}
}
if (getField("users", "count(id)", "where username='******' and teacher_code!={$teacher_code}") != 0) {
fail("Sorry, that username is already taken");
}
$sql = "select * from users where username='******'";
$rs = dbExec($sql);
if ($rs->RecordCount() != 0) {
fail("Sorry, that username is already taken. Try a different one.");
}
// verify password
$password = rt("spassword1");
if ($password == "") {
$password = makeup_password($first_name, $last_name);
} else {
$s = test_password($password, $first_name, $last_name, $username);
if (is_string($s)) {
fail("Sorry, password is inadequate: {$s}");
}
}
if ($teacher_code == "") {
fail("No teacher code provided.");
}
$sql = "select * from users where active=1 and user_type='t' and teacher_code={$teacher_code}";
dbg("sql={$sql}");
$rs = dbExec($sql);
if ($rs->RecordCount() != 1) {
fail("The teacher-code provided is invalid. Please re-enter.");
}
$school_code = $rs->fields("school_code");
create_student($teacher_code, $first_name, $last_name, $username, $password);
}
}
if ($USER == "-") {
while (true) {
$USER = makeup_username($FIRST, $LAST);
if (!isset($usernames[$USER])) {
break;
}
}
$USER;
dbg("made up local unused username: {$USER}");
}
$usernames[$USER] = $lineno + 1;
// password
if ($PASS != "-") {
$s = test_password($PASS, $FIRST, $LAST, $USER);
if (is_string($s)) {
err("The password \"{$PASS}\" {$s}");
$PASS = "******";
}
}
if ($PASS == "-") {
$PASS = makeup_password(6);
dbg("made up password: {$PASS}");
}
// roles
if ($ROLE != "-") {
// look for role entered in $roledata
$c = count($roledata);
for ($i = 1; $i < $c; $i += 3) {
if (lwr($ROLE) == lwr($roledata[$i])) {
}
}
if (empty($_POST["email"])) {
$emailErr = "Email is required";
} else {
$email = test_input($_POST["email"]);
// check if e-mail address is well-formed
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$emailErr = "Invalid email format";
}
}
if (empty($_POST["password"]) || empty($_POST["confirmpassword"])) {
$passwordErr = "Password is required";
} else {
$password = test_password($_POST["password"]);
$confirmpassword = test_password($_POST["confirmpassword"]);
// check password length
if (strlen($password) < 16) {
$passwordErr = "Your password should be at least 16 characters long";
}
// compare password and confirmpassword
if (!$password === $confirmpassword) {
$passwordErr = "Passwords do not match";
}
}
if (empty($_POST["subject"])) {
$subjectErr = "Subject is required";
} else {
$subject = test_input($_POST["subject"]);
}
if (empty($_POST["message"])) {
$error['email_address_2'] = ' error';
}
// Validate the home_page, but only if the field has been entered
// Ensure there is no "http://" and that the url is good by validating it *with* "http://" prepended
if (strlen($_POST['home_page']) != 0 && (preg_match('|^http(s)?://.*$|i', $_POST['home_page']) || !filter_var('http://' . $_POST['home_page'], FILTER_VALIDATE_URL))) {
array_push($error_array, 'The home page URL is not formatted properly. Be sure it does not include the http:// portion.');
$error['home_page'] = ' error';
}
// If we received password change, then check they match and are at least six characters
if (strlen($_POST['password1']) != 0 || strlen($_POST['password2']) != 0) {
if ($_POST['password1'] != $_POST['password2']) {
array_push($error_array, 'Passwords do not match.');
$error['password1'] = ' error';
$error['password2'] = ' error';
}
$password_strength = test_password($_POST['password1']);
if ($password_strength < MIN_PASSWORD_STRENGTH) {
array_push($error_array, 'The password (strength ' . $password_strength . ') must be at least strength ' . MIN_PASSWORD_STRENGTH . '.');
$error['password1'] = ' error';
$error['password2'] = ' error';
} else {
array_push($warn_array, 'The password strength is ' . $password_strength . '. Minimum required is ' . MIN_PASSWORD_STRENGTH . '.');
}
}
// Be sure the membership_date is valid
$membership_date = date_create_from_format('Y-m-d', $_POST['membership_date']);
$membership_date_errors = date_get_last_errors();
if ($membership_date_errors['warning_count'] != 0 || $membership_date_errors['error_count'] != 0) {
array_push($error_array, 'The membership date is invalid or improperly formatted as "YYYY-MM-DD".');
$error['membership_date'] = ' error';
} else {
/**
* Standard modular run function for snippet hooks. Generates XHTML to insert into a page using AJAX.
*
* @return tempcode The snippet
*/
function run()
{
require_code('password_strength');
return make_string_tempcode(strval(test_password(either_param('password'))));
}
