update_val_by_key("mail", $_POST['mail']); ?> <div class="alert alert-success"> <?php echo lang('PROFILE_msg_ok'); ?> </div> <?php } if ($mode == "edit_profile_main") { $l = $_POST['login']; $m = $_POST['mail']; $id = $_POST['id']; $langu = $_POST['lang']; $ec = 0; if (!validate_alphanumeric_underscore($l)) { $ec = 1; } if (!validate_email($m)) { $ec = 1; } if (!validate_exist_mail($m)) { $ec = 1; } if ($ec == 0) { $stmt = $dbConnection->prepare('update users set login=:l, email=:m, lang=:langu where id=:id'); $stmt->execute(array(':id' => $id, ':l' => $l, ':m' => $m, ':langu' => $langu)); ?> <div class="alert alert-success"> <?php echo lang('PROFILE_msg_ok');
public static function processRegister($mode = "web") { //masi copy paste $uname_min = 5; $uname_max = 15; $passwd_min = 5; $passwd_max = 15; $hp_min = 9; $hp_max = 15; $json = array(); $json['err'] = ""; $json['bool'] = 0; //utk webservices $json['status_code'] = 0; $json['status_message'] = "Incomplete Request"; if ($mode == "web") { //check captcha if (isset($_POST['g-recaptcha-response'])) { $captcha = $_POST['g-recaptcha-response']; } if (!$captcha) { $json['err'] .= Lang::t('Please verify that you are not a robot') . "<br>"; } else { $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6LdxXBMTAAAAAAgT0r9Vgly2P8yyrtU2Io-OVDZa&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']); if ($response . success == false) { $json['err'] .= Lang::t('Please verify that you are not a robot') . "<br>"; } else { //echo '<h2>Thanks for posting comment.</h2>'; //human // $json['err'] .= Lang::t('HUMANNN')."<br>"; } } //END check captcha //check token $rand = $_SESSION['rand']; $token = $_POST['token']; if ($rand != $token) { $json['err'] .= "Wrong Token<br>"; } } //eND check token //check username $uname = addslashes($_POST['uname']); if (!validate_alphanumeric_underscore($uname)) { $json['err'] .= "Username must be alphanumeric<br>"; } if ($uname == "") { $json['err'] .= "Username cannot be empty<br>"; } if (strlen($uname) < $uname_min || strlen($uname) > $uname_max) { $json['err'] .= "The username is the wrong length. Min {$uname_min} Max {$uname_max} Characters.<br>"; } //apakah sudah terpakai //END //Check password $pwd = addslashes($_POST['pwd']); // if(!validate_alphanumeric_underscore($pwd)){ // $json['err'] .= "Password must be alphanumeric<br>"; // } if ($pwd == "") { $json['err'] .= "Password cannot be empty<br>"; } if (strlen($pwd) < $passwd_min || strlen($pwd) > $passwd_max) { $json['err'] .= "The password is the wrong length. Min {$passwd_min} Max {$passwd_max} Characters.<br>"; } $pwd2 = addslashes($_POST['pwd2']); if ($pwd != $pwd2) { $json['err'] .= "Password mismatched.<br>"; } //EnD //CHeck name $name = addslashes($_POST['name']); if ($name == "") { $json['err'] .= "Name cannot be empty<br>"; } if (!preg_match("/^[a-zA-Z ]*\$/", $name)) { $json['err'] .= "Only letters and white space allowed<br>"; } //END //Check Address // $addresss = addslashes($_POST['addresss']); // if($addresss==""){ // $json['err'] .= "Address cannot be empty<br>"; // } //END //Check email $email = addslashes($_POST['email']); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $json['err'] .= "Invalid Email Address<br>"; } //apakah sudah terpakai //END //Check Phone $phone = addslashes($_POST['phone']); if (strlen($phone) < $hp_min || strlen($phone) > $hp_max) { $json['err'] .= "The phone is the wrong length. Min {$hp_min} Max {$hp_max} Characters.<br>"; } //ENd if ($json['err'] == "") { //cek apakah email dan username masi free $acc = new Account(); $nr = $acc->getJumlah("admin_email = '{$email}'"); $nr2 = $acc->getJumlah("admin_username = '******'"); if ($nr > 0) { $json['err'] .= "Email is already being registered.<br>"; } if ($nr2 > 0) { $json['err'] .= "Username is already being registered.<br>"; } if ($json['err'] == "") { //process password $crypt = Account::cryptPassword($pwd); //save as new Account $acc->admin_email = $email; $acc->admin_ip = $_SERVER['REMOTE_ADDR']; $acc->admin_nama_depan = $name; $acc->admin_password = $crypt; $acc->admin_username = $uname; $acc->admin_role = "normal_user"; $acc->admin_type = 1; $acc->admin_aktiv = 0; $acc->admin_hash = md5($uname . $pwd . time()); $acc->admin_reg_date = leap_mysqldate(); $acc->admin_lastupdate = leap_mysqldate(); $acc->admin_marketer = addslashes($_POST['marketer']); $acc->admin_phone = $phone; $mid = $acc->save(); if ($mid) { $needVerify = Efiwebsetting::getData("needVerify"); $dataEmail = new DataEmail(); if ($needVerify == "true") { $succEmail = $dataEmail->registrationSuccessWithVerify($email, $uname, $acc->admin_hash); } else { //aktivasi langsung $arrAcc = $acc->getWhere("admin_email = '{$email}' LIMIT 0,1"); $acc2 = $arrAcc[0]; $acc2->load = 1; // $acc->getByID($mid); $acc2->admin_aktiv = 1; $acc2->save(); $succEmail = $dataEmail->registrationSuccessWithOutVerify($email, $uname); //kalau ada marketer send ke marketer jg if ($acc2->admin_marketer != "") { $arrAcc2 = $acc->getWhere("admin_username = '******' LIMIT 0,1"); if (count($arrAcc2) > 0) { $acc_marketer = $arrAcc2[0]; $succEmail2 = $dataEmail->registrationSuccessToMarketer($acc_marketer->admin_email, $uname, $acc2->admin_marketer); } else { $succEmail2 = $dataEmail->registrationSuccessToMarketer(Efiwebsetting::getData("franchiseEmail"), $uname, $acc2->admin_marketer); $acc2->admin_marketer = ""; $acc2->save(); } } //loginin $_POST['admin_username'] = $acc->admin_username; $_POST['admin_password'] = $acc->admin_password; $_POST['rememberme'] = 1; $username = addslashes($_POST["admin_username"]); $password = addslashes($_POST["admin_password"]); $rememberme = isset($_POST["rememberme"]) ? 1 : 0; $row = array("admin_username" => $username, "admin_password" => $password, "rememberme" => $rememberme, "admin_ldap" => 0); if ($mode == "web") { //login pakai row credential Auth::login($row); } } //send email // $lm = new Leapmail(); // $lm->senderMail = "*****@*****.**"; //sementara disini..krn response error $json['status_code'] = 1; $json['status_message'] = "Registration Success"; $json['bool'] = 1; $json['mid'] = $mid; if ($succEmail) { // $json['err'] .= $succEmail; } else { $json['err'] .= "Send Email failed. Please <a href='" . _SPPATH . "contact'>contact</a> us by email or phone.<br>"; } } else { $json['status_code'] = 0; $json['status_message'] = "Saving failed"; $json['err'] .= "Save failed. Please <a href='" . _SPPATH . "contact'>contact</a> us by email or phone.<br>"; } } } echo json_encode($json); die; }
function processRegister() { //masi copy paste $uname_min = 5; $uname_max = 15; $passwd_min = 5; $passwd_max = 15; $hp_min = 9; $hp_max = 15; $json = array(); $json['err'] = ""; $json['bool'] = 0; //check captcha if (isset($_POST['g-recaptcha-response'])) { $captcha = $_POST['g-recaptcha-response']; } if (!$captcha) { $json['err'] .= Lang::t('Please verify that you are not a robot') . "<br>"; } else { $response = file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=6LdxXBMTAAAAAAgT0r9Vgly2P8yyrtU2Io-OVDZa&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']); if ($response . success == false) { $json['err'] .= Lang::t('Please verify that you are not a robot') . "<br>"; } else { //echo '<h2>Thanks for posting comment.</h2>'; //human // $json['err'] .= Lang::t('HUMANNN')."<br>"; } } //END check captcha //check token $rand = $_SESSION['rand']; $token = $_POST['token']; if ($rand != $token) { $json['err'] .= "Wrong Token<br>"; } //eND check token //check username $uname = addslashes($_POST['uname']); if (!validate_alphanumeric_underscore($uname)) { $json['err'] .= "Username must be alphanumeric<br>"; } if ($uname == "") { $json['err'] .= "Username cannot be empty<br>"; } if (strlen($uname) < $uname_min || strlen($uname) > $uname_max) { $json['err'] .= "The username is the wrong length. Min {$uname_min} Max {$uname_max} Characters.<br>"; } //apakah sudah terpakai //END //Check password $pwd = addslashes($_POST['pwd']); // if(!validate_alphanumeric_underscore($pwd)){ // $json['err'] .= "Password must be alphanumeric<br>"; // } if ($pwd == "") { $json['err'] .= "Password cannot be empty<br>"; } if (strlen($pwd) < $passwd_min || strlen($pwd) > $passwd_max) { $json['err'] .= "The password is the wrong length. Min {$passwd_min} Max {$passwd_max} Characters.<br>"; } $pwd2 = addslashes($_POST['pwd2']); if ($pwd != $pwd2) { $json['err'] .= "Password mismatched.<br>"; } //EnD //CHeck name $name = addslashes($_POST['name']); if ($name == "") { $json['err'] .= "Name cannot be empty<br>"; } if (!preg_match("/^[a-zA-Z ]*\$/", $name)) { $json['err'] .= "Only letters and white space allowed<br>"; } //END //Check Address $addresss = addslashes($_POST['addresss']); if ($addresss == "") { $json['err'] .= "Address cannot be empty<br>"; } //END //Check email $email = addslashes($_POST['email']); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $json['err'] .= "Invalid Email Address<br>"; } //apakah sudah terpakai //END //Check Phone $phone = addslashes($_POST['phone']); if (strlen($phone) < $hp_min || strlen($phone) > $hp_max) { $json['err'] .= "The phone is the wrong length. Min {$hp_min} Max {$hp_max} Characters.<br>"; } //ENd if ($json['err'] == "") { //cek apakah email dan username masi free $acc = new Account(); $nr = $acc->getJumlah("admin_email = '{$email}'"); $nr2 = $acc->getJumlah("admin_username = '******'"); if ($nr > 0) { $json['err'] .= "Email is already being registered.<br>"; } if ($nr2 > 0) { $json['err'] .= "Username is already being registered.<br>"; } if ($json['err'] == "") { //save as new Account $acc->admin_email = $email; $acc->admin_ip = $_SERVER['REMOTE_ADDR']; $acc->admin_nama_depan = $name; $acc->admin_password = $pwd; $acc->admin_username = $uname; $acc->admin_role = "normal_user"; $acc->admin_type = 1; $acc->admin_aktiv = 0; $acc->admin_hash = md5($uname . $pwd . time()); $acc->admin_reg_date = leap_mysqldate(); $acc->admin_lastupdate = leap_mysqldate(); $mid = $acc->save(); if ($mid) { $judul = "Your Registration at YourApp.Com"; $isi = "\n\n <h1>Thank you for registering with us!!</h1>\n <br>\n <a href='" . _BPATH . "verify?mid={$uname}&token={$acc->admin_hash}'>Verify My Account Now</a> <br>\n or open this link " . _BPATH . "verify?mid={$uname}&token={$acc->admin_hash}\n "; //send email $lm = new Leapmail(); // $lm->senderMail = "*****@*****.**"; //sementara disini..krn response error $json['bool'] = 1; $json['mid'] = $mid; if ($mm = $lm->sendEmail($email, $judul, $isi)) { $json['err'] .= $mm; } else { $json['err'] .= "Send Email failed. Please <a href='" . _SPPATH . "contact'>contact</a> us by email or phone.<br>"; } } else { $json['err'] .= "Save failed. Please <a href='" . _SPPATH . "contact'>contact</a> us by email or phone.<br>"; } } } echo json_encode($json); die; }
$check_username = mysql_query("SELECT * FROM i_users WHERE userwd='{$username}'") or die(mysql_error()); $check_email = mysql_query("SELECT * FROM i_users WHERE email='{$email}'") or die(mysql_error()); $username_check1 = strtolower($username); $no_nickname = strtolower('Nickname'); if ($antispam !== '') { header('Location: 404.php'); } else { if ($username == '' || $password_nomd5 == '' || $username_check1 == $no_nickname) { $error = '<strong>ERROR:</strong> Please insert your nickname -OR- your password -OR- both.'; renderForm($username, $error, $email); } else { if ($username !== '' && $password_nomd5 !== '' && $email == '') { $error = '<strong>ERROR:</strong> Please insert your valid email address.'; renderForm($username, $error, $email); } else { if (!validate_alphanumeric_underscore($username)) { $error = '<strong>ERROR:</strong> Only alphanumerics and underscore are allowed!'; renderForm($username, $error, $email); } else { if (strlen($username) < 3) { echo "<strong>ERROR:</strong> Your nickname is too short, minimum 3 characters and above."; renderForm($username, $error, $email); } else { if (mysql_num_rows($check_username) > 0) { $error = '<strong>ERROR:</strong> Nickname <strong><u>' . $username . '</u></strong> already exists in database!'; renderForm($username, $error, $email); } else { if (mysql_num_rows($check_email) > 0) { $error = '<strong>ERROR:</strong> The email address already exists in database!'; renderForm($username, $error, $email); } else {