static function register() { if (!MValidate::password(MGet::string('pass'))) { return mapi_report('Invalid password.'); } if (MGet::string('pass') !== MGet::string('pass_repeat')) { return mapi_report('Passwords do not match.'); } $user = MObject::create('user'); $user->set_username(MGet::string('user')); $user->set_name(MGet::string('name')); $user->set_email(MGet::string('email')); $reg_group = MObject::get('preference', 'new_user_default_group'); $group = null; if (!$reg_group || $reg_group->get_value()) { $group = 3; } if ($reg_group->get_value() < 1 || $reg_group->get_value() > 3) { $group = 3; } if (!$group) { $group = $reg_group->get_value(); } $user->set_group_id($group); $user->set_activation(urlencode(MCrypt::encrypt(mapi_random(24)))); $user->set_enabled(0); $user->add(MGet::string('pass')); if (0 == MMessaging::any_errors() + MMessaging::any_warnings()) { self::send_reg_email($user); $_POST['user'] = ''; $_POST['name'] = ''; $_POST['email'] = ''; } }
static function do_login() { if (!self::cookie_support()) { return null; } $current_visitor = self::details(); if (!isset($current_visitor['ip']) || !isset($current_visitor['browser'])) { return null; } $user = new M_User(MGet::string('user'), true); if ($user && $user->is_enabled() && $user->compare_pass(MGet::string('pass'))) { if (strlen($user->get_username()) > 0) { $username = $user->get_username(); } else { return null; } $msession = mapi_random(24); $time = date_format(new DateTime('now'), 'Y-m-d H:i:s'); $rand = $username . ' ' . $msession; self::send_auth_cookie($rand, $time, $current_visitor['browser']); $user->update_lastlogin($rand, $time, $current_visitor['browser']); header('Location: ' . $_SERVER['REQUEST_URI']); exit(0); } mapi_report_message('Invalid username/password.', 'error'); }
function mapi_csrf_value() { session_regenerate_id(); $csrf = mapi_random(24); $_SESSION['mapi_csrf'] = $csrf; return $csrf; }