/**
* Process password forgotten
*
* @access public
* @return void
*/
public function process()
{
$email_address = $this->input->post('email_address');
if (validate_email_address($email_address)) {
//load model
$this->load->model('account_model');
$data = $this->account_model->get_data($email_address);
if ($data !== NULL) {
$password = create_random_string(config('ACCOUNT_PASSWORD'));
if ($this->account_model->save_password($data['customers_id'], $password)) {
$this->load->library('email_template');
$email = $this->email_template->get_email_template('password_forgotten');
$email->set_data($data['customers_firstname'], $data['customers_lastname'], getenv('REMOTE_ADDR'), $password, $data['customers_gender'], $data['customers_email_address']);
$email->build_message();
$email->send_email();
$this->message_stack->add_session('login', lang('success_password_forgotten_sent'), 'success');
redirect('account/login');
}
} else {
$this->message_stack->add('password_forgotten', lang('error_password_forgotten_no_email_address_found'));
}
} else {
$this->message_stack->add('password_forgotten', lang('error_password_forgotten_no_email_address_found'));
}
$this->template->build('account/password_forgotten');
}
function content()
{
if (!user_logged_in()) {
return must_log_in();
}
$user = fetch_one_or_none('users', 'id', user_logged_in());
$errors = array();
if (array_key_exists('change', $_POST)) {
if (!isset($_POST['email']) || !$_POST['email']) {
$errors[] = "Please enter an email address";
} else {
$email = $_POST['email'];
if ($email && !validate_email_address($email)) {
$errors[] = "Invalid email address";
}
if (count($errors) == 0 && count(fetch_all('users', 'email_address', $email))) {
$errors[] = "A user with this email address already exists";
}
if (count($errors) == 0) {
update_all('users', array('new_email_address' => $email), 'id', user_logged_in());
send_email_change_email($email, $user->name);
?>
<p>We have sent an email to your new address requesting that you
confirm that change of address.</p>
<?php
return;
}
}
}
$fields = array();
page_header('Change email address');
show_error_list($errors);
?>
<form method="post" action="" accept-charset="UTF-8">
<div class="fieldrow">
<div class="field">
<label>Current address:</label>
<div><tt><?php
esc($user->email_address);
?>
</tt></div>
</div>
</div>
<div class="fieldrow">
<?php
text_field($fields, 'email', 'New address');
?>
</div>
<div class="fieldrow">
<input type="submit" name="change" value="Change"/>
</div>
</form>
<?php
}
/**
* Set Data
*
* @access public
* @return void
*/
function set_data($from_name, $from_email_address, $to_email_address, $message, $wishlist_url)
{
$this->from_name = $from_name;
$this->from_email_address = $from_email_address;
$this->to_email_address = $to_email_address;
$this->message = $message;
$this->wishlist_url = $wishlist_url;
$emails = explode(',', $this->to_email_address);
foreach ($emails as $email) {
if (validate_email_address($email)) {
$this->add_recipient('', $email);
}
}
}
/**
* Registers a user, returning false if the username already exists
*
* @param string $username The username of the new user
* @param string $password The password
* @param string $name The user's display name
* @param string $email The user's email address
* @param bool $allow_multiple_emails Allow the same email address to be
* registered multiple times?
*
* @return int|false The new user's GUID; false on failure
* @throws \RegistrationException
*/
function register($username, $password, $name, $email, $allow_multiple_emails = false)
{
// no need to trim password.
$username = trim($username);
$name = trim(strip_tags($name));
$email = trim($email);
// A little sanity checking
if (empty($username) || empty($password) || empty($name) || empty($email)) {
return false;
}
// Make sure a user with conflicting details hasn't registered and been disabled
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
if (!validate_email_address($email)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:emailnotvalid'));
}
if (!validate_password($password)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:passwordnotvalid'));
}
if (!validate_username($username)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:usernamenotvalid'));
}
if ($user = get_user_by_username($username)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:userexists'));
}
if (!$allow_multiple_emails && get_user_by_email($email)) {
throw new \RegistrationException(_elgg_services()->translator->translate('registration:dupeemail'));
}
access_show_hidden_entities($access_status);
// Create user
$user = new \ElggUser();
$user->username = $username;
$user->email = $email;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->setPassword($password);
$user->owner_guid = 0;
// Users aren't owned by anyone, even if they are admin created.
$user->container_guid = 0;
// Users aren't contained by anyone, even if they are admin created.
$user->language = _elgg_services()->translator->getCurrentLanguage();
if ($user->save() === false) {
return false;
}
// Turn on email notifications by default
set_user_notification_setting($user->getGUID(), 'email', true);
return $user->getGUID();
}
foreach ($_POST as $key => $value) {
$_POST[$key] = remove_email_injection(trim($value));
}
// Loop into required fields and make sure they match our needs
foreach ($required_fields as $field) {
// the field has been submitted?
if (!array_key_exists($field, $_POST)) {
array_push($validation, $field);
}
// check there is information in the field?
if ($_POST[$field] == '') {
array_push($validation, $field);
}
// validate the email address supplied
if ($field == 'email') {
if (!validate_email_address($_POST[$field])) {
array_push($validation, $field);
}
}
}
// basic validation result
if (count($validation) == 0) {
// Prepare our content string
$email_content = 'New Website Comment: ' . "\n\n";
// simple email content
foreach ($_POST as $key => $value) {
if ($key != 'submit') {
$email_content .= $key . ': ' . $value . "\n";
}
}
// if validation passed ok then send the email
function content()
{
$errors = array();
if (array_key_exists('register', $_POST)) {
$name = $_POST['name'];
$email = $_POST['email'];
$password = $_POST['password'];
$password2 = $_POST['password2'];
if (!$name || !$email || !$password || !$password2) {
$errors[] = "Please fill in all the fields";
}
if ($password && $password2 && $password != $password2) {
$errors[] = "Passwords do not match";
$_POST['password'] = '';
$_POST['password2'] = '';
}
if ($email && !validate_email_address($email)) {
error_log("Invalid email address <{$email}> while registering");
$errors[] = "Invalid email address";
}
if (count($errors) == 0 && count(fetch_all('users', 'email_address', $email))) {
$errors[] = "A user with this email address already exists";
}
if (count($errors) == 0) {
$token = make_random_token();
$data = array('name' => $name, 'email_address' => $email, 'password_crypt' => crypt($password), 'date_registered' => date('Y-m-d H:i:s'), 'activation_token' => $token);
insert_array_contents('users', $data);
send_activation_email($email, $name, $token);
?>
<h2>Account registered</h2>
<p>An email has just been sent to the email address you supplied. This
contains a link which you should follow to activate your account.</p>
<?php
return;
}
}
page_header('Register for an account');
show_error_list($errors);
?>
<form method="post" action="" accept-charset="UTF-8">
<div class="fieldrow">
<?php
text_field($_POST, 'name', 'Name', 'publicly visible');
?>
</div>
<div class="fieldrow">
<?php
text_field($_POST, 'email', 'Email address');
?>
</div>
<div class="fieldrow">
<div>
<label for="password">Password</label>
<input type="password" id="password" name="password"
value="<?php
esc($_POST['password']);
?>
" />
</div>
<div>
<label for="password2">Confirm password</label>
<input type="password" id="password2" name="password2"
value="<?php
esc($_POST['password2']);
?>
" />
</div>
</div>
<div class="fieldrow">
<input type="submit" name="register" value="Register" />
</div>
</form>
<?php
}
/**
* Save billing form
*/
public function save_billing_form()
{
$data = array();
$errors = array();
$this->load->model('account_model');
//checkout method: 'register' or 'guest'
$checkout_method = $this->input->post('checkout_method');
//if the customer is not logged on
//check email
if (!$this->customer->is_logged_on()) {
$billing_email_address = $this->input->post('billing_email_address');
if ($billing_email_address === NULL || strlen(trim($billing_email_address)) < config('ACCOUNT_EMAIL_ADDRESS')) {
$errors[] = sprintf(lang('field_customer_email_address_error'), config('ACCOUNT_EMAIL_ADDRESS'));
} else {
//validate email address
if (!validate_email_address($billing_email_address)) {
$errors[] = lang('field_customer_email_address_check_error');
} else {
//check whether email exists
$data = $this->account_model->get_data($billing_email_address);
if ($data !== NULL) {
$errors[] = lang('field_customer_email_address_exists_error');
} else {
$data['email_address'] = $billing_email_address;
}
}
}
//if checkout method is 'register' then check the password
$data['password'] = NULL;
if ($checkout_method == 'register') {
$billing_password = $this->input->post('billing_password');
$confirmation = $this->input->post('confirmation');
if ($billing_password === NULL || $billing_password !== NULL && strlen(trim($billing_password)) < config('ACCOUNT_PASSWORD')) {
$errors[] = sprintf(lang('field_customer_password_error'), config('ACCOUNT_PASSWORD'));
} elseif ($confirmation === NULL || $confirmation !== NULL && trim($billing_password) != trim($confirmation)) {
$errors[] = lang('field_customer_password_mismatch_with_confirmation');
} else {
$data['password'] = $billing_password;
}
}
}
//if the create_billing_address equals 1 then get the data
$data['create_billing_address'] = $this->input->post('create_billing_address');
if ($data['create_billing_address'] == 'on') {
//gender
$billing_gender = $this->input->post('billing_gender');
if (config('ACCOUNT_GENDER') == '1') {
if ($billing_gender == 'm' || $billing_gender == 'f') {
$data['gender'] = $billing_gender;
} else {
$errors[] = lang('field_customer_gender_error');
}
} else {
$data['gender'] = $billing_gender !== NULL ? $billing_gender : 'm';
}
//firstname
$billing_firstname = $this->input->post('billing_firstname');
if ($billing_firstname !== NULL && strlen(trim($billing_firstname)) >= config('ACCOUNT_FIRST_NAME')) {
$data['firstname'] = $billing_firstname;
} else {
$errors[] = sprintf(lang('field_customer_first_name_error'), config('ACCOUNT_FIRST_NAME'));
}
//lastname
$billing_lastname = $this->input->post('billing_lastname');
if ($billing_lastname !== NULL && strlen(trim($billing_lastname)) >= config('ACCOUNT_LAST_NAME')) {
$data['lastname'] = $billing_lastname;
} else {
$errors[] = sprintf(lang('field_customer_last_name_error'), config('ACCOUNT_LAST_NAME'));
}
//company
if (config('ACCOUNT_COMPANY') > -1) {
$billing_company = $this->input->post('billing_company');
if ($billing_company !== NULL && strlen(trim($billing_company)) >= config('ACCOUNT_COMPANY')) {
$data['company'] = $billing_company;
} else {
$errors[] = sprintf(lang('field_customer_company_error'), config('ACCOUNT_COMPANY'));
}
}
//street address
$billing_street_address = $this->input->post('billing_street_address');
if ($billing_street_address !== NULL && strlen(trim($billing_street_address)) >= config('ACCOUNT_STREET_ADDRESS')) {
$data['street_address'] = $billing_street_address;
} else {
$errors[] = sprintf(lang('field_customer_street_address_error'), config('ACCOUNT_STREET_ADDRESS'));
}
//suburb
if (config('ACCOUNT_SUBURB') >= 0) {
$billing_suburb = $this->input->post('billing_suburb');
if ($billing_suburb !== NULL && strlen(trim($billing_suburb)) >= config('ACCOUNT_SUBURB')) {
$data['suburb'] = $billing_suburb;
} else {
$errors[] = sprintf(lang('field_customer_suburb_error'), config('ACCOUNT_SUBURB'));
}
}
//postcode
if (config('ACCOUNT_POST_CODE') > -1) {
$billing_postcode = $this->input->post('billing_postcode');
if ($billing_postcode !== NULL && strlen(trim($billing_postcode)) >= config('ACCOUNT_POST_CODE')) {
$data['postcode'] = $billing_postcode;
} else {
$errors[] = sprintf(lang('field_customer_post_code_error'), config('ACCOUNT_POST_CODE'));
}
}
//city
$billing_city = $this->input->post('billing_city');
if ($billing_city !== NULL && strlen(trim($billing_city)) >= config('ACCOUNT_CITY')) {
$data['city'] = $billing_city;
} else {
$errors[] = sprintf(lang('field_customer_city_error'), config('ACCOUNT_CITY'));
}
//country
$billing_country = $this->input->post('billing_country');
if ($billing_country !== NULL && is_numeric($billing_country) && $billing_country >= 1) {
$data['country_id'] = $billing_country;
} else {
$errors[] = lang('field_customer_country_error');
}
//states
if (config('ACCOUNT_STATE') >= 0) {
$this->load->model('address_model');
$billing_state = $this->input->post('billing_state');
if ($this->address_model->has_zones($billing_country)) {
$zone_id = $this->address_model->get_zone_id($billing_country, $billing_state);
if ($zone_id !== NULL) {
$data['zone_id'] = $zone_id;
} else {
$errors[] = lang('field_customer_state_select_pull_down_error');
}
} else {
if (strlen(trim($billing_state)) >= config('ACCOUNT_STATE')) {
$data['state'] = $billing_state;
} else {
$errors[] = sprintf(lang('field_customer_state_error'), config('ACCOUNT_STATE'));
}
}
} else {
if (strlen(trim($billing_state)) >= config('ACCOUNT_STATE')) {
$data['state'] = $billing_state;
} else {
$errors[] = sprintf(lang('field_customer_state_error'), config('ACCOUNT_STATE'));
}
}
//telephone
if (config('ACCOUNT_TELEPHONE') >= 0) {
$billing_telephone = $this->input->post('billing_telephone');
if ($billing_telephone !== NULL && strlen(trim($billing_telephone)) >= config('ACCOUNT_TELEPHONE')) {
$data['telephone'] = $billing_telephone;
} else {
$errors[] = sprintf(lang('field_customer_telephone_number_error'), config('ACCOUNT_TELEPHONE'));
}
}
//fax
if (config('ACCOUNT_FAX') >= 0) {
$billing_fax = $this->input->post('billing_fax');
if ($billing_fax !== NULL && strlen(trim($billing_fax)) >= config('ACCOUNT_FAX')) {
$data['fax'] = $billing_fax;
} else {
$errors[] = sprintf(lang('field_customer_fax_number_error'), config('ACCOUNT_FAX'));
}
}
}
if (sizeof($errors) > 0) {
$response = array('success' => FALSE, 'errors' => $errors);
} else {
$response = array('success' => TRUE);
//set checkout method
$data['checkout_method'] = $checkout_method;
//if ship_to_this_address is on
$data['ship_to_this_address'] = $this->input->post('ship_to_this_address');
if ($this->customer->is_logged_on()) {
$data['email_address'] = $this->customer->get_email_address();
$data['password'] = '';
if ($data['create_billing_address'] !== NULL && $data['create_billing_address'] == 'on') {
$this->shopping_cart->set_raw_billing_address($data);
if ($data['ship_to_this_address'] == 'on') {
$this->shopping_cart->set_raw_shipping_address($data);
}
} else {
$billing_address_id = $this->input->post('sel_billing_address');
$this->shopping_cart->set_billing_address($billing_address_id);
if ($data['ship_to_this_address'] == 'on') {
$this->shopping_cart->set_shipping_address($billing_address_id);
}
}
} else {
$this->shopping_cart->set_raw_billing_address($data);
if ($data['ship_to_this_address'] == 'on') {
$this->shopping_cart->set_raw_shipping_address($data);
}
}
}
$this->output->set_output(json_encode($response));
}
/**
* Registers a user, returning false if the username already exists
*
* @param string $username The username of the new user
* @param string $password The password
* @param string $name The user's display name
* @param string $email Their email address
* @param bool $allow_multiple_emails Allow the same email address to be registered multiple times?
* @param int $friend_guid Optionally, GUID of a user this user will friend once fully registered
* @return int|false The new user's GUID; false on failure
*/
function register_user($username, $password, $name, $email, $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '')
{
// Load the configuration
global $CONFIG;
$username = trim($username);
$password = trim($password);
$name = trim($name);
$email = trim($email);
// A little sanity checking
if (empty($username) || empty($password) || empty($name) || empty($email)) {
return false;
}
// See if it exists and is disabled
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
// Validate email address
if (!validate_email_address($email)) {
throw new RegistrationException(elgg_echo('registration:emailnotvalid'));
}
// Validate password
if (!validate_password($password)) {
throw new RegistrationException(elgg_echo('registration:passwordnotvalid'));
}
// Validate the username
if (!validate_username($username)) {
throw new RegistrationException(elgg_echo('registration:usernamenotvalid'));
}
// Check to see if $username exists already
if ($user = get_user_by_username($username)) {
//return false;
throw new RegistrationException(elgg_echo('registration:userexists'));
}
// If we're not allowed multiple emails then see if this address has been used before
if (!$allow_multiple_emails && get_user_by_email($email)) {
throw new RegistrationException(elgg_echo('registration:dupeemail'));
}
access_show_hidden_entities($access_status);
// Check to see if we've registered the first admin yet.
// If not, this is the first admin user!
$admin = datalist_get('admin_registered');
// Otherwise ...
$user = new ElggUser();
$user->username = $username;
$user->email = $email;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
// Note salt generated before password!
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
// Users aren't owned by anyone, even if they are admin created.
$user->container_guid = 0;
// Users aren't contained by anyone, even if they are admin created.
$user->save();
// If $friend_guid has been set, make mutual friends
if ($friend_guid) {
if ($friend_user = get_user($friend_guid)) {
if ($invitecode == generate_invite_code($friend_user->username)) {
$user->addFriend($friend_guid);
$friend_user->addFriend($user->guid);
}
}
}
global $registering_admin;
if (!$admin) {
$user->admin = true;
datalist_set('admin_registered', 1);
$registering_admin = true;
} else {
$registering_admin = false;
}
// Turn on email notifications by default
set_user_notification_setting($user->getGUID(), 'email', true);
return $user->getGUID();
}
} else {
$result['status'] = false;
$result['text'] = elgg_echo('registration:usernamenotvalid');
}
} catch (Exception $e) {
$result['status'] = false;
$result['text'] = $e->getMessage();
}
}
break;
case 'email':
$email = get_input('email');
if ($email) {
$result['status'] = true;
try {
if (validate_email_address($email)) {
$hidden = access_show_hidden_entities(true);
if (get_user_by_email($email)) {
$result['status'] = false;
$result['text'] = elgg_echo('registration:dupeemail');
}
access_show_hidden_entities($hidden);
} else {
$result['status'] = false;
$result['text'] = elgg_echo('registration:notemail');
}
} catch (Exception $e) {
$result['status'] = false;
$result['text'] = $e->getMessage();
}
}
/**
* Registers a user, returning false if the username already exists
*
* @param string $username The username of the new user
* @param string $password The password
* @param string $name The user's display name
* @param string $email Their email address
* @param bool $allow_multiple_emails Allow the same email address to be
* registered multiple times?
* @param int $friend_guid GUID of a user to friend once fully registered
* @param string $invitecode An invite code from a friend
*
* @return int|false The new user's GUID; false on failure
*/
function register_user($username, $password, $name, $email, $allow_multiple_emails = false, $friend_guid = 0, $invitecode = '')
{
// Load the configuration
global $CONFIG;
// no need to trim password.
$username = trim($username);
$name = trim(strip_tags($name));
$email = trim($email);
// A little sanity checking
if (empty($username) || empty($password) || empty($name) || empty($email)) {
return false;
}
// Make sure a user with conflicting details hasn't registered and been disabled
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
if (!validate_email_address($email)) {
throw new RegistrationException(elgg_echo('registration:emailnotvalid'));
}
if (!validate_password($password)) {
throw new RegistrationException(elgg_echo('registration:passwordnotvalid'));
}
if (!validate_username($username)) {
throw new RegistrationException(elgg_echo('registration:usernamenotvalid'));
}
if ($user = get_user_by_username($username)) {
throw new RegistrationException(elgg_echo('registration:userexists'));
}
if (!$allow_multiple_emails && get_user_by_email($email)) {
throw new RegistrationException(elgg_echo('registration:dupeemail'));
}
access_show_hidden_entities($access_status);
// Create user
$user = new ElggUser();
$user->username = $username;
$user->email = $email;
$user->name = $name;
$user->access_id = ACCESS_PUBLIC;
$user->salt = generate_random_cleartext_password();
// Note salt generated before password!
$user->password = generate_user_password($user, $password);
$user->owner_guid = 0;
// Users aren't owned by anyone, even if they are admin created.
$user->container_guid = 0;
// Users aren't contained by anyone, even if they are admin created.
$user->language = get_current_language();
$user->save();
// If $friend_guid has been set, make mutual friends
if ($friend_guid) {
if ($friend_user = get_user($friend_guid)) {
if ($invitecode == generate_invite_code($friend_user->username)) {
$user->addFriend($friend_guid);
$friend_user->addFriend($user->guid);
// @todo Should this be in addFriend?
add_to_river('river/relationship/friend/create', 'friend', $user->getGUID(), $friend_guid);
add_to_river('river/relationship/friend/create', 'friend', $friend_guid, $user->getGUID());
}
}
}
// Turn on email notifications by default
set_user_notification_setting($user->getGUID(), 'email', true);
return $user->getGUID();
}
/**
* Web service to get all users registered with an email ID
*
* @param string $email Email ID to check for
* @return string $foundusers Array of usernames registered with this email ID
* @throws InvalidParameterException
* @throws RegistrationException
*/
function user_get_user_by_email($email)
{
if (!validate_email_address($email)) {
throw new RegistrationException(elgg_echo('registration:notemail'));
}
$user = get_user_by_email($email);
if (!$user) {
throw new InvalidParameterException('registration:emailnotvalid');
}
foreach ($user as $key => $singleuser) {
$foundusers[$key] = $singleuser->username;
}
return $foundusers;
}
/**
* Save the edited account
*
* @access public
*/
public function save()
{
$data = array();
//validate gender
if (config('ACCOUNT_GENDER') == '1') {
$gender = $this->input->post('gender');
if ($gender == 'm' || $gender == 'f') {
$data['customers_gender'] = $gender;
} else {
$this->message_stack->add('account_edit', lang('field_customer_gender_error'));
}
} else {
$data['customers_gender'] = !empty($gender) ? $gender : '';
}
//validate firstname
$firstname = $this->input->post('firstname');
if (!empty($firstname) || strlen(trim($firstname)) >= config('ACCOUNT_FIRST_NAME')) {
$data['customers_firstname'] = $this->security->xss_clean($firstname);
} else {
$this->message_stack->add('account_edit', sprintf(lang('field_customer_first_name_error'), config('ACCOUNT_FIRST_NAME')));
}
//validate lastname
$lastname = $this->input->post('lastname');
if (!empty($lastname) || strlen(trim($lastname)) >= config('ACCOUNT_LAST_NAME')) {
$data['customers_lastname'] = $this->security->xss_clean($lastname);
} else {
$this->message_stack->add('account_edit', sprintf(lang('field_customer_last_name_error'), config('ACCOUNT_LAST_NAME')));
}
//validate dob days
if (config('ACCOUNT_DATE_OF_BIRTH') == '1') {
$dob_days = $this->input->post('dob_days');
if (!empty($dob_days)) {
$data['customers_dob'] = $dob_days;
} else {
$this->message_stack->add('account_edit', lang('field_customer_date_of_birth_error'));
}
}
//email address
$email_address = $this->input->post('email_address');
if (!empty($email_address) && strlen(trim($email_address)) >= config('ACCOUNT_EMAIL_ADDRESS')) {
if (validate_email_address($email_address)) {
if ($this->account_model->check_duplicate_entry($email_address, $this->customer->get_id()) === FALSE) {
$data['customers_email_address'] = $email_address;
} else {
$this->message_stack->add('account_edit', lang('field_customer_email_address_exists_error'));
}
} else {
$this->message_stack->add('account_edit', lang('field_customer_email_address_check_error'));
}
} else {
$this->message_stack->add('account_edit', sprintf(lang('field_customer_email_address_error'), config('ACCOUNT_EMAIL_ADDRESS')));
}
//newsletter
if (config('ACCOUNT_NEWSLETTER') == '1') {
$data['customers_newsletter'] = $this->input->post('newsletter') == 1 ? '1' : '0';
}
if ($this->message_stack->size('account_edit') === 0) {
if ($this->account_model->save($data, $this->customer->get_id())) {
$this->customer->set_data($data['customers_email_address']);
$this->message_stack->add_session('account', lang('success_account_updated'), 'success');
redirect(site_url('account'));
} else {
$this->message_stack->add('account_edit', lang('error_database'));
}
}
//setup view
$this->template->build('account/account_edit');
}
/**
* Validate records and create update and create queues
*
* @param mixed $data
*/
function queueRecords($data = null)
{
if (!$this->records->mapped) {
$this->mapRecords($data);
}
$this->records->queue = array();
foreach ($this->records->mapped as $record) {
$create = true;
$update = false;
$messages = array();
// First check if the user already exists
if ($record['guid']) {
$create = false;
$record_entity = get_entity($record['guid']);
if (elgg_instanceof($record_entity, 'user')) {
$messages[] = elgg_echo('upload_users:error:userexists');
if ($this->update_existing_users) {
$update = true;
}
} else {
if ($this->update_existing_users) {
$messages[] = elgg_echo('upload_users:error:invalid_guid');
}
}
} else {
try {
validate_email_address($record['email']);
$record_by_username = get_user_by_username($record['username']);
$record_by_email = get_user_by_email($record['email']);
if (elgg_instanceof($record_by_username, 'user') || elgg_instanceof($record_by_email[0], 'user')) {
$create = false;
if ($record_by_username->guid != $record_by_email[0]->guid) {
if ($this->fix_usernames && !$this->update_existing_users) {
$create = true;
while (get_user_by_username($record['username'])) {
$record['username'] = $record['username'] . rand(1000, 9999);
}
} else {
$messages[] = elgg_echo('upload_users:error:update_email_username_mismatch');
// username does not match with the email we have in the database
}
} else {
$messages[] = elgg_echo('upload_users:error:userexists');
if ($this->update_existing_users) {
$record['guid'] = $record_by_username->guid;
$update = true;
}
}
}
} catch (RegistrationException $r) {
$create = false;
$messages[] = $r->getMessage();
}
}
// No existing accounts found; validate details for registration
if ($create) {
if (!$record['name']) {
$create = false;
$messages[] = elgg_echo('upload_users:error:empty_name');
}
try {
validate_username($record['username']);
} catch (RegistrationException $r) {
$create = false;
$messages[] = $r->getMessage();
}
if ($record['password']) {
try {
validate_password($record['password']);
} catch (RegistrationException $r) {
$create = false;
$messages[] = $r->getMessage();
}
}
}
$record['__upload_users_messages'] = $messages;
$record['__upload_users_status'] = false;
if ($create || $update) {
$record['__upload_users_status'] = true;
}
$this->records->queue[] = $record;
}
}
/**
* Save the guest book
*
* @access public
* @return void
*/
public function save()
{
//validate title
$title = $this->input->post('title');
if (!empty($title)) {
$data['title'] = $this->security->xss_clean($title);
} else {
$this->message_stack->add('guestbook', lang('field_guestbook_title_error'));
}
//validate email
$email = $this->input->post('email');
if (!empty($email) && validate_email_address($email)) {
$data['email'] = $this->security->xss_clean($email);
} else {
$this->message_stack->add('guestbook', lang('field_guestbook_email_error'));
}
//validate content
$content = $this->input->post('content');
if (!empty($content)) {
$data['content'] = $this->security->xss_clean($content);
} else {
$this->message_stack->add('guestbook', lang('field_guestbook_content_error'));
}
//url
$url = $this->input->post('url');
$data['url'] = $this->security->xss_clean($url);
if ($this->message_stack->size('guestbook') === 0) {
if ($this->guestbooks_model->save($data)) {
$this->message_stack->add_session('guestbook', lang('success_guestbook_saved'), 'success');
redirect(site_url('info/guestbooks'));
}
} else {
$this->template->build('info/guestbook_add');
}
}
/**
* the main apiController function that outputs json_encoded results
* @param $path
* @param $request
* @param $files
*/
function apiController($path, $request, $files = null)
{
global $dao, $smarty;
list($reqPath, $queryString) = explode('?', $path);
$pathParts = explode('/', substr($reqPath, 1));
list($action) = $pathParts;
Log::getInstance()->log("Reached server");
Log::getInstance()->log("{$path} , {$request}");
if ($action != "addExpeditionPoint" && $action != "getDeviceByAuthKey") {
$log = Log::getInstance();
$log->log("{$action}");
$log->log("{$path}, {$request}");
}
$authKey = $request["authKey"];
if ($action != "isreachable" && $action != "login" && $action != "registerUser" && $action != "registerDevice" && $action != "getPendingDeviceStatus" && !$authKey) {
$response = array("errorCode" => ERR_AUTHKEY_MISSING, "errorMessage" => "You must provide an authentication key with each request.");
echo json_encode($response);
die;
}
if ($action != isreachable && $action != "login" && $action != "registerUser") {
$device = $dao->getDeviceByAuthKey($authKey);
if ($action != "registerDevice" && $action != "getPendingDeviceStatus" && !$device) {
$response = errorResponseCode(ERR_AUTHKEY_INVALID, "Invalid authentication key.");
echo json_encode($response);
die;
}
$deviceUserId = $device["user_id"];
$deviceIdentifier = $device["imei"];
}
switch ($action) {
case 'isreachable':
jsonMessage(AUTHN_OK, "The server is reachable");
break;
case 'login':
extract($request);
Log::getInstance()->log("Login = {$request} email={$email} imei={$imei}");
if (!$email) {
jsonError(ERR_EMAIL_MISSING, "Email Address is required");
} else {
if (!validate_email_address($email)) {
jsonError(ERR_EMAIL_INVALID, "Email Address is invalid");
}
}
if (!$password) {
jsonError(ERR_PASSWORD_MISSING, "Password is required");
}
// NOTE: Tablets don't have imei. So this will only work for phones.
// if (!$imei){
// jsonError(ERR_IMEI_MISSING, "IMEI Code is required");
// }
if ($login = $dao->checkLogin($email, $password)) {
$authKey = genAuthKey();
$userId = $login["id"];
if ($dao->registerDevicePending($userId, $authKey)) {
jsonMessage(AUTHN_OK, $authKey);
} else {
jsonError(ERR_SERVER, "Authentication Key cannot be generated");
}
} else {
jsonError(AUTHN_FAILED, "Authentication failed. Please Check email address or password.");
}
break;
case 'registerUser':
extract($request);
if (!$email) {
jsonError(ERR_EMAIL_MISSING, "Email Address is required");
} else {
if (!validate_email_address($email)) {
jsonError(ERR_EMAIL_INVALID, "Email Address is invalid");
}
}
if (!$firstname) {
jsonError(ERR_FIRSTNAME_MISSING, "Firstname is required");
}
if (!$lastname) {
jsonError(ERR_LASTNAME_MISSING, "LastName is required");
}
if (strlen($password1) < 6) {
jsonError(ERR_PASSWORD1_INVALID, "Password must be 6 characters or longer");
}
if ($password1 != $password2) {
jsonError(ERR_PASSWORD_UNMATCHED, "Passwords must match");
}
$newUser = array($email, $firstname, $lastname, $password1);
$result = $dao->registerUser($newUser);
if ($result === REGISTRATION_EMAILEXISTS) {
jsonError(ERR_EMAIL_INVALID, "Email already exists");
}
$smarty->assign('link', SERVER_BASE_URI . "/web/verifyEmail?email={$email}");
sendEmail($email, "email verification", $smarty->fetch("emails/new_user.tpl"));
jsonMessage(AUTHN_OK, "Registration Successful");
break;
case 'getDeltaFindsIds':
echo $dao->getDeltaFindsIds($authKey, $request["projectId"]);
break;
case 'recordSync':
$projectId = -1;
if ($request["projectId"]) {
$projectId = (int) $request["projectId"];
}
echo $dao->recordSync($request["imei"], $authKey, $projectId);
//echo $dao->recordSync($deviceIdentifier, $authKey);
break;
case 'registerDevice':
$imei = $request["imei"];
$name = null;
if (strstr($authKey, "sb_")) {
$result = $dao->addSandboxDevice($authKey, $imei);
} else {
$result = $dao->confirmDevice($authKey, $imei, $name);
}
echo json_encode($result);
break;
case 'addExpedition':
echo $dao->addExpedition($request["projectId"]);
break;
case 'addExpeditionPoint':
echo $request["expedition"] . ",";
echo $dao->addExpeditionPoint($request["expedition"], $request["latitude"], $request["longitude"], $request["altitude"], $request["swath"], $request["time"]);
break;
case 'getPendingDeviceStatus':
$device = $dao->getDeviceByAuthKey($authKey);
if ($device["status"] == "ok") {
echo json_encode($device);
} else {
echo json_encode(false);
}
break;
case 'listOpenProjects':
$result = $dao->getProjects(PROJECTS_OPEN);
echo json_encode($result);
break;
case 'listMyProjects':
$result = $dao->getUserProjects($deviceUserId);
echo json_encode($result);
break;
case 'newProject':
extract($request);
if (!$name) {
jsonError(ERR_NAME_INVALID, "Project name is invalid.");
}
$result = $dao->newProject($name, $description, $deviceUserId);
if (is_string($result)) {
jsonMessage(PROJ_CREATE_SUCCESS, "Project created successfully.");
} else {
jsonError(PROJ_CREATE_FAIL, "Project creation failed.");
}
break;
case 'projectExists':
if ($request["projectId"]) {
echo $dao->projectExists($request["projectId"]);
}
break;
case 'listFinds':
echo json_encode($dao->getFinds($request["project_id"]));
break;
case 'getFind':
$result = $dao->getFind($request["guid"]);
echo json_encode($result);
break;
case 'deleteFind':
echo $dao->deleteFind($request["id"]);
break;
case 'deleteProject':
$dao->deleteProject($request["projectId"]);
break;
case 'deleteAllFinds':
$dao->deleteAllFinds($request["projectId"]);
break;
case 'createFind':
echo $dao->createFind($authKey, $request["imei"], $request["guid"], $request["project_id"], $request["name"], $request["description"], $request["latitude"], $request["longitude"], $request["revision"], $request["data"]);
break;
case 'updateFind':
echo $dao->updateFind($authKey, $request["imei"], $request["guid"], $request["project_id"], $request["name"], $request["description"], $request["revision"], $request["data"], $request["latitude"], $request["longitude"]);
break;
case 'attachPicture':
$imagedata = base64_decode($request["data_full"]);
$imagethumbdata = base64_decode($request["data_thumbnail"]);
$result = $dao->addPictureToFind($request["imei"], $request["guid"], $request["identifier"], $request["project_id"], $request["mime_type"], $request["timestamp"], $imagedata, $imagethumbdata, $authKey);
echo json_encode($result);
break;
case 'attachVideo':
$video_data = $files['file']['tmp_name'];
$video_type = $request["mimeType"];
$video_name = str_replace(' ', '_', $files["file"]["name"]);
move_uploaded_file($video_data, "uploads/{$video_name}");
$result = $dao->addVideoToFind($request['id'], $request["findId"], $video_type, $video_name);
return $result;
break;
case 'attachAudio':
$audio_data = $files['file']['tmp_name'];
$audio_type = $request["mimeType"];
$audio_name = str_replace(' ', '_', $files["file"]["name"]);
move_uploaded_file($audio_data, "uploads/{$audio_name}");
$result = $dao->addAudioClipToFind($request['id'], $request["findId"], $audio_type, $audio_name);
return $result;
break;
case 'removePicture':
$dao->deletePictureFromFind($request["id"]);
break;
case 'removeVideo':
$dao->deleteVideoFromFind($request["id"]);
break;
case 'removeAudioClip':
$dao->deleteAudioClipFromFind($request["id"]);
break;
case 'deleteAllPictures':
$dao->deleteImages($request["findId"]);
break;
case 'deleteAllVideos':
$dao->deleteVideos($request["findId"]);
break;
case 'deleteAllAudioClips':
$dao->deleteAudioClips($request["findId"]);
break;
case 'getPicture':
$picture = $dao->getPicture($request["id"]);
$imageEncoded = base64_encode($picture["data_full"]);
$imageThumbEncoded = base64_encode($picture["data_thumb"]);
$pictureEncoded = $picture;
if ($imageEncoded != "") {
$pictureEncoded["data_full"] = $imageEncoded;
}
if ($imageThumbEncoded != "") {
$pictureEncoded["data_thumb"] = $imageThumbEncoded;
}
if (count($pictureEncoded) > 0) {
echo json_encode($pictureEncoded);
} else {
echo "false";
}
break;
case 'getPicturesByFind':
$pictures = $dao->getPicturesByFind($request["guid"]);
$result = array();
foreach ($pictures as $pic) {
$imageEncoded = base64_encode($pic["data_full"]);
$imageThumbEncoded = base64_encode($pic["data_thumb"]);
$pictureEncoded = $pic;
if ($imageEncoded != "") {
$pictureEncoded["data_full"] = $imageEncoded;
}
if ($imageThumbEncoded != "") {
$pictureEncoded["data_thumb"] = $imageThumbEncoded;
}
if (count($pictureEncoded) > 0) {
$result[] = $pictureEncoded;
}
}
if (count($result) > 0) {
echo json_encode($result);
} else {
echo "false";
}
break;
case 'getVideo':
$video = $dao->getVideo($request["id"]);
$video_name = $video["data_path"];
$video_path = "uploads/{$video_name}";
$fp_v = fopen($video_path, 'r');
$video_data = fread($fp_v, filesize($video_path));
$videoEncoded = base64_encode($video_data);
$clipEncoded = $video;
$clipEncoded["data_full"] = $videoEncoded;
echo json_encode($clipEncoded);
break;
case 'getAudio':
$audio = $dao->getAudioClip($request["id"]);
$audio_name = $audio["data_path"];
$audio_path = "uploads/{$audio_name}";
$fp_v = fopen($audio_path, 'r');
$audio_data = fread($fp_v, filesize($audio_path));
$audioEncoded = base64_encode($audio_data);
$clipEncoded = $audio;
$clipEncoded["data_full"] = $audioEncoded;
echo json_encode($clipEncoded);
break;
case 'searchFinds':
$search_value = $request['search_value'];
$project_id = $request['project_id'];
$result = $dao->searchFinds($search_value, $project_id);
echo json_encode($result);
break;
case 'execCommand':
$command = $request['command'];
echo $dao->execCommand($command);
break;
default:
break;
}
}
/**
* Generate a unique username based on a provided email address.
*
* The first part (before @) of the email address will be used as a base.
* Numbers will be added to the end to make it unique.
*
* @param string $email the email address to use
*
* @see simplesaml_generate_unique_username()
*
* @return bool|string a unique username, false on failure
*/
function simplesaml_generate_username_from_email($email)
{
$result = false;
if (!empty($email) && validate_email_address($email)) {
list($username) = explode("@", $email);
// make sure the username is unique
$result = simplesaml_generate_unique_username($username);
}
return $result;
}
/**
* Generate a unique username based on a provided email address.
*
* The first part (before @) of the email address will be used as a base.
* Numbers will be added to the end to make it unique.
*
* @param string $email the email address to use
*
* @see simplesaml_generate_unique_username()
*
* @return false|string
*/
function simplesaml_generate_username_from_email($email)
{
if (empty($email) || !validate_email_address($email)) {
return false;
}
list($username) = explode('@', $email);
// make sure the username is unique
return simplesaml_generate_unique_username($username);
}
/**
* Save contact us
*
* @access public
* @return void
*/
public function save()
{
//validate department email
$department_email = $this->input->post('department_email');
if (!empty($department_email)) {
$department_email = $this->security->xss_clean($department_email);
if (!validate_email_address($department_email)) {
$this->message_stack->add('contact', lang('field_departments_email_error'));
}
} else {
$department_email = config('STORE_OWNER_EMAIL_ADDRESS');
}
//validate customer name field
$name = $this->input->post('name');
if (!empty($name)) {
$name = $this->security->xss_clean($name);
} else {
$this->message_stack->add('contact', lang('field_customer_name_error'));
}
//validate customer email field
$email = $this->input->post('email');
if (!empty($email) && validate_email_address($email)) {
$email = $this->security->xss_clean($email);
} else {
$this->message_stack->add('contact', lang('field_customer_concat_email_error'));
}
//validate customer telephone
$telephone = $this->input->post('telephone');
if (!empty($telephone)) {
$telephone = $this->security->xss_clean($telephone);
}
//validate enquiry
$enquiry = $this->input->post('enquiry');
if (!empty($enquiry)) {
$enquiry = $this->security->xss_clean($enquiry);
} else {
$this->message_stack->add('contact', lang('field_enquiry_error'));
}
if ($this->message_stack->size('contact') === 0) {
//ignore the send email action
//setup view
$this->template->build('info/contact_success', $this->_data);
} else {
//setup view
$this->template->build('info/contact_us', $this->_data);
}
}
if (filter_var($emailString, FILTER_VALIDATE_EMAIL) == $emailString) {
preg_match('/(.+)@(.+)/', $emailString, $matches);
if (sizeof($matches) != 3) {
/*original string + matches*/
return false;
}
if (checkdnsrr($matches[2], "MX")) {
// check if there's a MX record in DNS
return true;
} else {
return false;
}
}
return false;
}
$emails = array("*****@*****.**" => false, "test" => false, "*****@*****.**" => true, "*****@*****.**" => true, "*****@*****.**" => true, "robert');drop table students;" => false);
//var_dump(checkdnsrr("example.com", "MX"));
//var_dump(checkdnsrr("gmail.com", "MX"));
$success = 0;
$fail = 0;
foreach ($emails as $email => $expected_result) {
//var_dump(filter_var($email, FILTER_VALIDATE_EMAIL));
$result = validate_email_address($email);
//print "$email => ".var_dump($result)."\n ";
if ($result == $expected_result) {
$success++;
} else {
$fail++;
}
}
print "success = " . $success . " " . " fail =" . $fail . "\n";
function checkUsers()
{
global $CONFIG;
$final_report = array();
/// Final report of the upload process
/// Check all the users from $users_to_confirm array
foreach ($this->users_to_confirm as $user) {
/// CHeck for password or generate a new one
if (empty($user['password'])) {
$user['password'] = $this->generatePassword();
}
$report = array('username' => $user['username'], 'password' => $user['password'], 'name' => $user['name'], 'email' => $user['email'], 'status' => '', 'create_user' => true);
/// Check if the username has already been registered
if (get_user_by_username($user['username'])) {
$report['status'] .= '<span class="error">' . elgg_echo('registration:userexists') . '</span>';
$report['create_user'] = false;
}
/// Check if the email has already been registered
if (get_user_by_email($user['email'])) {
$report['status'] .= '<span class="error">' . elgg_echo('registration:dupeemail') . '</span>';
$report['create_user'] = false;
}
/// Check that the email is valid
try {
validate_email_address($user['email']);
} catch (RegistrationException $r) {
$report['status'] .= ' <span class="error">' . $r->getMessage() . '</span>';
$report['create_user'] = false;
}
/// CHeck for valid password
try {
validate_password($user['password']);
} catch (RegistrationException $r) {
$report['status'] .= ' <span class="error">' . $r->getMessage() . '</span>';
$report['create_user'] = false;
}
/// Process metadata
foreach ($user['metadata'] as $key => $metadata) {
$report[$key] = $metadata;
}
/// Add the user to the creation list if we can create the user
if ($report['status'] == '') {
$report['status'] = elgg_echo('upload_users:statusok');
/// Set status to ok
$this->users_to_create[] = $user;
} else {
$this->number_of_failed_users++;
}
$final_report[] = $report;
}
$this->confirmation_report = $final_report;
return true;
}
public function validateEmailDomain($user_guid = 0, $email_address = "")
{
$result = false;
if ($this->getMembership() == self::MEMBERSHIP_DOMAIN || $this->getMembership() == self::MEMBERSHIP_DOMAIN_APPROVAL) {
if (empty($user_guid)) {
$user = elgg_get_logged_in_user_entity();
} else {
$user = get_user($user_guid);
}
$domains = $this->domains;
$domains = strtolower($domains);
// need to be lowercase
if (!empty($domains)) {
$domains = explode(",", str_replace(" ", "", $domains));
if (!is_array($domains)) {
$domains = array($domains);
}
if (!empty($user)) {
// check user's email
$email = $user->email;
$email = strtolower($email);
// need to be lowercase
list($dummy, $u_domain) = explode("@", $email);
if (in_array($u_domain, $domains)) {
$result = true;
} else {
foreach ($domains as $domain) {
$domain = trim($domain);
if (substr($domain, 0, 1) == ".") {
$len = strlen($domain);
if (substr($u_domain, -$len) == $domain) {
$result = true;
break;
}
}
}
}
}
// check given email address
if (!$result && !empty($email_address)) {
if (validate_email_address($email_address)) {
list($dummy, $u_domain) = explode("@", $email_address);
if (in_array($u_domain, $domains)) {
$result = true;
} else {
foreach ($domains as $domain) {
$domain = trim($domain);
if (substr($domain, 0, 1) == ".") {
$len = strlen($domain);
if (substr($u_domain, -$len) == $domain) {
$result = true;
break;
}
}
}
}
}
}
}
}
return $result;
}
/**
* save customer
*
* @access public
*/
public function save()
{
//load model
$this->load->model('account_model');
$data = array();
//validate privacy conditions
if (config('DISPLAY_PRIVACY_CONDITIONS') == '1') {
if ($this->input->post('privacy_conditions') != '1') {
$this->message_stack->add('create', lang('error_privacy_statement_not_accepted'));
}
}
//validate gender
if (config('ACCOUNT_GENDER') == '1') {
if ($this->input->post('gender') == 'm' || $this->input->post('gender') == 'f') {
$data['customers_gender'] = $this->input->post('gender');
} else {
$this->message_stack->add('create', lang('field_customer_gender_error'));
}
} else {
$gender = $this->input->post('gender');
$data['customers_gender'] = $this->input->post('gender') == NULL ? '' : $this->input->post('gender');
}
//validate firstname
if ($this->input->post('firstname') !== NULL && strlen(trim($this->input->post('firstname'))) >= config('ACCOUNT_FIRST_NAME')) {
$data['customers_firstname'] = $this->input->post('firstname');
} else {
$this->message_stack->add('create', sprintf(lang('field_customer_first_name_error'), config('ACCOUNT_FIRST_NAME')));
}
//validate lastname
if ($this->input->post('lastname') !== NULL && strlen(trim($this->input->post('lastname'))) >= config('ACCOUNT_LAST_NAME')) {
$data['customers_lastname'] = $this->input->post('lastname');
} else {
$this->message_stack->add('create', sprintf(lang('field_customer_last_name_error'), config('ACCOUNT_LAST_NAME')));
}
//newsletter
$data['customers_newsletter'] = $this->input->post('newsletter') == 1 ? '1' : '0';
//validate dob days
if (config('ACCOUNT_DATE_OF_BIRTH') == '1') {
$dob_days = $this->input->post('dob_days');
if (!empty($dob_days)) {
$data['customers_dob'] = $this->input->post('dob_days');
} else {
$this->message_stack->add('create', lang('field_customer_date_of_birth_error'));
}
}
//email address
if ($this->input->post('email_address') !== NULL && strlen(trim($this->input->post('email_address'))) >= config('ACCOUNT_EMAIL_ADDRESS')) {
if (validate_email_address($this->input->post('email_address'))) {
if ($this->account_model->check_duplicate_entry($this->input->post('email_address')) === FALSE) {
$data['customers_email_address'] = $this->input->post('email_address');
} else {
$this->message_stack->add('create', lang('field_customer_email_address_exists_error'));
}
} else {
$this->message_stack->add('create', lang('field_customer_email_address_check_error'));
}
} else {
$this->message_stack->add('create', sprintf(lang('field_customer_email_address_error'), config('ACCOUNT_EMAIL_ADDRESS')));
}
//validate password
if ($this->input->post('password') === NULL || $this->input->post('password') !== NULL && strlen(trim($this->input->post('password'))) < config('ACCOUNT_PASSWORD')) {
$this->message_stack->add('create', sprintf(lang('field_customer_password_error'), config('ACCOUNT_PASSWORD')));
} elseif ($this->input->post('confirmation') === NULL || $this->input->post('confirmation') !== NULL && trim($this->input->post('password')) != trim($this->input->post('confirmation'))) {
$this->message_stack->add('create', lang('field_customer_password_mismatch_with_confirmation'));
} else {
$data['customers_password'] = encrypt_password($this->input->post('password'));
}
if ($this->message_stack->size('create') === 0) {
$data['customers_status'] = 1;
//if create account success send email
if ($this->account_model->insert($data)) {
//set data to session
$this->customer->set_data($data['customers_email_address']);
//synchronize shopping cart content with database
$this->shopping_cart->synchronize_with_database();
//synchronize wishlist with database
$this->wishlist->synchronize_with_database();
//send email
$this->load->library('email_template');
$email = $this->email_template->get_email_template('create_account_email');
$email->set_data($data['customers_password']);
$email->build_message();
$email->send_email();
}
//set page title
$this->set_page_title(lang('create_account_success_heading'));
//setup view
$this->template->build('account/create_success');
} else {
//setup view
$this->template->build('account/create', $this->data);
}
}
function register_process($post_values, $config)
{
$errors = array();
$username = $post_values['username'];
$password = $post_values['password'];
$email = validate_email_address($post_values['email']);
if (!$username || strlen($username) < 5) {
$errors['username'] = "******";
}
if ($user = user_exists('username', $username)) {
$errors['username'] = "******";
}
if (!$password || strlen($password) < 8) {
$errors['password'] = "******";
}
if (!$email) {
$errors['email'] = "Please provide a <strong>valid email addresss</strong>";
}
if ($user = user_exists('email_address', $email)) {
$errors['email'] = "Your email address is already associated with an account";
}
// Error checking done - now on to processing it proper
if (count($errors) == 0) {
$passhash = str_shuffle(sha1(time() . $config['hash_salt']));
$password = sha1($passhash . $password);
$user_insert_sql = '
INSERT INTO users
(
`username`,
`password`,
`password_hash`,
`email_address`,
`created_at`,
`updated_at`
)
VALUES
(
"' . $username . '",
"' . $password . '",
"' . $passhash . '",
"' . $email . '",
NOW(),
NOW()
)
';
$user_insert = mysql_query($user_insert_sql) or die (mysql_error());
if ($user_insert) {
$user_id = mysql_insert_id();
accounts_start_session($user_id);
}
}
// Done.. Now, what are we returning?
return array($post_values, $errors);
}
