if ($cantidad = $user->getCantidad()) {
sendRensponse(array("error" => false, "mensaje" => "", "data" => $cantidad));
} else {
sendRensponse(array("error" => true, "mensaje" => "¡Error al obtener cantidad de Usuarios!"));
}
}
$request = new Request();
$action = $request->action;
switch ($action) {
case "nuevoUser":
nuevoUser($request);
break;
case "validar":
validateUser($request);
break;
case "validarMail":
validateMail($request);
break;
case "validarUserName":
validateUserName($request);
break;
case "obtener":
getUser($request);
break;
case "obtenerCantidad":
getCantidad($request);
break;
default:
sendRensponse(array("error" => "true", "mensaje" => "request mal formado"));
break;
}
if ($isPost) {
//
$userName = (isset($_POST['username'])) ? $_POST['username'] : '';
$firstName = (isset($_POST['first_name'])) ? $_POST['first_name'] : '';
$lastName = (isset($_POST['first_name'])) ? $_POST['last_name'] : '';
$emailAddress = (isset($_POST['email'])) ? $_POST['email'] : '';
//
$userMessage = '';
$firstMessage = '';
$lastMessage = '';
$emailMessage = '';
//
validateUserName($userName, $userMessage);
validateFirstName($firstName,$firstMessage);
validateLastName($lastName, $lastMessage);
validateEmail($emailAddress, $emailMessage);
echo $userMessage . '<br />';
echo $firstMessage . '<br />';
echo $lastMessage . '<br />';
echo $emailMessage . '<br />';
}
// • username: alphanumeric and no longer than 15 characters long
function validateUserName($name, &$message) {
$message = '';
$validData = ctype_alnum($name) && (strlen($name) <= 15);
if ($validData) {
static function submitNewUser($username, $password, $email, $password2 = null)
{
if (!registerUsers()) {
return 5;
}
// admin has disabled registering new users
$email = filter_var($email, FILTER_SANITIZE_EMAIL);
$username = validateUserName($username) ? $username : false;
$password = validatePassword($password) ? $password : false;
if (!$username || !$password) {
return 1;
// username or password does not meet the requirements
}
if (isset($password2)) {
$password2 = validatePassword($password2) ? $password2 : false;
if ($password2 != false) {
//$password2 = passwordHash($password2);
if ($password2 != $password) {
return 4;
// passwords do not match
}
} else {
return 4;
}
}
$password = passwordHash($password);
$current_datetime = jDateTime::gdate('Y-m-d H:i:s');
if (Users::userExists($username)) {
return 2;
// username already exist
}
$activate = md5($email . time());
$conn = MySQL::open_conn();
$query = "INSERT INTO c_users (user_login, user_pass, user_email, user_registered, activate) ";
$query .= "VALUES ('{$username}', '{$password}', '{$email}', '{$current_datetime}', '{$activate}')";
$res = $conn->query($query);
if (!$res) {
return 3;
}
// unknown error while creating new user
$row = $conn->query("SELECT MAX(ID) AS max FROM c_users")->fetch_array();
if ($row) {
$id = $row['max'];
}
if (shouldConfMail()) {
$mail_content = replace_template(getDefaultEmailTemplateContent(), getConfEmailTemplateVars($id));
Email::sendMail($email, $username, getConfMailSubject(), $mail_content);
}
return 0;
}
<?php
if (isset($_POST["submit_new_user"])) {
$username = $_POST['new_user_username'];
$username = validateUserName($username) ? $_POST['new_user_username'] : false;
$bh_password = $_POST['new_user_password'];
$bh_password = validatePassword($bh_password) ? $_POST['new_user_password'] : false;
$password = passwordHash($bh_password);
$email = $_POST['new_user_email'];
//$vip = isset($_POST['new_user_vip']) ? 1 : 0;
$bp_role = $_POST['new_user_role'];
$current_datetime = jDateTime::gdate('Y-m-d H:i:s');
$bp_vip = $_POST['new_user_vip'];
if ($bp_vip == 0) {
$vip = 0;
$vip_start = null;
$vip_expire = null;
} elseif ($bp_vip == -1) {
$vip = -1;
$vip_start = $current_datetime;
$vip_expire = null;
} else {
$vip = $bp_vip;
$vip_start = strtotime($current_datetime);
$vip_expire = strtotime('+' . $vip . ' day', $vip_start);
$vip_start = $current_datetime;
$vip_expire = date('Y-m-d H:i:s', $vip_expire);
}
if (Users::userExists($username)) {
goToError('?switch=users#new_user', _e('username_already_exists', '', '', true));
}
$submit = $_POST['is_submit'] == 'true';
}
if (isset($_POST["user_id"])) {
$user_details['id'] = $_POST['user_id'];
}
if (isset($_POST['username']) && isset($_POST['password'])) {
$username = trim($_POST["username"]);
$password = trim($_POST["password"]);
}
if ($mode != "create") {
if (empty($user_details['id'])) {
if (empty($_POST["username"]) || empty($_POST["password"])) {
//die();
header("Location: login.php?fail=true");
}
validateUserName($username, $password);
} else {
validateUserId($user_details['id']);
$mode = "update";
}
}
if ($mode == 'update') {
if ($submit) {
// Update edge_users Table
$query = 'UPDATE edge_users SET username = "******", ' . 'firstname = "' . $_POST['firstname'] . '", ' . 'lastname = "' . $_POST['lastname'] . '", ' . 'email = "' . $_POST['email'] . '" ' . 'WHERE ID = ' . $user_details['id'];
$result = mysql_query($query);
if (!$result) {
die('Invalid query UPDATE Projects: ' . mysql_error());
}
// TODO - For each Interest update interest_table
// TODO - For each expertise update expertise_table
require_once "../include/validateData.php";
require_once "../include/dbAccess.php";
// session_start();
if (isset($_POST['clear']) == true) {
$err_msg = '';
unset($_POST);
}
// keep or reset the form fields
if (isset($_POST['username'])) {
$username = $_POST['username'];
} else {
$username = '';
}
if (isset($_GET['try'])) {
unset($_GET['try']);
if (validateUserName($err_msg)) {
$conn = new dbAccess($debug);
if ($conn->dbSetTempPW($username, $tempPW)) {
if (sendForgotPWEmail($username, $tempPW)) {
echo "Check your inbox for an email containing your temporary password<br>";
echo "and further instructions on how to complete the login process.<br>";
} else {
echo "User " . $email . " was successfully registered.<br>";
echo "BUT we were unable to send your temporary password via the email address you <br>";
echo "provided. Please contact the My Vista Verde Webmaster to complete <br>";
echo "the registration process<br>";
}
$display = false;
} else {
$err_msg = $conn->errmsg;
}
//TO $val einia to userName
//}
//
require_once '../helpers/dbConnectioni.php';
require_once 'registerUserVaidations.php';
$conn = getDbConnection();
$isPost = filter_input(INPUT_POST, "registration");
if (isset($isPost)) {
$firstname = filter_input(INPUT_POST, 'firstname', FILTER_SANITIZE_STRING);
$lastname = filter_input(INPUT_POST, 'lastname', FILTER_SANITIZE_STRING);
if (strlen($firstname) == 0 || strlen($lastname) == 0) {
echo "Please supply first name and last name";
exit;
}
$username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
$errorsUsername = validateUserName($username, $conn);
if (count($errorsUsername) != 0) {
echo join(",", $errorsUsername);
exit;
}
$passwordRaw = filter_input(INPUT_POST, 'password', FILTER_DEFAULT);
$conpasswordRaw = filter_input(INPUT_POST, 'cpassword', FILTER_DEFAULT);
if (strlen($passwordRaw) == 0) {
echo "Please supply password";
exit;
}
if ($passwordRaw !== $conpasswordRaw) {
echo "Password nad confirm password not equal";
exit;
}
$passwordResult = filter_var($passwordRaw, FILTER_SANITIZE_STRING);
