public function proccess($data = NULL, $validations = FALSE)
{
if (is_array($validations)) {
foreach ($validations as $field => $validation) {
if ($validation === "required") {
if (!POST($field)) {
$field = $this->rename($field);
return array("error" => getAlert("{$field} is required"));
}
} elseif ($validation === "email?") {
if (!isEmail(POST($field))) {
return array("error" => getAlert("{$field} is not a valid email"));
}
} elseif ($validation === "injection?") {
if (isInjection(POST($field))) {
return array("error" => getAlert("SQL/HTML injection attempt blocked"));
}
} elseif ($validation === "spam?") {
if (isSPAM(POST($field))) {
return array("error" => getAlert("SPAM prohibited"));
}
} elseif ($validation === "vulgar?") {
if (isVulgar(POST($field))) {
return array("error" => getAlert("Your {$field} is very vulgar"));
}
} elseif ($validation === "ping") {
if (!ping(POST($field))) {
return array("error" => getAlert("Invalid URL"));
}
} elseif (is_string($validation) and substr($validation, 0, 6) === "length") {
$count = (int) substr($validation, 7, 8);
$count = $count > 0 ? $count : 6;
if (strlen(POST($field)) < $count) {
return array("error" => getAlert("{$field} must have at least {$count} characters"));
}
} elseif (isset($field["exists"]) and isset($this->table) and POST("save")) {
if (is_array($validation)) {
$exists = $this->Db->findBy($validation);
if ($exists) {
return array("error" => getAlert("The record already exists"));
}
}
}
}
}
if (is_null($data)) {
$data = array();
}
$POST = POST(TRUE);
foreach ($POST as $field => $value) {
if (!in_array($field, $this->ignore)) {
if (!isset($data[$this->rename($field)])) {
$data[$this->rename($field)] = decode(filter($value, "escape"));
}
}
}
return $data;
}
function main()
{
// Login Form
if (isset($_POST['login'])) {
// handle login
$email = $_POST['email'];
$password = sha1($_POST['password']);
$sql = "SELECT * FROM `customers` WHERE `customer_email`='{$email}' AND `customer_password`='{$password}';";
$result = dbQuery($sql);
if (mysql_num_rows($result) != 1) {
$url = BASE_URL . '/signup';
//@todo create error message
addMessage('نام کاربری یا رمز عبور اشتباه وارد شده است.', FAILURE);
} else {
$user = mysql_fetch_assoc($result);
//@todo save user id in session
//@todo create welcome message
$url = BASE_URL . '/customer';
$spKey = getSpKey();
$_SESSION[$spKey]['customer'] = $user['id'];
$userName = $user['customer_name'];
addMessage($userName . ' عزیز خوش آمدید.', SUCSESS);
}
mysql_free_result($result);
return array('redirect' => $url);
}
// SignUp Form
if (isset($_POST['signup'])) {
$firstName = safeQuery($_POST['firstName']);
$lastName = safeQuery($_POST['lastName']);
$mobile = safeQuery($_POST['mobile']);
$email = safeQuery($_POST['email']);
$password = sha1($_POST['password']);
$gender = $_POST['gender'];
if (isPhone($mobile) && isEmail($email) && !empty(trim($firstName)) && !empty(trim($lastName)) && !empty(trim($mobile)) && !empty(trim($email)) && !empty(trim($password))) {
$sql = "SELECT * FROM `customers` WHERE `customer_email`='{$email}'";
$result = dbQuery($sql);
if (mysql_num_rows($result) == 0) {
$sql = "INSERT INTO `customers`(`customer_name`,`customer_family`,`customer_email`,`customer_password`,`customer_gender`,`customer_mobile`)\n VALUES('{$firstName}','{$lastName}','{$email}','{$password}','{$gender}','{$mobile}')";
$result = dbQuery($sql);
addMessage('ثبت نام شما با موفقیت انجام شد. با آدرس ایمیل و رمز عور انتخابی وارد شوید', SUCSESS);
$url = BASE_URL . '/customer';
} else {
$url = BASE_URL . '/signup';
//@todo create error message
addMessage('آدرس ایمیل واد شده تکراری میباشد، برای بازیابی رمز عبور کلیک کنید.', FAILURE);
}
mysql_free_result($result);
} else {
$url = BASE_URL . '/signup';
//@todo create error message
addMessage('اطلاعات فرم ثبت نام به درستی وارد نشده است.', FAILURE);
}
return array('redirect' => $url);
}
}
public function send()
{
if (!POST("name")) {
return getAlert("You need to write your name");
} elseif (!isEmail(POST("email"))) {
return getAlert("Invalid E-Mail");
} elseif (!POST("message")) {
return getAlert("You need to write a message");
}
$values = array("Name" => POST("name"), "Email" => POST("email"), "Company" => "", "Phone" => "", "Subject" => "", "Message" => POST("message", "decode", FALSE), "Start_Date" => now(4), "Text_Date" => now(2));
$insert = $this->Db->insert($this->table, $values);
if (!$insert) {
return getAlert("Insert error");
}
$this->sendMail();
$this->sendResponse();
return getAlert("Your message has been sent successfully, we will contact you as soon as possible, thank you very much!", "success");
}
/**
* Replaces the emails with a flash text with the email
* @param $match preg_replace match
* @return string Flash html-code
*/
function safeEmailsHelper($match)
{
JS::lib('flashurl', false, false);
JS::loadjQuery(false, false);
static $i = 0;
$i++;
if (count($match) == 2) {
$url = $match[0];
$label = false;
} else {
$url = $match[1];
$label = $match[2];
if (isEmail($label)) {
$label = false;
}
}
$url = base64_encode($url);
return '<span class="flashurl"><object id="flashurl' . $i . '" type="application/x-shockwave-flash" data="lib/swf/flashurl.swf"><param name="FlashVars" value="divID=flashurl' . $i . '&encURL=' . urlencode($url) . ($label ? '&urlLabel=' . $label : '') . '" /><param name="movie" value="/lib/swf/flashurl.swf" /><param name="wmode" value="transparent" /></object></span>';
}
function validation($addmemberclass, $user_id)
{
global $db;
$error = array();
$postvar = $addmemberclass->getPostVar();
$user_id = $_SESSION['USER_ID'];
$first_name = trim($postvar['first_name']);
$last_name = trim($postvar['last_name']);
$email = trim($postvar['email']);
$error = array();
if ($first_name == '') {
$error[1] = "Please Enter First Name ";
} else {
if (strlen($first_name) < 3) {
$error[1] = "Please Enter at least 3 characters";
}
}
if ($last_name == '') {
$error[2] = "Please Enter Last Name ";
} else {
if (strlen($last_name) < 3) {
$error[2] = "Please Enter at least 3 characters";
}
}
if ($email == "") {
$error[3] = "Please Enter Email";
} else {
if (isEmail($email) == 0) {
$error[3] = "Please Enter Valid Email";
} else {
if ($email != "" && $user_id == "") {
$sql_select_email = "SELECT `email` FROM `crm_users` WHERE `email` = '{$email}'";
$res_select_email = $db->select_data($sql_select_email);
if (count($res_select_email) > 0) {
$error[3] = "Email Id already exists";
}
}
}
}
return $error;
}
public function customValidate()
{
if (count($this->errors) == 0) {
if (!isEmail($_POST['email'])) {
$this->errors['email'] = "not_validate";
}
if (isset($_POST['tel'])) {
if (!isTel($_POST['tel'])) {
$this->errors['tel'] = "not_validate";
}
}
if (!$this->checkAvailableUsername($_POST['username'])) {
$this->errors['username'] = "******";
}
}
if (count($this->errors) > 0) {
return false;
} else {
return true;
}
}
protected function isValid()
{
// making sure TA information is valid
$valid = true;
print '<br> validating TA information ....<br>';
if (isEmail($this->email)) {
print " -- Email valid.<br>\n";
} else {
return false;
}
if ($this->fullTime >= 0 and $this->fullTime <= 1) {
print "Fulltime fraction: {$this->fullTime} -- valid.<br>\n";
} else {
print "Fulltime fraction: {$this->fullTime} -- invalid.<br>\n";
return false;
}
if ($this->partTime >= 0 and $this->partTime <= 1) {
print "Parttime fraction: {$this->partTime} -- valid.<br>\n";
} else {
print "Parttime fraction: {$this->partTime} -- invalid.<br>\n";
return false;
}
return $valid;
}
// You may add or edit lines in here.
//
// To make a field not required, simply delete the entire if statement for that field.
//
///////////////////////////////////////////////////////////////////////////
////////////////////////
// Name field is required
if (empty($name)) {
$error .= 'Your name is required.';
}
////////////////////////
////////////////////////
// Email field is required
if (empty($email)) {
$error .= 'Your e-mail address is required.';
} elseif (!isEmail($email)) {
$error .= 'You have entered an invalid e-mail address.';
}
////////////////////////
////////////////////////
// Comments field is required
if (empty($message)) {
$error .= 'You must enter a message to send.';
}
////////////////////////
////////////////////////
// Verification code is required
if ($session_verify != $posted_verify) {
$error .= 'The verification code you entered is incorrect.';
}
////////////////////////
}
if (!defined("PHP_EOL")) {
define("PHP_EOL", "\r\n");
}
$name = $_POST['name'];
$email = $_POST['email'];
$comments = $_POST['comments'];
if (trim($name) == '') {
echo '<div class="error_message">You must enter your name.</div>';
exit;
} else {
if (trim($email) == '') {
echo '<div class="error_message">Please enter a valid email address.</div>';
exit;
} else {
if (!isEmail($email)) {
echo '<div class="error_message">You have entered an invalid e-mail address. Please try again.</div>';
exit;
}
}
}
if (trim($comments) == '') {
echo '<div class="error_message">Please enter your message.</div>';
exit;
}
if (get_magic_quotes_gpc()) {
$comments = stripslashes($comments);
}
// Configuration option.
// Enter the email address that you want to emails to be sent to.
// Example $address = "*****@*****.**";
function isEmail($email)
{
return filter_var($email, FILTER_VALIDATE_EMAIL);
}
if ($_POST) {
// Enter the email where you want to receive the message
$emailTo = '*****@*****.**';
$clientEmail = addslashes(trim($_POST['email']));
$subject = addslashes(trim($_POST['subject']));
$message = addslashes(trim($_POST['message']));
$antispam = addslashes(trim($_POST['antispam']));
$array = array('emailMessage' => '', 'subjectMessage' => '', 'messageMessage' => '', 'antispamMessage' => '');
if (!isEmail($clientEmail)) {
$array['emailMessage'] = 'Invalid email!';
}
if ($subject == '') {
$array['subjectMessage'] = 'Empty subject!';
}
if ($message == '') {
$array['messageMessage'] = 'Empty message!';
}
if ($antispam != '12') {
$array['antispamMessage'] = 'Wrong antispam answer!';
}
if (isEmail($clientEmail) && $subject != '' && $message != '' && $antispam == '12') {
// Send email
$headers = "From: " . $clientEmail . " <" . $clientEmail . ">" . "\r\n" . "Reply-To: " . $clientEmail;
mail($emailTo, $subject . " (bootstrap contact form tutorial)", $message, $headers);
}
echo json_encode($array);
}
$Capped_IP = sizeof($matches[0]) - 1;
$MailCaptured_IPaddy = $matches[0][$Capped_IP];
$IPaddy = "{$MailCaptured_IPaddy} (Email guess)";
if ($DB_DeleteYN == 1) {
imap_delete($conn, $i);
}
$spam_filtered = 0;
if (!isEmpty($DB_SpamHeader)) {
$pos = strpos($subject, $DB_SpamHeader);
if ($pos === false) {
$spam_filtered = 0;
} else {
$spam_filtered = 1;
}
}
if (!UserIsSubscribed($Responder_ID, $Email_Address) && !isInBlacklist($Email_Address) && $spam_filtered == 0 && isEmail($Email_Address)) {
if ($DB_HTML_YN == 1) {
$Set_HTML = 1;
} else {
$Set_HTML = 0;
}
# Get responder info
# MOD for updated GetResponder function
if (!ResponderExists($Responder_ID)) {
admin_redirect();
}
$ResponderInfo = GetResponderInfo($Responder_ID);
// $DB_OptMethod = $ResponderInfo['OptinMethod'];
// if ($DB_OptMethod == "Double") {$DB_Confirm_Join = '1'}
// else {$DB_Confirm_Join = '0';}
# Setup the data
public function register($data = array(), $autoLogin = false, $activationReturnLink = '')
{
if (!is_array($data)) {
return Error::set(lang('Error', 'arrayParameter', 'data'));
}
if (!is_string($activationReturnLink)) {
$activationReturnLink = '';
}
// ------------------------------------------------------------------------------
// CONFIG/USER.PHP AYARLARI
// Config/User.php dosyasında belirtilmiş ayarlar alınıyor.
// ------------------------------------------------------------------------------
$userConfig = $this->config;
$joinTables = $userConfig['joinTables'];
$joinColumn = $userConfig['joinColumn'];
$usernameColumn = $userConfig['usernameColumn'];
$passwordColumn = $userConfig['passwordColumn'];
$emailColumn = $userConfig['emailColumn'];
$tableName = $userConfig['tableName'];
$activeColumn = $userConfig['activeColumn'];
$activationColumn = $userConfig['activationColumn'];
// ------------------------------------------------------------------------------
// Kullanıcı adı veya şifre sütunu belirtilmemişse
// İşlemleri sonlandır.
if (!empty($joinTables)) {
$joinData = $data;
$data = isset($data[$tableName]) ? $data[$tableName] : array($tableName);
}
if (!isset($data[$usernameColumn]) || !isset($data[$passwordColumn])) {
$this->error = lang('User', 'registerUsernameError');
return Error::set($this->error);
}
$loginUsername = $data[$usernameColumn];
$loginPassword = $data[$passwordColumn];
$encodePassword = Encode::super($loginPassword);
$db = uselib('DB');
$usernameControl = $db->where($usernameColumn . ' =', $loginUsername)->get($tableName)->totalRows();
// Daha önce böyle bir kullanıcı
// yoksa kullanıcı kaydetme işlemini başlat.
if (empty($usernameControl)) {
$data[$passwordColumn] = $encodePassword;
if (!$db->insert($tableName, $data)) {
$this->error = lang('User', 'registerUnknownError');
return Error::set($this->error);
}
if (!empty($joinTables)) {
$joinCol = $db->where($usernameColumn . ' =', $loginUsername)->get($tableName)->row()->{$joinColumn};
foreach ($joinTables as $table => $joinColumn) {
$joinData[$table][$joinTables[$table]] = $joinCol;
$db->insert($table, $joinData[$table]);
}
}
$this->error = false;
$this->success = lang('User', 'registerSuccess');
if (!empty($activationColumn)) {
if (!isEmail($loginUsername)) {
$email = $data[$emailColumn];
} else {
$email = '';
}
$this->_activation($loginUsername, $encodePassword, $activationReturnLink, $email);
} else {
if ($autoLogin === true) {
$this->login($loginUsername, $loginPassword);
} elseif (is_string($autoLogin)) {
redirect($autoLogin);
}
}
return true;
} else {
$this->error = lang('User', 'registerError');
return Error::set($this->error);
}
}
returns(error('Error sending mail'));
return false;
}
return true;
};
// Validates data
$validates = function ($json) {
if ($json === NULL) {
returns(error('Body request not found'));
return false;
}
if (!isString($json->{'name'})) {
returns(error('Name field is empty'));
return false;
}
if (!isEmail($json->{'email'})) {
returns(error('E-mail field is empty'));
return false;
}
if (!isString($json->{'password'})) {
returns(error('Password field is empty'));
return false;
}
return true;
};
// Now, read it as a human and execute our orders :)
$theData = $jsonFrom($input());
if ($validates($theData)) {
$token = $saves($theData);
if ($sendmail($token, $theData->{'email'})) {
returns(success());
require_once 'recaptchalib.php';
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
die("<h2>Image Verification failed!. Go back and try again.</h2> (reCAPTCHA said: " . $resp->error . ")");
}
/************************ SERVER SIDE VALIDATION **************************************/
/********** This validation is useful if javascript is disabled in the browswer ***/
if (empty($data['full_name']) || strlen($data['full_name']) < 4) {
$err[] = "ERROR - Invalid name. Please enter at least 3 or more characters for your name";
}
// Validate User Name
if (!isUserID($data['user_name'])) {
$err[] = "ERROR - Invalid user name. It can contain alphabet, number and underscore.";
}
// Validate Email
if (!isEmail($data['usr_email'])) {
$err[] = "ERROR - Invalid email address.";
}
// Check User Passwords
if (!checkPwd($data['pwd'], $data['pwd2'])) {
$err[] = "ERROR - Invalid Password or mismatch. Enter 5 chars or more";
}
$user_ip = $_SERVER['REMOTE_ADDR'];
// stores sha1 of password
$sha1pass = PwdHash($data['pwd']);
// Automatically collects the hostname or domain like example.com)
$host = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);
$path = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
// Generates activation code simple 4 digit number
$activ_code = rand(1000, 9999);
protected function requireParams($required)
{
$params = $this->getParams();
foreach ($required as $param => $type) {
// Ensure required parameters are given
if (endsWith($type, '*')) {
if (isset($params[$param])) {
$type = rtrim($type, "*");
} else {
continue;
}
// Continue to next iteration if optional param is not given
} else {
if (!isset($params[$param])) {
$this->sendResponse(400, ['details' => 'Parameter(s) missing']);
return FALSE;
}
}
// Ensure parameters are valid
$paramsValid = TRUE;
switch ($type) {
case 'int':
$tmp = $params[$param];
if (startsWith($tmp, '-')) {
$tmp = substr($tmp, 1);
}
if (!ctype_digit($tmp)) {
$paramsValid = FALSE;
}
break;
case 'num':
if (!is_numeric($params[$param])) {
$paramsValid = FALSE;
}
break;
case 'str':
if (!is_string($params[$param])) {
$paramsValid = FALSE;
}
break;
case 'arr':
if (!is_array($params[$param])) {
$paramsValid = FALSE;
}
break;
case 'email':
if (!isEmail($params[$param])) {
$paramsValid = FALSE;
}
break;
case 'bool':
if (!in_array($params[$param], ['true', 'false'])) {
$paramsValid = FALSE;
}
break;
default:
die('Invalid parameter type specified');
// *DEV PURPOSES*
}
if (!$paramsValid) {
$this->sendResponse(400, array('details' => 'Invalid parameter(s)'));
return FALSE;
}
}
return TRUE;
}
}
$notifyAdminNewMembers = intval($_POST['notifyAdminNewMembers']);
$custom1 = makeSafe($_POST['custom1']);
$custom2 = makeSafe($_POST['custom2']);
$custom3 = makeSafe($_POST['custom3']);
$custom4 = makeSafe($_POST['custom4']);
$MySQLDateFormat = makeSafe($_POST['MySQLDateFormat']);
$PHPDateFormat = makeSafe($_POST['PHPDateFormat']);
$PHPDateTimeFormat = makeSafe($_POST['PHPDateTimeFormat']);
$groupsPerPage = intval($_POST['groupsPerPage']) ? intval($_POST['groupsPerPage']) : $adminConfig['groupsPerPage'];
$membersPerPage = intval($_POST['membersPerPage']) ? intval($_POST['membersPerPage']) : $adminConfig['membersPerPage'];
$recordsPerPage = intval($_POST['recordsPerPage']) ? intval($_POST['recordsPerPage']) : $adminConfig['recordsPerPage'];
$defaultSignUp = intval($_POST['visitorSignup']);
$anonymousGroup = makeSafe($_POST['anonymousGroup']);
$anonymousMember = makeSafe($_POST['anonymousMember']);
$senderEmail = isEmail($_POST['senderEmail']);
$senderName = makeSafe($_POST['senderName']);
$approvalMessage = makeSafe($_POST['approvalMessage']);
//$approvalMessage=str_replace(array("\r", "\n"), '\n', $approvalMessage);
$approvalSubject = makeSafe($_POST['approvalSubject']);
// save changes
if (!($fp = @fopen($conFile, "w"))) {
errorMsg("Couldn't create the file '{$conFile}'. Please make sure the directory is writeable (Try chmoding it to 755 or 777).");
include "{$d}/incFooter.php";
} else {
fwrite($fp, "<?php\n\t");
fwrite($fp, "\$adminConfig['adminUsername']='******';\n\t");
fwrite($fp, "\$adminConfig['adminPassword']='******';\n\t");
fwrite($fp, "\$adminConfig['notifyAdminNewMembers']={$notifyAdminNewMembers};\n\t");
fwrite($fp, "\$adminConfig['defaultSignUp']={$defaultSignUp};\n\t");
fwrite($fp, "\$adminConfig['anonymousGroup']='{$anonymousGroup}';\n\t");
function validation($addmemberclass)
{
global $db;
$error = array();
$postvar = $addmemberclass->getPostVar();
$first_name = mysql_real_escape_string(trim($postvar['first_name']));
$last_name = mysql_real_escape_string(trim($postvar['last_name']));
$email = mysql_real_escape_string(trim($postvar['email']));
$userid = mysql_real_escape_string(trim($postvar['userid']));
$password = mysql_real_escape_string(trim($postvar['password']));
$usertype = trim($postvar['user_type']);
$error = array();
if ($first_name == "") {
$error[1] = "*Please Enter First Name ";
} else {
if (isSpecial($first_name) == 1) {
$error[1] = "*Enter Valid Character";
} else {
if (strlen($first_name) < 3) {
$error[1] = "*Please Enter at least 3 characters";
}
}
}
if ($last_name == "") {
$error[2] = "*Please Enter Last Name ";
} else {
if (isSpecial($last_name) == 1) {
$error[2] = "*Enter Valid Character";
} else {
if (strlen($last_name) < 3) {
$error[2] = "*Please Enter at least 3 characters";
}
}
}
if ($email == "") {
$error[3] = "*Please Enter Email";
} else {
if (isEmail($email) == 0) {
$error[3] = "*Please Enter Valid Email";
} else {
if ($email != "") {
$sql_select_email = "SELECT `email` FROM `crm_users` WHERE `email` = '{$email}'";
$res_select_email = $db->select_data($sql_select_email);
if (count($res_select_email) > 0) {
$error[3] = "*Email Id already exists";
}
}
}
}
if ($password == "") {
$error[4] = "*Please Enter Password";
} else {
if (strlen($password) < 7) {
$error[4] = "*Please Enter at least 7 characters";
}
}
if ($userid == "") {
$error[5] = "*Please Enter UserID";
} else {
if (strlen($userid) < 5) {
$error[5] = "*Please Enter at least 5 characters";
} else {
if ($userid != "") {
$sql_select_userid = "SELECT `userid` FROM `crm_users` WHERE `userid` = '{$userid}'";
$res_select_userid = $db->select_data($sql_select_userid);
if (count($res_select_userid) > 0) {
$error[5] = "*UserId already exists. Try Other.";
}
}
}
}
if ($usertype == "") {
$error[6] = "*Please Select User Type.";
}
/*if($password != $cpassword)
{
$error[13] = "Password & Confirm Password does not match";
}
if($resume_path != '')
{
if(!($resume_type=='application/pdf' ||$resume_type=='application/octet-stream'))
{
$error[14]="Please Select '.Pdf/.doc/.docx' file";
}
}
if($logo_path != '')
{
if(isImage($logo_type))
{
$error[15] = isImage($logo_type);
}
}
if($birthdate == "")
{
$error[16] = "Please Enter Birth Date. ";
}*/
return $error;
}
$cargo = '';
$company = '';
$tel = '';
$cel = '';
$message = '';
$receiver_email = '';
// Get the name
if (trim(esc_attr($_POST['contact_name'])) === '') {
$error_name = true;
} else {
$name = trim(esc_attr($_POST['contact_name']));
}
// Get the email
if (trim(esc_attr($_POST['contact_email'])) === '' || !isEmail($_POST['contact_email']) || !is_email($_POST['contact_email'])) {
$error_email = true;
} else {
$email = trim(esc_attr($_POST['contact_email']));
}
if (trim(esc_attr($_POST['contact_ruc'])) === '') {
$error_ruc = true;
} else {
$ruc = trim(esc_attr($_POST['contact_ruc']));
}
if ($_POST['contact_asunto'] === '') {
$error_asunto = true;
} else {
$asunto = $_POST['contact_asunto'];
$postName = stripslashes($postName);
$postName = trim($postName);
$textArea = addslashes($_POST['textArea']);
$textArea = htmlspecialchars($textArea);
$textArea = stripslashes($textArea);
$textArea = trim($textArea);
//validate email
function isEmail($postEmail)
{
return preg_match("/[0-9a-z_]+@[0-9a-z_^\\.]+\\.[a-z]{2,3}/i", $postEmail);
}
if ($postEmail == '') {
$log .= "<li></li>";
$error = "yes";
} else {
if (!isEmail($postEmail)) {
$log .= "<li>Please fill the form!</li>";
$error = "yes";
}
}
//if all ok
if ($error == "no") {
// Proceed with PHP email
$to = "*****@*****.**";
//Write your email
$mes = "New Message!\n" . "Email: {$postEmail}\n" . "Name: {$postName}\n" . "Message: {$textArea}";
$from = 'mysite.com';
$sub = '=?utf-8?B?' . base64_encode('Feedback') . '?=';
$headers = 'From: ' . $from . '
';
$headers .= 'MIME-Version: 1.0
inf_resp_message_box('That address is already in the blacklist!');
} else {
$query = "INSERT INTO " . $infrespblacklist . " (EmailAddress) VALUES ('{$address}')";
$DB_result = mysql_query($query) or die("Invalid query: " . mysql_error());
// print "<br /><center><strong>Address added!</strong></center><br />\n";
inf_resp_message_box('Address blacklisted!');
# Remove from subscriber and custom fields tables
$query = "DELETE FROM " . $infrespsubscribers . " WHERE EmailAddress = '{$address}'";
$DB_result = mysql_query($query) or die("Invalid query: " . mysql_error());
$query = "DELETE FROM " . $infrespcustomfields . " WHERE email_attached = '{$address}'";
$DB_result = mysql_query($query) or die("Invalid query: " . mysql_error());
}
# Back button
// $return_action = "list";
// include('templates/back_button.blacklist.php');
} elseif ($action == "remove" && isEmail($address)) {
# Delete from blacklist
$query = "DELETE FROM " . $infrespblacklist . " WHERE EmailAddress = '{$address}'";
$DB_result = mysql_query($query) or die("Invalid query: " . mysql_error());
inf_resp_message_box('Address unblacklisted!');
# Print msg
// print "<br /><center><strong>Address deleted!</strong></center><br />\n";
# Back button
// $return_action = "list";
// include('templates/back_button.blacklist.php');
}
# MOD to display in all cases anyway
// else {
$query = "SELECT * FROM " . $infrespblacklist;
$DB_result = mysql_query($query) or die("Invalid query: " . mysql_error());
if (mysql_num_rows($DB_result) > 0) {
$phone_contact = $_POST['phone_contact'];
$message_contact = $_POST['message_contact'];
$verify_contact = $_POST['verify_contact'];
if (trim($name_contact) == '') {
echo '<div class="error_message">You must enter your Name.</div>';
exit;
} else {
if (trim($lastname_contact) == '') {
echo '<div class="error_message">You must enter your Last name.</div>';
exit;
} else {
if (trim($email_contact) == '') {
echo '<div class="error_message">Please enter a valid email address.</div>';
exit;
} else {
if (!isEmail($email_contact)) {
echo '<div class="error_message">You have enter an invalid e-mail address, try again.</div>';
exit;
} else {
if (trim($phone_contact) == '') {
echo '<div class="error_message">Please enter a valid phone number.</div>';
exit;
} else {
if (!is_numeric($phone_contact)) {
echo '<div class="error_message">Phone number can only contain numbers.</div>';
exit;
} else {
if (trim($message_contact) == '') {
echo '<div class="error_message">Please enter your message.</div>';
exit;
} else {
function isEmail($email)
{
return preg_match("/^[-_.[:alnum:]]+@((([[:alnum:]]|[[:alnum:]][[:alnum:]-]*[[:alnum:]])\\.)+(ad|ae|aero|af|ag|ai|al|am|an|ao|aq|ar|arpa|as|at|au|aw|az|ba|bb|bd|be|bf|bg|bh|bi|biz|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|com|coop|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|edu|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gh|gi|gl|gm|gn|gov|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|in|info|int|io|iq|ir|is|it|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mil|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|museum|mv|mw|mx|my|mz|na|name|nc|ne|net|nf|ng|ni|nl|no|np|nr|nt|nu|nz|om|org|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|pro|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw)\$|(([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5])\\.){3}([0-9][0-9]?|[0-1][0-9][0-9]|[2][0-4][0-9]|[2][5][0-5]))\$/i", $email);
}
if ($_POST) {
// Enter the email where you want to receive the message
$emailTo = '*****@*****.**';
// Enter succes message
$varSucces = '*Message has been sent!';
$clientName = trim($_POST['name']);
$clientEmail = trim($_POST['email']);
$message = trim($_POST['message']);
$subject = "New message from your site";
$array = array('nameMessage' => '', 'emailMessage' => '', 'messageMessage' => '');
if ($clientName == '') {
$array['nameMessage'] = '*Please enter your name.';
}
if (!isEmail($clientEmail)) {
$array['emailMessage'] = '*Please insert a valid email address.';
}
if ($message == '') {
$array['messageMessage'] = '*Please enter your message.';
}
if ($clientName != '' && isEmail($clientEmail) && $message != '') {
$array['succes'] = $varSucces;
// Send email
$headers = "From: " . $clientName . " <" . $clientEmail . ">" . "\r\n" . "Reply-To: " . $clientEmail;
mail($emailTo, $subject, $message, $headers);
}
echo json_encode($array);
}
function notifyMemberApproval($memberID)
{
$adminConfig = config('adminConfig');
$memberID = strtolower($memberID);
$email = sqlValue("select email from membership_users where lcase(memberID)='{$memberID}'");
if (!isEmail($email)) {
return FALSE;
}
if (!@mail($email, $adminConfig['approvalSubject'], $adminConfig['approvalMessage'], "From: " . $adminConfig['senderName'] . " <" . $adminConfig['senderEmail'] . ">")) {
return FALSE;
}
return TRUE;
}
!$emails && ajaxExport('mail_is_empty');
$hash = appkey($winduid);
$invite_url = $db_bbsurl . '/u.php?a=invite&uid=' . $winduid . '&hash=' . $hash;
$invite->sendInviteEmail($emails);
ajaxExport('success');
} elseif ($step == 'sendinvitecode') {
S::gp(array('value', 'invcodes', 'extranote'), 'GP');
if (!is_array($value)) {
$emails = explode(',', str_replace(array("\r", "\n"), array('', ','), $value));
}
count($emails) > 20 && ajaxExport('mail_limit');
strlen($extranote) > 200 && ajaxExport('mode_o_extra_toolang');
if ($emails) {
foreach ($emails as $key => $email) {
$emails[$key] = trim($email);
if (!$email || !isEmail($email)) {
unset($emails[$key]);
}
}
}
!$emails && ajaxExport('mail_is_empty');
$invcodes = explode(',', trim($invcodes, ','));
$invlink = '';
foreach ($invcodes as $key => $value) {
$invlink .= '<a href=\\"' . $db_bbsurl . '/' . $db_registerfile . '?invcode=' . $value . '\\">' . $db_bbsurl . '/' . $db_registerfile . '?invcode=' . $value . '</a><br>';
}
$invite->sendInviteCode($emails);
ajaxExport('success');
} elseif ($step == 'simple') {
//* require_once pwCache::getPath(D_P . 'data/bbscache/dbreg.php');
extract(pwCache::getData(D_P . 'data/bbscache/dbreg.php', false));
protected function isValid()
{
// making sure student information is valid
$valid = true;
print '<br> validating student information ....<br>';
if (isName($this->firstName)) {
print " -- First Name valid.<br>\n";
} else {
return false;
}
if (isName($this->lastName)) {
print " -- Last Name valid.<br>\n";
} else {
return false;
}
if (isEmail($this->email)) {
print " -- Email valid.<br>\n";
} else {
return false;
}
if (isEmail($this->advisorEmail)) {
print " -- Advisor Email valid.<br>\n";
} else {
return false;
}
if (isEmail($this->supervisorEmail) or $this->supervisorEmail == "?") {
print " -- Supervisor Email valid.<br>\n";
} else {
return false;
}
if ($this->year > 1970 and $this->year < 2020) {
print "Number is a year: {$this->year} -- Year valid.<br>\n";
} else {
print "Number is not a year: {$this->year}.<br>\n";
return false;
}
return $valid;
}
}
@session_name('Northwind');
@session_start();
$_REQUEST['Embedded'] = 1;
/* to prevent displaying the navigation bar */
$x = new StdClass();
$x->TableTitle = $Translation['Setup Data'];
/* page title */
if (!$test) {
include_once "{$curr_dir}/header.php";
}
if ($submit || $test) {
/* receive posted data */
if ($submit) {
$username = setup_allowed_username($_POST['username']);
$email = isEmail($_POST['email']);
$password = $_POST['password'];
$confirmPassword = $_POST['confirmPassword'];
}
$db_name = str_replace('`', '', $_POST['db_name']);
$db_password = $_POST['db_password'];
$db_server = $_POST['db_server'];
$db_username = $_POST['db_username'];
/* validate data */
$errors = array();
if ($submit) {
if (!$username) {
$errors[] = $Translation['username invalid'];
}
if (strlen($password) < 4 || trim($password) != $password) {
$errors[] = $Translation['password invalid'];
} else {
return $email;
}
}
}
}
// Validation
if (isset($_POST['valid']) && $_POST['valid'] == "1") {
$login_adh = $_POST['login'];
//if field contain the character @ we consider that is an email
if (strpos($login_adh, '@') !== FALSE) {
$query = "SELECT login_adh from " . PREFIX_DB . "adherents where email_adh=" . txt_sqls($login_adh);
$result =& $DB->Execute($query);
$login_adh = $result->fields[0];
}
$email_adh = isEmail($login_adh);
//send the password
if ($email_adh != "") {
$query = "SELECT id_adh from " . PREFIX_DB . "adherents where login_adh=" . txt_sqls($login_adh);
$result =& $DB->Execute($query);
if ($result->EOF) {
$warning_detected = _T("There is no password for user :"******" \"" . $login_adh . "\"";
//TODO need to clean die here
} else {
$id_adh = $result->fields[0];
}
//make temp password
$tmp_passwd = makeRandomPassword(7);
$hash = md5($tmp_passwd);
//delete old tmp_passwd
$query = "DELETE FROM " . PREFIX_DB . "tmppasswds";
<div class="alert alert-danger">
<?php
echo $Translation['password reset invalid'];
?>
</div>
<?php
}
include_once "{$currDir}/footer.php";
exit;
}
#_______________________________________________________________________________
# Step 2: Send email to member containing the reset link
#_______________________________________________________________________________
if ($_POST['reset']) {
$username = makeSafe(strtolower(trim($_POST['username'])));
$email = isEmail(trim($_POST['email']));
if (!$username && !$email || $username == $adminConfig['adminUsername']) {
redirect("membership_passwordReset.php?emptyData=1");
exit;
}
?>
<div class="page-header"><h1><?php
echo $Translation['password reset'];
?>
</h1></div><?php
$where = '';
if ($username) {
$where = "lcase(memberID)='{$username}'";
} elseif ($email) {
$where = "email='{$email}'";
}
$time = date('d-m-Y H:i:s');
//Returns IST
// Get the first name
if (trim($_POST['f_name']) === '') {
$error_f_name = true;
} else {
$f_name = trim($_POST['f_name']);
}
// Get the last name
if (trim($_POST['l_name']) === '') {
$error_l_name = true;
} else {
$l_name = trim($_POST['l_name']);
}
// Get the email
if (trim($_POST['email']) === '' || !isEmail($_POST['email'])) {
$error_email = true;
} else {
$email = trim($_POST['email']);
}
// Get the company_name
if (trim($_POST['company_name']) === '') {
$error_company_name = true;
} else {
$company_name = trim($_POST['company_name']);
}
// Get the im_service
if (trim($_POST['im_service']) === '') {
$error_im_service = true;
} else {
$im_service = trim($_POST['im_service']);
function handdl($username, $password, $fs = 1, $rid = 2)
{
$username = addslashes($username);
if (isEmail($username)) {
$dlfs = '2';
} else {
$dlfs = '0';
}
if ($fs == 1) {
$res = uc_user_login($username, $password, $dlfs, 0);
if ($res['0'] <= 0) {
//RES
if ($res['0'] == -1) {
if ($rid != 1) {
return "FALSE";
} else {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = '用户不存在,或者被删除';
return $remsg;
}
} elseif ($res['0'] == -2) {
if ($rid != 1) {
return "FALSE";
} else {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = '密码错';
return $remsg;
}
} else {
if ($rid != 1) {
return "FALSE";
} else {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = '未定义';
return $remsg;
}
}
//RES
} else {
$uid = $res['0'];
$username = $res['1'];
$uemail = $res['3'];
echo uc_user_synlogin($uid);
if ($rid != 1) {
return 'TRUE';
} else {
$remsg['jg'] = "TRUE";
$remsg['uid'] = $uid;
$remsg['username'] = $username;
$remsg['email'] = $uemail;
$remsg['txt'] = '登陆成功';
return $remsg;
}
}
} else {
if ($fs == 2) {
if ($dlfs == '2') {
include "../BTSUHAND/dorun/Run_Mysql.php";
$sqluc = mysql_query("SELECT `uid`,`username` FROM `pre_ucenter_members` WHERE `email`='" . $username . "' ", $linka);
if (empty($sqluc)) {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = '用户不存在';
return $remsg;
}
$infouc = mysql_fetch_object($sqluc);
if ($infouc == "") {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = '用户不存在';
return $remsg;
}
if (!isset($infouc->uid)) {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = '用户不存在';
return $remsg;
}
$username = $infouc->username;
}
if ($data = uc_get_user($username)) {
//list($uid, $username, $email) = $data;
$uid = $data['0'];
echo uc_user_synlogin($uid);
if ($rid != 1) {
return "TRUE";
} else {
$remsg['jg'] = "TRUE";
$remsg['uid'] = $uid;
$remsg['username'] = $username;
$remsg['email'] = 'cant';
$remsg['txt'] = '登陆成功';
return $remsg;
}
} else {
if ($rid != 1) {
return "FALSE";
} else {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = '用户不存在';
return $remsg;
}
}
} else {
if ($fs == 3) {
if ($dlfs == '2') {
$umsgi = QCBDUser($username, 4, 'none');
$username = $umsgi['Iusername'];
}
if ($data = uc_get_user($username)) {
//list($uid, $username, $email) = $data;
$uid = $data['0'];
echo uc_user_synlogin($uid);
if ($rid != 1) {
return $uid;
} else {
$remsg['jg'] = "TRUE";
$remsg['uid'] = $uid;
$remsg['username'] = $username;
$remsg['email'] = $uemail;
$remsg['txt'] = '登陆成功';
return $remsg;
}
} else {
if ($rid != 1) {
return "FALSE";
} else {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = '用户不存在';
return $remsg;
}
}
} else {
if ($rid != 1) {
return "FALSE";
} else {
$remsg['jg'] = "FALSE";
$remsg['username'] = $username;
$remsg['txt'] = 'Faild!';
return $remsg;
}
}
}
}
}
