private function validateRegistration() { loadLibrary("validation.lib"); $user = secure($_POST["username"]); $display = secure($_POST["display"]); $pass1 = secure($_POST["pass1"]); $pass2 = secure($_POST["pass2"]); $email1 = secure($_POST["email1"]); $email2 = secure($_POST["email2"]); $res = valid_username($user); if ($res !== true) { $this->errors[] = $res; } $res = valid_displayname($display); if ($res !== true) { $this->errors[] = $res; } if ($pass1 !== $pass2) { $this->errors[] = "passwords_dont_match"; } else { $res = valid_password($pass1); if ($res !== true) { $this->errors[] = $res; } } if ($email1 !== $email2) { $this->errors[] = "emails_dont_match"; } else { $res = valid_email($email1); if ($res !== true) { $this->errors[] = $res; } } // Validate these next two for the most protective method. if ($_POST["hideemail"] == "no") { $hideemail = false; } else { $hideemail = true; } if ($_POST["receiveemail"] == "yes") { $receiveemail = true; } else { $receiveemail = false; } // Check ToS box if (!$_POST["tos"]) { $this->errors[] = "tos_not_checked"; } if (count($this->errors) == 0) { // Add the user global $yakbb; $yakbb->db->insert("users", array("id" => 0, "username" => $user, "displayname" => $display, "password" => sha256($pass1), "email" => $email1, "emailshow" => $hideemail ? 0 : 1, "emailoptin" => $receiveemail ? 1 : 0, "activated" => 1, "activationcode" => "", "pending" => 0, "registeredtime" => time(), "lastip" => $yakbb->ip, "template" => $yakbb->config["default_template"], "language" => $yakbb->config["default_language"], "timezone" => $yakbb->config["default_timezone"])); redirect("?action=login®=true"); } }
function insert_user($userdat) { // Creates a new user on the forum global $yakbb; // List fields that this function can provide. $valid_fields = array("username", "displayname", "password", "email", "emailshow", "emailoptin"); $required_fields = array("username", "password", "email"); // Validate that ONLY these fields are provided. Then, validate required fields $fields_provided = array_keys($userdat); foreach ($fields_provided as $k => $item) { if (!in_array($item, $valid_fields)) { unset($userdat[$item]); // Remove the invalid item } } foreach ($required_fields as $k => $item) { if (!in_array($item, $fields_provided)) { record_yakbb_error("Missed field \"" . $item . "\" in call to insert_user()."); return false; } } // Set the data that will ALWAYS be this way $userdat["group"] = 0; $userdat["activated"] = 1; $userdat["activationcode"] = ""; // Sent via e-mail $userdat["pending"] = 0; // Admin approval required? $userdat["registeredtime"] = time(); $userdat["lastip"] = $yakbb->ip; $userdat["template"] = $yakbb->config["default_template"]; $userdat["language"] = $yakbb->config["default_language"]; $userdat["timezone"] = $yakbb->config["default_timezone"]; // Set the data that is optional. intval() is used to force integer value upon certain ones $userdat["emailshow"] = isset($userdat["emailshow"]) ? intval($userdat["emailshow"]) : 0; $userdat["emailoptin"] = isset($userdat["emailoptin"]) ? intval($userdat["emailoptin"]) : 0; $userdat["displayname"] = isset($userdat["displayname"]) ? $userdat["displayname"] : $userdat["username"]; // Validate inputted data if (!function_exists("valid_username")) { loadLibrary("validation.lib"); } $errors = array(); $res = valid_username($userdat["username"]); if ($res !== true) { $errors[] = $res; } $res = valid_displayname($userdat["displayname"]); if ($res !== true) { $errors[] = $res; } $res = valid_password($userdat["password"]); if ($res !== true) { $errors[] = $res; } $res = valid_email($userdat["email"]); if ($res !== true) { $errors[] = $res; } if (count($errors) == 0) { $yakbb->db->insert("users", $userdat); return true; } else { return $errors; } }