopsMailer->setSubject($subject);
$xoopsMailer->setBody($adminMessage);
$xoopsMailer->send();
// $detail4html .= sprintf(_CT_MESSAGESENT,$xoopsConfig['sitename']).'<br />'._CT_THANKYOU;
$detail4html .= _CT_THANKYOU;
} else {
$detail4html .= _MD_XMOBILE_SENDMAIL_FAILED . '<br />';
}
$this->controller->render->template->assign('item_detail', $detail4html);
}
public function checkLogin()
{
$is_bind = I("post.is_bind", 0, 'int');
$pwd = I('post.pwd');
$username = I('post.username');
if (checkEmail($username) == 'true') {
$info = M("user")->field("id,nickname")->where("email = '" . $username . "' AND pwd = '" . md5($pwd) . "'")->find();
} else {
$info = M("user")->field("id,nickname")->where("name = '" . $username . "' AND pwd = '" . md5($pwd) . "'")->find();
}
if (empty($info)) {
echo json_encode(array("error" => "您输入的用户名/邮箱/密码无效。"));
exit;
} else {
$userid = $info['id'];
}
$nickname = $info['nickname'];
$tip = "登录成功!";
if ($is_bind == 1) {
//若是绑定
$openid = getSessionCookie("openid");
if ($openid) {
$field = getSessionCookie("field");
$userinfo = M("user")->field('id,name')->where("" . $field . "= '" . $openid . "'")->find();
if (!$userinfo) {
//没有的话绑定账号,送积分和发广告,有绑定的话直接登录
// 绑定账号
M('user')->where("id = " . $userid . "")->save(array($field => $openid));
emptySessionCookie('type');
emptySessionCookie('openid');
}
}
}
setSessionCookie("userid", $userid);
setSessionCookie("username", getNickname($username, $nickname));
echo json_encode(array("username" => $username, "userid" => $userid, "avatar" => getUserAvatar($userid), "tip" => $tip, "error" => ""));
}
/**
* Handles lost password requests.
*
* @param string $username Entered username
* @param string $email Entered email address
*
* @return Bengine_Game_Account_Password_Lost
*/
public function __construct($username, $email)
{
$this->username = $username;
$this->email = $email;
$mode = 1;
if (!$this->getUsername()) {
$mode = 0;
}
if (!checkEmail($this->getEmail())) {
$this->printIt("EMAIL_INVALID");
}
$result = Core::getQuery()->select("user", array("userid", "username"), "", Core::getDB()->quoteInto("email = ?", $this->getEmail()));
if ($result->rowCount() <= 0) {
$this->printIt("EMAIL_NOT_FOUND");
}
$row = $result->fetchRow();
$result->closeCursor();
Core::getLanguage()->assign("username", $row["username"]);
Core::getLanguage()->assign("ipaddress", IPADDRESS);
Hook::event("LostPassword", array($this, &$row));
if ($mode == 0) {
$this->message = new Recipe_Email_Template("lost_password_username");
} else {
if (Str::compare($this->getUsername(), $row["username"])) {
$reactivate = BASE_URL . Core::getLang()->getOpt("langcode") . "/signup/activation/key:" . $this->getSecurityKey();
$url = BASE_URL . Core::getLang()->getOpt("langcode") . "/password/set/key:" . $this->getSecurityKey() . "/user:"******"userid"];
Core::getTemplate()->assign("newPasswordUrl", $url);
Core::getTemplate()->assign("reactivationUrl", $reactivate);
$this->message = new Recipe_Email_Template("lost_password_password");
$this->setNewPw();
} else {
$this->printIt("USERNAME_DOES_NOT_EXIST");
}
}
$this->sendMail($mode);
return;
}
$name = cleanInput($_POST['name']);
$email = cleanInput($_POST['email']);
$phone = cleanInput($_POST['phone']);
$shirt = cleanInput($_POST['shirt']);
$password1 = cleanInput($_POST['password1']);
$password2 = cleanInput($_POST['password2']);
if (empty($name)) {
$e = "Name required!";
} else {
if (empty($email)) {
$e = "Email required!";
} else {
if (empty($phone)) {
$e = "Phone required!";
} else {
if (!checkEmail($email)) {
$e = "Invalid Email";
} else {
if (isEmailUsed($email)) {
$e = "Email already used!";
} else {
if ($password1 != $password2) {
$e = "Passwords do not match!";
} else {
createUser($name, $email, $phone, $shirt, $password1);
$s = "User " . $email . " created!";
}
}
}
}
}
<?php
/**
* Script to verify posted data for mail notif
*************************************************/
/* include required scripts */
require_once '../../functions/functions.php';
/* @mail functions ------------------- */
include_once '../../functions/functions-mail.php';
/* check referer and requested with */
CheckReferrer();
/* verify that user is authenticated! */
isUserAuthenticated();
/* verify mail recipients - multiple mails can be separated with ; */
$recipients_temp = explode(",", $_REQUEST['recipients']);
foreach ($recipients_temp as $rec) {
//verify each email
if (!checkEmail($rec)) {
$errors[] = $rec;
}
}
# if no errors send mail
if (!$errors) {
if (!sendIPnotifEmail($_REQUEST['recipients'], $_REQUEST['subject'], $_REQUEST['content'])) {
print '<div class="alert alert-error">' . _('Sending mail failed') . '!</div>';
} else {
print '<div class="alert alert-success">' . _('Sending mail succeeded') . '!</div>';
}
} else {
print '<div class="alert alert-error">' . _('Wrong recipients! (separate multiple with ,)') . '</div>';
}
function VerifyEmailAddress($EmailAddress, $i, $Errors)
{
if (mb_strlen($EmailAddress) > 55 and !checkEmail($EmailAddress)) {
$Errors[$i] = InvalidEmailAddress;
}
return $Errors;
}
/**
* Send lost password activation email request. If the email address does not exist, do nothing
*/
function rpass_activate()
{
global $db, $_pre, $_mail;
$email = $_POST['rpass_email'];
if (!checkEmail($email)) {
system_messages(0, 'Email address invalid!');
return;
}
$query = "SELECT * FROM {$_pre}users WHERE email='{$email}' LIMIT 1";
$db->setQuery($query);
if ($db->foundRows > 0) {
$row = $db->fetch_assoc();
//Is the owner of this email address banned...?
if ($row['activated'] == -1) {
system_messages(2, 'Your account has been blocked by the administrators, you cannot activate it!', 'true');
return;
}
//Send activation email now first we need to generate another key before sending and another password
$key = md5(time());
$pass = random_string();
$enc_pass = encrypt_password($pass);
$query = "UPDATE {$_pre}users SET activation_key='{$key}' WHERE email='{$email}'";
$db->setQuery($query);
require_once 'lib' . DS . 'mail' . DS . 'mail.php';
$subject = 'CodeZone account new password request';
$message = "{$row['nick_name']},\nYou or someone claiming to be you has requested a new password for the CodeZone account using this email address ({$email}). To reset your password, please click on the link below or cut and paste in your browser's location bar.\n Link: http://{$_SERVER['HTTP_HOST']}{$_SERVER['SCRIPT_NAME']}?a=register&do=rpass_make_active&r=" . base64_encode($row['registration_no']) . "&k={$key}&p=" . base64_encode($enc_pass) . "\nOnce you click on the link, you will login with the following details:\nLogin Name (Registration No): {$row['registration_no']}\nPassword: {$pass}\nPlease change your password once you log in for security purposes. If you are having any problems then do not hesitate to contact the admin at {$_mail}.\n\nWishing you all the best at CodeZone\n\nAdmin";
mailSend(array($email), $subject, $message);
system_messages(1, 'An activation link has been sent to your email addresss', 'true');
} else {
//Even if the email address does not exist, we notify the user that it has been sent. Maybe it's somebody just trying the system
system_messages(1, 'Activation email has been sent');
}
}
redirect_header(XOOPS_URL . '/', 3, _US_SELECTNG);
exit;
}
$errors = array();
if ($op == 'saveuser') {
if (!$xoopsGTicket->check(true, 'saveuser', false)) {
redirect_header(XOOPS_URL . '/', 3, $xoopsGTiket->getErrors());
exit;
}
$request_vars = array('realname' => array('s', true), 'email' => array('s', false), 'url' => array('s', true), 'user_sig' => array('s', true), 'user_viewemail' => array('i', false), 'password' => array('s', true), 'vpass' => array('s', true), 'attachsig' => array('i', false), 'timezone_offset' => array('f', true), 'umode' => array('s', true), 'uorder' => array('i', true), 'notify_method' => array('i', true), 'notify_mode' => array('i', true), 'user_intrest' => array('s', true), 'user_mailok' => array('i', true), 'address' => array('s', true), 'company_name' => array('s', true), 'division' => array('s', true), 'tel' => array('s', true), 'country' => array('s', true), 'zipcode' => array('s', true), 'fax' => array('s', true), 'notice_mail' => array('i', true), 'posi' => array('i', true), 'appeal' => array('s', true), 'usecookie' => array('i', false));
foreach ($request_vars as $key => $meta) {
list($type, $is_required) = $meta;
${$key} = $formdata->getValue('post', $key, $type, $is_required);
}
if ($myxoopsConfigUser['allow_chgmail'] == 1) {
if (is_null($email) || $email == '' || !checkEmail($email)) {
$errors[] = _US_INVALIDMAIL;
}
}
if ($vpass != '' && $password != $vpass) {
$errors[] = _US_PASSNOTSAME;
}
if ($password != '' && strlen($password) < $myxoopsConfigUser['minpass']) {
$errors[] = sprintf(_US_PWDTOOSHORT, $myxoopsConfigUser['minpass']);
}
if ($notice_mail < 0) {
$errors[] = _MD_XOONIPS_ACCOUNT_NOTICE_MAIL_TOO_LITTLE;
}
// acquire required flags of XooNIps user information
$val = '';
$required = array();
if (isset($_POST['reg'])) {
$msg = "";
//validate the username
if (empty($_POST['uname'])) {
$msg .= "Please enter a user name.<br>";
}
if (!checkuname($_POST['uname'])) {
$msg = "Please enter a valid user name.<br> ";
}
//now we check the email address
//check if the email address is empty
if (empty($_POST['email'])) {
$msg .= " Please enter a email address.<br> ";
}
//Next we check if the email address has a valid format
if (!checkEmail($_POST['email'])) {
$msg = "Please enter a valid email address.<br>";
}
//now we check the password
//first we check that both password fields are filled in
if (empty($_POST['pass1'])) {
$msg .= " Please enter a password.<br> ";
}
if (empty($_POST['pass2'])) {
$msg .= " Please enter a valid confirmation password. <br>";
}
//now we check to see if the passwords match
if ($_POST['pass1'] !== $_POST['pass2']) {
$msg .= " Your password does not match the confirmation password please check and try again. <br>";
}
//check captcha
public function regsAction()
{
$model = new PageModel();
if (isPost()) {
$regCode = $model->getRegCode(post('code'));
if ($regCode->id or true) {
// TODO забрати "OR true"
$data['nickname'] = post('nickname');
if (checkLenght(post('nickname'), 3, 16) && !$model->getUserByNickname(post('nickname'))) {
$data['nickname'] = post('nickname');
} else {
$this->view->error = 'Incorrect "Nickname" or exist';
}
if (checkEmail(post('email')) && !$model->getUserByEmail(post('email'))) {
$data['email'] = post('email');
} else {
$this->view->error = 'Incorrect "E-mail" or exist';
}
if (checkLenght(post('password'), 6, 20)) {
$data['password'] = md5(post('password'));
} else {
$this->view->error = 'Incorrect "Password"';
}
if (checkLenght(post('password_re'), 6, 20)) {
if (post('password') != post('password_re')) {
$this->view->error = 'Passwords do not match';
}
} else {
$this->view->error = 'Incorrect "Repeat password"';
}
if (post('rules') != 'yes') {
$this->view->error = 'You must agree to Rules';
}
if (post('terms') != 'yes') {
$this->view->error = 'You must accept Terms and Conditions';
}
//$data['referral'] = $regCode->uid; // TODO ref system
$data['dateLast'] = time();
$data['dateReg'] = time();
if (!$this->view->error) {
$uid = $model->insert('users', $data);
if ($uid) {
setSession('user', $uid, false);
//$model->deleteRegCode($regCode->id);
redirect(url($uid));
} else {
$this->view->error = 'Error Registration';
}
}
} else {
$this->view->error = 'Incorrect "Registration code"';
}
}
$code = Request::getUriOptions()[0];
if ($code) {
$_POST['code'] = $code;
}
$this->view->title = Lang::translate('REG_TITLE');
}
//Hashing has worked.
//Add the entry and go to the login page.
$sql = "INSERT INTO Users (name, password, email) VALUES ('{$username}', '{$password}', '{$email}')";
$query = mysqli_query($conn, $sql);
if (!$query) {
echo $conn->error;
} else {
header("location: {$host}");
}
} else {
if (checkUsername($username)) {
//Username exists
$output .= "<p>That username is already in use.</p>";
echo $output;
} else {
if (checkEmail($email)) {
//User has account
$output .= "<p>That email is already in use.</p>";
echo $output;
} else {
if (strlen($password) < 20) {
//Password too short
$output .= "<p>Something went wrong.</p>";
echo $output;
}
}
}
}
$conn->close();
} else {
if (strlen($_POST['name']) < 4) {
} else {
mysql_query("UPDATE users SET settings = '{$sets};BG~{$bg};' WHERE username = '******'");
}
}
$confirmpass = secureString($_POST['currpass']);
$pass = md5(secureForDB($_POST['pass']));
$email = secureForDB($_POST['email']);
if (isset($_POST['cnfrm'])) {
if (isset($confirmpass)) {
if (md5($confirmpass) == $p1) {
if ($pass != "") {
// Change password
mysql_query("UPDATE users SET password = '******' WHERE username = '******'");
echo "<center><font color=green>The password for your account\n has been changed!</font></center>";
}
if (isset($email) && checkEmail($email)) {
// Change email address
$query = mysql_query("UPDATE users SET email = '{$email}' WHERE username = '******'");
echo "If you ever forget your password, you can now use the password reset feature.<br> Just click the link that says \"Forgot Password?\" on the login page.";
} elseif ($email != "") {
echo "<font color=red>The email address you have entered is invalid!</font>";
}
} else {
die("<center><font color=red>The password you have entered is invalid!</font></center>");
}
}
}
if (isset($_POST['perPage'])) {
$amountPP = secureForDB($_POST['amountPerPage']);
mysql_query("UPDATE users SET gamesPerPage = '{$amountPP}' WHERE username = '******'");
redirect(0, "settings.php");
/* functions */
if (!function_exists("getSubnetDetailsById")) {
require_once '../../functions/functions.php';
}
/* @mail functions ------------------- */
include_once '../../functions/functions-mail.php';
# First chech referer and requested with
CheckReferrer();
/* get all posted variables */
$request = $_POST;
/* first get subnet details */
$subnet = getSubnetDetailsById($request['subnetId']);
$subnet2 = $subnet;
//for later check
$subnet['subnet'] = Transform2long($subnet['subnet']);
$subnet = $subnet['subnet'] . "/" . $subnet['mask'];
/* verify email */
if (!checkEmail($request['requester'])) {
die('<div class="alert alert-danger alert-nomargin alert-norounded">' . _('Please provide valid email address') . '! (' . _('requester') . ': <del>' . $request['requester'] . '</del>)</div>');
}
if (addNewRequest($request)) {
print '<div class="alert alert-success alert-nomargin alert-norounded">' . _('Request submitted successfully') . '!</div>';
# send mail
if (!sendIPReqEmail($request)) {
print '<div class="alert alert-danger alert-nomargin alert-norounded">' . _('Sending mail for new IP request failed') . '!</div>';
} else {
print '<div class="alert alert-success alert-nomargin alert-norounded">' . _('Sending mail for IP request succeeded') . '!</div>';
}
} else {
print '<div class="alert alert-danger alert-nomargin alert-norounded">' . _('Error submitting new IP address request') . '!</div>';
}
$newsnumber = getmoduleoption('storyhome');
header('Content-Type:text/xml; charset=utf-8');
$story = new NewsStory();
$tpl = new XoopsTpl();
$tpl->xoops_setCaching(2);
$tpl->xoops_setCacheTime(0);
if (!$tpl->is_cached('db:system_rss.html')) {
$sarray = $story->getAllPublished($newsnumber, 0, $restricted, $topicid);
if (is_array($sarray) && count($sarray) > 0) {
$tpl->assign('channel_title', xoops_utf8_encode(htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES)));
$tpl->assign('channel_link', XOOPS_URL . '/');
$tpl->assign('channel_desc', xoops_utf8_encode(htmlspecialchars($xoopsConfig['slogan'], ENT_QUOTES)));
$tpl->assign('channel_lastbuild', formatTimestamp(time(), 'rss'));
$tpl->assign('channel_webmaster', checkEmail($xoopsConfig['adminmail'], true));
// Fed up with spam
$tpl->assign('channel_editor', checkEmail($xoopsConfig['adminmail'], true));
// Fed up with spam
$tpl->assign('channel_category', 'News');
$tpl->assign('channel_generator', 'XOOPS');
$tpl->assign('channel_language', _LANGCODE);
$tpl->assign('image_url', XOOPS_URL . '/images/logo.gif');
$dimention = getimagesize(XOOPS_ROOT_PATH . '/images/logo.gif');
if (empty($dimention[0])) {
$width = 88;
} else {
$width = $dimention[0] > 144 ? 144 : $dimention[0];
}
if (empty($dimention[1])) {
$height = 31;
} else {
$height = $dimention[1] > 400 ? 400 : $dimention[1];
<p>
<a href="../home/home.html">Back To Home</a>
</p>
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
# collect input data
$address = $_POST['address'];
$email = $_POST['email'];
$phone = $_POST['phone'];
if (!empty($address) && !empty($phone) && !empty($email)) {
$address = prepareInput($address);
$email = prepareInput($email);
$phone = prepareInput($phone);
if (checkAddress($address) && checkPhone($phone) && checkEmail($email)) {
error_reporting(E_ALL);
$db_host = "localhost";
$db_user = "******";
$db_pass = "******";
$db_name = "mysql";
$con = mysqli_connect($db_host, $db_user, $db_pass, $db_name);
// Check connection
if (mysqli_connect_errno()) {
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$sql = "select * from members where Email='{$email}'";
$result = $con->query($sql);
if (!$result) {
die('Error: ' . mysqli_error($con));
}
$image = '';
}
$item['description'] = XoopsLocal::convert_encoding(htmlspecialchars($image . $post->content(true), ENT_QUOTES));
$item['pubdate'] = formatTimestamp($post->getVar('pubdate'), 'rss');
$item['guid'] = $post->permalink();
$rss_items[] = $item;
}
break;
case 'all':
default:
$rss_channel['title'] = sprintf(__('Posts in %s', 'mywords'), $xoopsConfig['sitename']);
$rss_channel['link'] = XOOPS_URL . ($config->permalinks ? $config->basepath : '/modules/mywords');
$rss_channel['description'] = __('All recent published posts', 'mywords');
$rss_channel['lastbuild'] = formatTimestamp(time(), 'rss');
$rss_channel['webmaster'] = checkEmail($xoopsConfig['adminmail'], true);
$rss_channel['editor'] = checkEmail($xoopsConfig['adminmail'], true);
$rss_channel['category'] = 'Blog';
$rss_channel['generator'] = 'Common Utilities';
$rss_channel['language'] = RMCLANG;
// Get posts
$posts = MWFunctions::get_posts(0, 10);
$rss_items = array();
foreach ($posts as $post) {
$item = array();
$item['title'] = $post->getVar('title');
$item['link'] = $post->permalink();
$img = new RMImage();
$img->load_from_params($post->getVar('image', 'e'));
if (!$img->isNew()) {
$image = '<img src="' . $img->url() . '" alt="' . $post->getVar('title') . '" /><br />';
} else {
/**
* Check a user's uname, email, password and password verification
*
* @param object $user {@link XoopsUser} to check
*
* @return string
*/
function userCheck(&$user)
{
global $xoopsModuleConfig;
$is_admin = is_object($GLOBALS["xoopsUser"]) && $GLOBALS["xoopsUser"]->isAdmin();
$is_admin_user = $is_admin && $user->getVar("uid") == $GLOBALS["xoopsUser"]->getVar("uid");
$stop = '';
if (!checkEmail($user->getVar('email'))) {
$stop .= _PROFILE_MA_INVALIDMAIL . '<br />' . print_r($user->getVar('email'));
}
if (!$is_admin) {
foreach ($xoopsModuleConfig['bad_emails'] as $be) {
if (!empty($be) && preg_match("/" . $be . "/i", $user->getVar('email'))) {
$stop .= _PROFILE_MA_INVALIDMAIL . '<br />' . print_r($user->getVar('email'));
break;
}
}
}
if (strrpos($user->getVar('email'), ' ') > 0) {
$stop .= _PROFILE_MA_EMAILNOSPACES . '<br />';
}
switch ($xoopsModuleConfig['uname_test_level']) {
case 0:
// strict
$restriction = '/[^a-zA-Z0-9\\_\\-]/';
break;
case 1:
// medium
$restriction = '/[^a-zA-Z0-9\\_\\-\\<\\>\\,\\.\\$\\%\\#\\@\\!\\\'\\"]/';
break;
case 2:
// loose
$restriction = '/[\\000-\\040]/';
break;
}
if ($user->getVar('loginname') == "" || preg_match($restriction, $user->getVar('loginname')) && !$is_admin_user) {
$stop .= _PROFILE_MA_INVALIDNICKNAME . "<br />";
}
// if ($user->getVar('name') == "" || preg_match($restriction, $user->getVar('name'))) {
// $stop .= _PROFILE_MA_INVALIDDISPLAYNAME."<br />";
// }
if (!$is_admin_user) {
if (strlen($user->getVar('loginname')) > $xoopsModuleConfig['max_uname']) {
$stop .= sprintf(_PROFILE_MA_NICKNAMETOOLONG, $xoopsModuleConfig['max_uname']) . "<br />";
}
if (strlen($user->getVar('uname')) > $xoopsModuleConfig['max_uname']) {
$stop .= sprintf(_PROFILE_MA_DISPLAYNAMETOOLONG, $xoopsModuleConfig['max_uname']) . "<br />";
}
if (strlen($user->getVar('loginname')) < $xoopsModuleConfig['min_uname']) {
$stop .= sprintf(_PROFILE_MA_NICKNAMETOOSHORT, $xoopsModuleConfig['min_uname']) . "<br />";
}
if (strlen($user->getVar('uname')) < $xoopsModuleConfig['min_uname']) {
$stop .= sprintf(_PROFILE_MA_DISPLAYNAMETOOSHORT, $xoopsModuleConfig['min_uname']) . "<br />";
}
}
foreach ($xoopsModuleConfig['bad_unames'] as $bu) {
if (empty($bu) || $is_admin_user) {
continue;
}
if (preg_match("/" . $bu . "/i", $user->getVar('loginname'))) {
$stop .= _PROFILE_MA_NAMERESERVED . "<br />";
break;
}
if (preg_match("/" . $bu . "/i", $user->getVar('uname'))) {
$stop .= _PROFILE_MA_DISPLAYNAMERESERVED . "<br />";
break;
}
}
if (strrpos($user->getVar('loginname'), ' ') > 0) {
$stop .= _PROFILE_MA_NICKNAMENOSPACES . "<br />";
}
// if (strrpos($user->getVar('name'), ' ') > 0) {
// $stop .= _PROFILE_MA_DISPLAYNAMENOSPACES."<br />";
// }
$member_handler =& xoops_gethandler('member');
$count_criteria = new Criteria('loginname', $user->getVar('loginname'));
$display_criteria = new Criteria('uname', $user->getVar('uname'));
if ($user->getVar('uid') > 0) {
//existing user, so let's keep the user's own row out of this
$count_criteria = new CriteriaCompo($count_criteria);
$display_criteria = new CriteriaCompo($display_criteria);
$useridcount_criteria = new Criteria('uid', $user->getVar('uid'), '!=');
$useriddisplay_criteria = new Criteria('uid', $user->getVar('uid'), '!=');
$count_criteria->add($useridcount_criteria);
$display_criteria->add($useriddisplay_criteria);
}
$count = $member_handler->getUserCount($count_criteria);
$display_count = $member_handler->getUserCount($display_criteria);
unset($count_criteria);
unset($display_criteria);
if ($count > 0) {
$stop .= _PROFILE_MA_NICKNAMETAKEN . "<br />";
}
if ($display_count > 0) {
$stop .= _PROFILE_MA_DISPLAYNAMETAKEN . "<br />";
}
$count = 0;
if ($user->getVar('email')) {
$count_criteria = new Criteria('email', $user->getVar('email'));
if ($user->getVar('uid') > 0) {
//existing user, so let's keep the user's own row out of this
$count_criteria = new CriteriaCompo($count_criteria);
$count_criteria->add(new Criteria('uid', $user->getVar('uid'), '!='));
}
$count = $member_handler->getUserCount($count_criteria);
unset($count_criteria);
if ($count > 0) {
$stop .= _PROFILE_MA_EMAILTAKEN . "<br />";
}
}
return $stop;
}
if (!$xoopsUser || $xoopsModuleConfig['allow_chgmail'] != 1) {
redirect_header(XOOPS_URL, 2, _NOPERM);
}
include XOOPS_ROOT_PATH . "/header.php";
if (!isset($_POST['submit'])) {
//show change password form
include_once XOOPS_ROOT_PATH . "/class/xoopsformloader.php";
$form = new XoopsThemeForm(_PROFILE_MA_CHANGEMAIL, 'form', 'changemail.php', 'post', true);
$form->addElement(new XoopsFormText(_PROFILE_MA_NEWMAIL, 'newmail', 15, 50), true);
$form->addElement(new XoopsFormButton('', 'submit', _SUBMIT, 'submit'));
$form->display();
} else {
//compute unique key
$key = md5(substr($xoopsUser->getVar("pass"), 0, 5));
if (!isset($_REQUEST['oldmail'])) {
if (!checkEmail($_POST['newmail'])) {
redirect_header('changemail.php', 2, _PROFILE_MA_INVALIDMAIL);
} else {
//send email to new email address with key
$xoopsMailer =& getMailer();
$xoopsMailer->useMail();
$xoopsMailer->setTemplateDir(XOOPS_ROOT_PATH . "/modules/" . $xoopsModule->getVar('dirname') . "/language/" . $xoopsConfig['language'] . "/mail_template");
$xoopsMailer->setTemplate('changemail.tpl');
$xoopsMailer->assign("SITENAME", $xoopsConfig['sitename']);
$xoopsMailer->assign("ADMINMAIL", $xoopsConfig['adminmail']);
$xoopsMailer->assign("SITEURL", XOOPS_URL . "/");
$xoopsMailer->assign("IP", $_SERVER['REMOTE_ADDR']);
$xoopsMailer->assign("NEWEMAIL_LINK", XOOPS_URL . "/modules/profile/changemail.php?code=" . $key);
$xoopsMailer->setToEmails($_POST['newemail']);
$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
$xoopsMailer->setFromName($xoopsConfig['sitename']);
