function validateFormInputs() { if (validateName()) { if (validateEmail()) { if (validateMessage()) { if (validateHiddenInput()) { return true; } } } } return false; }
function insertNameInput() { if (isset($_POST['odeslat'])) { if (validateName()) { insertInputWithValue("text", "jmeno", "jmeno", "Jméno a příjmení", 40, trim($_POST['jmeno'])); insertOKSpan(); } else { insertInput("text", "jmeno", "jmeno", "Jméno a příjmení", 40); insertWrongSpan(); } } else { insertInput("text", "jmeno", "jmeno", "Jméno a příjmení", 40); insertWrongSpan(); } }
function getDataErrors($data) { $messages = []; if (empty($data['first_name']) || empty($data['last_name']) || empty($data['username']) || empty($data['password'])) { $messages[] = 'Παρακαλούμε συμπληρώστε όλα τα πεδία'; return $messages; } if (!validateName($data['first_name'])) { $messages[] = 'Το όνομα σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας'; } if (!validateName($data['last_name'])) { $messages[] = 'Το επώνυμό σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας'; } if (!validateUsername($data['username'])) { $messages[] = 'Το username σας περιέχει μη πετρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο λατινικούς χαρακτήρες και αριθμούς'; } if (!validateEmail($data['email'])) { $messages[] = 'Το e-mail σας δεν είναι έγκυρο. Παρακούμε εισάγετε ένα έγκυρο e-mail.'; } if (!validatePassword($data['password'])) { $messages[] = 'Μη επιτρεπτός κωδικός. Ο κωδικός σας πρέπει να περιλαμβάνει τουλάχιστον 8 ψηφία.'; } return $messages; }
//Do an "action" (run a script which isn't supposed to produce HTML, but rather //redirect back to a page) if the 'a' GET parameter is supplied if (!empty($_GET['a'])) { $action = $_GET['a']; if (!ctype_alnum($action)) { die("Action name is invalid."); } if (!file_exists("{$root}/actions/{$action}.php")) { die("Action {$action} doesn't exist."); } include "{$root}/actions/{$action}.php"; } else { if (empty($_GET['p'])) { if ($loggedin) { $page = "browse"; } else { $page = "login"; } } else { $page = $_GET['p']; } if (!validateName($page)) { die("Page name is invalid."); } if (!file_exists("{$root}/views/{$page}/index.php")) { die("Page {$page} doesn't exist."); } template("index", ["page" => $page]); $_SESSION['error'] = false; } ob_end_flush();
private function edit() { if (empty($_GET['id'])) { $this->show_all(); } else { if (empty($_POST)) { $id_service = $_GET['id']; $service = $this->model->get($id_service); if ($service) { $section = file_get_contents('Views/Service/edit.html'); $dicc = array('{id}' => $service['id_service'], '{nombre}' => $service['service_name'], '{ubicacion}' => $service['location_name']); $section = strtr($section, $dicc); $this->template($section); } else { echo 'no existe ese servicio para editarlo'; } } else { $id_service = $_GET['id']; require_once "Controllers/Validaciones.php"; $name = validateName($_POST['name']); $id_location = validateNumber($_POST['location']); $service = new Service($name, $id_location); $result = $this->model->edit($service, $id_service); if ($result) { $this->show_message("success", "El servicio se edito correctamente"); } else { $this->show_message("danger", "No se edito no puede haber duplicados en el nombre"); } } } }
} } function validateOption($option, $errMsg) { if (isset($option)) { return !empty($option) && $option != 'default' ? '' : $errMsg . '<br />'; } } ?> <form id="loginForm" class="form-horizontal" method="post" action=""> <div><?php echo validateName($username, 'invalid username'); echo validateName($password, 'invalid password'); echo validateOption($option, 'invalid radio button'); echo validateOption($favNumber, 'invalid dropdown'); ?> </div> <!-- username --> <div class="form-group"> <label for="username" class="col-sm-2 control-label">Username</label> <div class="col-sm-10"> <input type="text" class="form-control" id="username" name="username" placeholder="Username" value="<?php echo htmlspecialchars($username); ?> "> </div>
<?php if (!validateName($firstName)) { echo $styleInvalid; } ?> /> <input type="text" name="LAST" placeholder="Last" value="<?php if (isset($_POST['LAST'])) { echo $lastName; } ?> " size="15" id="lastName" <?php if (!validateName($firstName)) { echo $styleInvalid; } ?> /><br /> <label>Address:</label> <input type="text" name="ADDRESS" value="<?php if (isset($_POST['ADDRESS'])) { echo $address; } ?> " size="37" id="address" <?php if (!validateAddress($address)) {
@session_start(); require_once '../Includes/database.php'; if (isset($_SESSION['username'])) { redirect('../'); } require_once '../Includes/header.php'; require_once '../Includes/formvalidation.php'; ?> <script src="../Scripts/formHandling.js" type="text/javascript"></script> <?php if (isset($_POST['submit'])) { $formFields = array('Email', 'FirstName', 'LastName', 'Password1'); $errors = array(); $errors['Email'] = validateEmail($_POST['Email']); $errors['FirstName'] = validateName($_POST['FirstName']); $errors['LastName'] = validateName($_POST['LastName']); $errors['Password1'] = validatePassword($_POST['Password1']); //$errors['Password2'] = validatePassword($_POST['Password2']); if ($errors['Password1'] == "") { if ($_POST['Password1'] != $_POST['Password2']) { $errors['Password1'] = "Values don't match"; } } $totalErrors = ""; foreach ($formFields as $fields) { $totalErrors .= $errors[$fields]; echo $totalErrors; //echo "error :{$fields}".$errors[$fields]."<br/>"; //echo $totalErrors; } if ($totalErrors == "") {
<html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>T20KB Register</title> <link rel="stylesheet" type="text/css" href="css/register.css" media="all" /> </head> <body> <div id="container"> <h1 align="center">Registration</h1> <?php if (isset($_POST['send']) && (!validateName($_POST['name']) || !validateEmail($_POST['email']) || !validateNum($_POST['number']))) { ?> <div id="error"> <ul> <?php if (!validateName($_POST['name'])) { ?> <li><strong>Error username aleary exist </strong></li> <?php } ?> <?php if (!validateEmail($_POST['email'])) { ?> <li><strong>user with given email already exsist</strong></li> <?php } ?> <?php if (!validateNum($_POST['number'])) { ?>
$flavor = $client->getFlavor(); if (!isset($_POST['email']) || !isset($_POST['reg_passwd__'])) { loadErrorClass($flavor); return; } else { $login = isset($_POST['login']) ? true : false; $name = $_POST['name']; $email = $_POST['email']; $password = $_POST['reg_passwd__']; $nextPage = isset($_POST['next']) ? $_POST['next'] : "index.php"; $auth_token = isset($_POST['auth_token']) ? $_POST['auth_token'] : null; if (!validateEmail($email)) { loadErrorClass($flavor, 'Email validation failed.'); return; } if (!validateName($name)) { loadErrorClass($flavor, 'Please specify a first and last name'); return; } if (!validatePassword($password)) { loadErrorClass($flavor, 'Password must be specified'); return; } $uid = null; try { $dbCon = RingsideApiDbDatabase::getDatabaseConnection(); //$client->api_client->admin_createUser($email, $password); $user = new Api_Dao_User(); $user->setUsername($email); $user->setPassword(sha1($password)); if (!$user->initByUserName($email, $dbCon)) {
public static function register($username, $password, $cppassword, $name, $country, $mySQL) { $username = htmlentities($username); $name = htmlentities($name); $country = htmlentities($country); $registrationResult = array(); if (empty($username)) { array_push($registrationResult, "Username field is required."); } else { if (strlen($username) < 3) { array_push($registrationResult, "Username must be at least 6 characters long."); } else { if (strlen($username) > 50) { array_push($registrationResult, "Username can be maximum 50 characters long."); } else { if ($mySQL->selectUser($username)) { array_push($registrationResult, "Username is already taken"); } else { if (!preg_match("/^[a-zA-Z1-9]*\$/", $username)) { array_push($registrationResult, "Username can only contain letters and digits."); } } } } } if (empty($password)) { array_push($registrationResult, "Password field is required."); } else { if (strlen($password) < 6) { array_push($registrationResult, "Password must be at least 6 characters long."); } else { if (strlen($password) > 50) { array_push($registrationResult, "Password cannot be longer than 50 characters."); } } } if ($password != $cppassword) { array_push($registrationResult, "Passwords do not match."); } $name_check = validateName($name); if ($name_check !== true) { array_push($registrationResult, $name_check); } if (!empty($registrationResult)) { return $registrationResult; } $hash = password_hash($password . SiteUser::$salt, PASSWORD_DEFAULT); if (($id = getCountryID($country, $mySQL)) == null) { array_push($registrationResult, "An error occurred. Please try again later."); return $registrationResult; } $type = "Reader"; $stmt = $mySQL->prepare("INSERT INTO users (username, password, name, country_id, type) VALUES (?,?,?,?,?)"); $stmt->bind_param("sssis", $username, $hash, $name, $id, $type); $stmt->execute(); return true; }
private function edit() { if (empty($_GET['id'])) { $this->show_all(); } else { if (empty($_POST)) { $id_employee = $_GET['id']; $employee = $this->model->get($id_employee); if ($employee) { $section = file_get_contents('Views/Employee/edit.html'); $dicc = array('{id}' => $employee['id_employee'], '{nombre}' => $employee['emp_name'], '{apellido}' => $employee['emp_last_name'], '{RFC}' => $employee['RFC'], '{email}' => $employee['emp_email'], '{telefono}' => $employee['emp_phone'], '{celular}' => $employee['emp_cellpone'], '{direcccion}' => $employee['address'], '{colonia}' => $employee['colony']); $section = strtr($section, $dicc); $this->template($section); } else { echo 'no existe ese empleado para editarlo'; } } else { $id_employee = $_GET['id']; require_once "Controllers/Validaciones.php"; $name = validateName($_POST['name']); $last_name = validateName($_POST['last_name']); $RFC = validateRFC($_POST['RFC']); $email = validateEmail($_POST['email']); $phone = $_POST['phone']; $cellphone = $_POST['cellphone']; $address = $_POST['address']; $colony = validateText($_POST['colony']); $city = $_POST['city']; $employee = new Employee($name, $last_name, $RFC, $email, $phone, $cellphone, $address, $colony, $city); $result = $this->model->edit($employee, $id_employee); if ($result) { $this->show_message("success", "El empleado se edito correctamente"); } else { $this->show_message("danger", "No se edito no puede haber duplicados en el correo o el RFC"); } } } }
if (!empty($_POST['value'])) { switch ($_POST['field']) { case 1: $res = validateUsername($_POST['value']); if (!$res) { echo 'Το username σας περιέχει μη πετρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο λατινικούς χαρακτήρες και αριθμούς'; } break; case 2: $res = validateName($_POST['value']); if (!$res) { echo 'Το όνομα σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας'; } break; case 3: $res = validateName($_POST['value']); if (!$res) { echo 'Το επώνυμο σας περιέχει μη επιτρεπτούς χαρακτήρες. Παρακαλούμε εισάγετε μόνο γράμματα της αλφαβήτας'; } break; case 4: $res = validateEmail($_POST['value']); if (!$res) { echo 'Το e-mail σας δεν είναι έγκυρο. Παρακούμε εισάγετε ένα έγκυρο e-mail.'; } break; case 5: $res = validatePassword($_POST['value']); if (!$res) { echo 'Μη επιτρεπτός κωδικός. Ο κωδικός σας πρέπει να περιλαμβάνει τουλάχιστον 8 ψηφία.'; }
$outp .= '"Type":"' . $rs["type"] . '"}'; } $outp .= "]"; echo $outp; } } } } if (isset($_POST['val'])) { if ($siteUser->isLoggedIn() == false) { return; } if ($_POST['val'] == "cpupdate") { if (isset($_POST['change']) && $_POST['change'] === "name") { if (isset($_POST["data"])) { $name_check = validateName($_POST['data']); if ($name_check === true) { $stmt = $mysql->prepare("UPDATE users SET name = ? WHERE user_id = {$siteUser->getUserId()} "); $stmt->bind_param("s", $_POST['data']); $stmt->execute(); echo "Your name has been updated."; } else { echo $name_check; } } } elseif (isset($_POST['change']) && $_POST['change'] === "country") { $id = getCountryID($_POST['data'], $mysql); if ($id != null) { $mysql->query("UPDATE users SET country_id = '" . $id . "' WHERE user_id = {$siteUser->getUserId()} "); echo "Country Updated."; } else {
private function edit() { if (empty($_GET['id'])) { $this->show_all(); } else { if (empty($_POST)) { $id_user = $_GET['id']; $user = $this->model->get($id_user); if ($user) { $section = file_get_contents('Views/User/edit.html'); //$rolName = $user['rol'] == 'admin' ? 'Administrador' : ($user['rol'] == 'employee' ? 'Empleado' : 'Cliente'); $dicc = array('{id}' => $user['id_user'], '{nombre}' => $user['user_name'], '{password}' => $user['password'], '{email}' => $user['user_email']); $section = strtr($section, $dicc); $this->template($section); } else { echo 'no existe ese usuario para editarlo'; } } else { $id_user = $_GET['id']; require_once "Controllers/Validaciones.php"; $name = validateNameUser($_POST['name']); $password = md5(validatePass($_POST['password'])); $password_confirm = md5(validatePass($_POST['password_confirm'])); $email = validateEmail($_POST['email']); $rol = validateName($_POST['rol']); $join = isset($_POST['join']) ? $_POST['join'] : NULL; $option = $rol == 'admin' ? 'id_employee' : ($rol == 'employee' ? 'id_employee' : ($rol == 'client' ? 'id_client' : NULL)); $user = new User($name, $password, $email, $rol); $result = $this->model->edit($user, $id_user, $option, $join); if ($result) { $this->show_message("success", "El usuario se edito correctamente"); } else { $this->show_message("danger", "No se edito no puede haber duplicados en el nombre o el correo"); } } } }
private function edit() { if (empty($_GET['id'])) { $this->show_all(); } else { if (empty($_POST)) { $id_location = $_GET['id']; $location = $this->model->get($id_location); if ($location) { $section = file_get_contents('Views/Location/edit.html'); $dicc = array('{id}' => $location['id_location'], '{nombre}' => $location['location_name']); $section = strtr($section, $dicc); $this->template($section); } else { echo 'no existe ubicacion para editarla'; } } else { $id_location = $_GET['id']; require_once "Controllers/Validaciones.php"; $name = validateName($_POST['name']); $location = new Location($name); $result = $this->model->edit($location, $id_location); if ($result) { $this->show_message("success", "La ubicacion se edito exitosamente"); } else { $this->show_message("danger", "No se edito, no puede haber duplicados en el nombre"); } } } }
} if (isset($_POST['CONFIRMPASSWORD'])) { $password2 = $_POST['CONFIRMPASSWORD']; } if (isset($_POST['GENDER'])) { $gender = $_POST['GENDER']; } if (isset($_POST['SUBSCRIPTION'])) { $subscription = $_POST['SUBSCRIPTION']; } if (isset($_POST['comments'])) { $comments = $_POST['comments']; } if (validateName($firstName)) { //$x = true; if (validateName($lastName)) { // $x = true; if (validateEmail($email)) { // $y = true; if ($dob != "") { // $x = true; if ($address != "") { // $x = true; if ($city != "") { // $x = true; if (validateState($state)) { // $x = true; if (validateZip($zip)) { // $y = true; if (validatePhone($phone)) { // $y = true;
<?php if (!$loggedin) { fail("Not logged in."); } if (empty($_GET['file'])) { fail("You must supply a file name."); } else { $file = urldecode($_GET['file']); } if (empty($_GET['path'])) { $path = ""; } else { $path = urldecode($_GET['path']); } if (!validateName($path, '\\/') || preg_match('/\\.\\./', $path)) { fail("Path name contains illegal characters."); } if (!validateName($file)) { fail("File name contains illegal characters."); } header("Content-Disposition: attachment; filename=\"{$file}\""); header("Content-Transfer-Encoding: bytes"); $filePath = "{$conf->schemsDir}/{$uuid}/{$path}/{$file}"; echo file_get_contents($filePath);
fail("You're not logged in."); } if (empty($_FILES['file'])) { fail("No file specified."); } if (empty($_GET['path'])) { $path = ""; } else { $path = urldecode($_GET['path']); } $allowedExtensions = ["schematic", "prog"]; $file = $_FILES['file']; $file['ext'] = strtolower(end(explode(".", $file['name']))); if (!in_array($file['ext'], $allowedExtensions)) { fail("Extension {$file['ext']} is not allowed."); } if ($file['size'] > $conf->maxFileSize) { fail("File too big."); } if (!validateName($file['name'])) { fail("File name contains illegal characters."); } if (!validateName($path, '\\/') || preg_match('/\\.\\./', $path)) { fail("Path name contains illegal characters."); } $uploadPath = "{$conf->schemsDir}/{$uuid}/{$path}/{$file['name']}"; if (move_uploaded_file($file['tmp_name'], $uploadPath)) { redirect(); } else { fail("Couldn't upload file."); }
$path = ""; } else { $path = urldecode($_GET['path']); } if (empty($_GET['newname'])) { fail("You must supply a new name."); } else { $newName = urldecode($_GET['newname']); } if (!validateName($path, '\\/') || preg_match('/\\.\\./', $path)) { fail("Path name contains illegal characters."); } if (!validateName($file)) { fail("File name contains illegal characters."); } if (!validateName($newName)) { fail("New name contains illegal characters."); } if (pathinfo($file, PATHINFO_EXTENSION) !== pathinfo($file, PATHINFO_EXTENSION)) { fail("You can't change the file extension."); } $basePath = "{$conf->schemsDir}/{$uuid}/{$path}"; //die("Renaming $basePath/$file to $basePath/$newName."); if (file_exists("{$basePath}/{$newName}")) { fail("File '{$newName}' already exists."); } if (rename("{$basePath}/{$file}", "{$basePath}/{$newName}")) { redirect(); } else { fail("Couldn't rename file."); }
private function edit() { if (empty($_GET['id'])) { $this->show_all(); } else { if (empty($_POST)) { $id_client = $_GET['id']; $client = $this->model->get($id_client); if ($client) { $section = file_get_contents('Views/Client/edit.html'); $dicc = array('{id}' => $client['id_client'], '{nombre}' => $client['client_name'], '{RFC}' => $client['client_RFC'], '{email}' => $client['client_emai'], '{telefono}' => $client['client_phone'], '{celular}' => $client['client_cellphone']); $section = strtr($section, $dicc); $this->template($section); } else { echo 'no existe ese empleado para editarlo'; } } else { $id_client = $_GET['id']; require_once "Controllers/Validaciones.php"; $name = validateName($_POST['name']); $RFC = validateRFC($_POST['RFC']); $email = validateEmail($_POST['email']); $phone = $_POST['phone']; $cellphone = $_POST['cellphone']; $client = new Client($name, $RFC, $email, $phone, $cellphone); $result = $this->model->edit($client, $id_client); if ($result) { $this->show_message("success", "El cliente se edito correctamente"); } else { $this->show_message("danger", "No se edito no puede haber duplicados en el nombre o el correo"); } } } }