public static function register($username, $password, $firstName, $lastName, $email)
{
global $db;
$username = $db->real_escape_string($username);
$password = password_hash($db->real_escape_string($password), PASSWORD_BCRYPT, ['cost' => 12]);
$firstName = $db->real_escape_string($firstName);
$lastName = $db->real_escape_string($lastName);
$email = $db->real_escape_string($email);
if (validString([$username, $password, $firstName, $lastName, $email])) {
if (!self::fieldValueExists('username', $username)) {
$newUser = new User();
$newUser->username = $username;
$newUser->password = $password;
$newUser->firstName = $firstName;
$newUser->lastName = $lastName;
$newUser->email = $email;
$newUser->type = 'user';
return $newUser;
}
}
return false;
}
<?php
$root = './..';
require $root . '/../app/initialize.php';
$navSelect = $pageTitle = 'contact';
if (isset($_POST['send'])) {
$name = trim($db->real_escape_string($_POST['name']));
$email = trim($db->real_escape_string($_POST['email']));
$msg = trim($db->real_escape_string($_POST['message']));
if (validString([$name, $email, $msg])) {
$mail = SiteMail::write($name, $email, $msg);
if ($mail && $mail->save()) {
$session->message("Message sent successfully!");
redirect('index.php');
} else {
$error = "Failed to send message.";
}
} else {
$error = "Please fill out all fields.";
}
} else {
$name = "";
$email = "";
$msg = "";
}
?>
<?php
includeFile('site/header.php');
?>
<?php
$root = './..';
require $root . '/../app/initialize.php';
if (isset($_POST['register'])) {
$firstName = trim($_POST['firstName']);
$lastName = trim($_POST['lastName']);
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$repassword = trim($_POST['repassword']);
$email = trim($_POST['email']);
if (validString([$firstName, $lastName, $username, $password, $repassword, $email])) {
if ($password == $repassword) {
$newUser = User::register($username, $password, $firstName, $lastName, $email);
if ($newUser && $newUser->save()) {
$session->message("You are registered and can now log in.");
redirect('login.php');
} else {
$error = "Failed to register {$username} to the database.";
}
} else {
$error = "Passwords do not match.";
}
} else {
$error = "Please fill out all fields.";
}
} else {
$firstName = "";
$lastName = "";
$username = "";
$email = "";
function getAlerts()
{
global $message, $error;
if (validString($message)) {
echo "<p><span class='glyphicon glyphicon-ok-circle message-color' aria-hidden='true'></span> " . $message . "</p>";
}
if (validString($error)) {
echo "<p><span class='glyphicon glyphicon-remove-circle error-color' aria-hidden='true'></span> " . $error . "</p>";
}
}
<?php
$root = './../..';
require $root . '/../app/initialize.php';
$user = User::get();
if (isset($_POST['send'])) {
$toID = 1;
$msg = trim($db->real_escape_string($_POST['message']));
if (is_int($toID) && validString($msg)) {
// Check if toID exists
if (User::IDExists($toID)) {
$mail = UserMail::write($toID, $msg);
if ($mail && $mail->save()) {
$session->message("Message sent!");
redirect('compose.php');
} else {
$error = "Failed to send message.";
}
} else {
$error = "Message not sent because user does not exists.";
}
} else {
$error = "Please fill out all fields.";
}
}
?>
<?php
includeFile('site/header.php');
?>
<?php
$root = './../../..';
require $root . '/../app/initialize.php';
$pageTitle = 'New Blog Post';
$navSelect = 'blog';
$user = User::get('admin');
if (isset($_POST['post'])) {
$title = trim($db->real_escape_string($_POST['title']));
$keywords = trim($db->real_escape_string($_POST['keywords']));
$article = trim($db->real_escape_string($_POST['article']));
if (validString([$title, $article])) {
$post = Blog::post($title, $article, $keywords);
if ($post && $post->save()) {
$session->message("Posted to blog successfully!");
redirect('index.php');
} else {
$error = "Failed posting to the blog.";
}
} else {
$error = "Please fill out all fields.";
}
} else {
$title = "";
$keywords = "";
$article = "";
}
?>
<?php
includeFile('site/header.php');
} else {
if (!strcmp($action, "func")) {
/* ACTION: Change state of the monitor. Parms: <mid><func><en> */
if (!canEdit('Monitors')) {
logXmlErr("User " . $user['Username'] . " doesn't have monitors Edit perms");
exit;
}
if (!isset($_GET['mid']) || !isset($_GET['func']) || !isset($_GET['en'])) {
logXmlErr("Not all parameters specified for action Monitor state");
exit;
}
$mid = validInteger($_GET['mid']);
if (!isMonitor($mid)) {
exit;
}
$url = "./index.php?view=none&action=function&mid=" . $mid . "&newFunction=" . validString($_GET['func']) . "&newEnabled=" . validString($_GET['en']);
header("Location: " . $url);
exit;
} else {
if (!strcmp($action, "vlog")) {
/* ACTION: View log file. Must have debug and log to file enabled, and sufficient perms
* Parms: [lines] */
if (!canEdit('System')) {
logXmlErr("Insufficient permissions to view log file");
echo "Insufficient permissions to view log file";
exit;
}
if (!ZM_EYEZM_DEBUG || !ZM_EYEZM_LOG_TO_FILE) {
echo "eyeZm Debug (EYEZM_DEBUG) or log-to-file (EYEZM_LOG_TO_FILE) not enabled. Please enable first";
exit;
}
$lname = $_POST['lname'];
} else {
print "<p>Please enter a valid last name.</p>";
$isValid = false;
}
$email = "";
if (validString($_POST['email'])) {
$email = $_POST['email'];
} else {
print "<p>Please enter a valid email.</p>";
$isValid = false;
}
*/
$phonenumber = "";
if (validString($_POST['phonenumber'])) {
$phonenumber = $_POST['phonenumber'];
} else {
print "<p>Please enter a valid phone number.</p>";
$isValid = false;
}
// check if apptype is valid
$apptype = "";
if (isset($_POST['apptype']) and validAppType($_POST['apptype'])) {
$apptype = $_POST['apptype'];
} else {
print "<p>Please select an application type.</p>";
$isValid = false;
}
// check if activities are valid
$activitiesChosen[] = NULL;
