//$id = $_POST['uid']; $user = $_POST['sso']; $posted_token = $user['token']; $secret = CODOF\Util::get_opt('sso_secret'); if (!empty($user)) { unset($user['token']); $sso_token = md5(urlencode(json_encode($user)) . $secret . $_POST['timestamp']); } $username = $user['name']; $mail = $user['mail']; if ($sso_token != $posted_token) { echo 'error'; exit; } $db = DB::getPDO(); if (!CODOF\User\User::mailExists($mail)) { //this user does not have an account in codoforum $reg = new \CODOF\User\Register($db); if (\CODOF\User\User::usernameExists($username)) { $username .= time(); } $reg->username = $username; $reg->name = $username; $reg->mail = $mail; $reg->user_status = 1; $ret = $reg->register_user(); $reg->login(); if (!empty($ret)) { echo "error"; } } else {
$res['avatar'] = str_replace("admin/", "", $res['avatar']); $sroles = get_roles(); $smarty->assign('prole_selected', $u->rid); $smarty->assign('role_options', $sroles); $role = $u->rids; $smarty->assign('role_selected', $role); $smarty->assign('user', $res); $content = $smarty->fetch('user_edit.tpl'); } else { //NEW if (isset($_POST['a_username']) && CODOF\Access\CSRF::valid($_POST['CSRF_token'])) { if (CODOF\Util::is_field_present($_POST['a_username'], 'username') === TRUE) { } else { if (CODOF\Util::is_field_present($_POST['a_email'], 'mail') === TRUE) { } else { if (CODOF\User\User::usernameExists($_POST['a_username']) || CODOF\User\User::mailExists($_POST['a_email'])) { $msg = 'username or email already exists!'; } else { $reg = new CODOF\User\Register($db); $reg->username = $_POST['a_username']; $reg->name = $_POST['a_username']; $reg->mail = $_POST['a_email']; $reg->password = $_POST['a_password']; $reg->user_status = 1; $errors = $reg->register_user(); $msg = implode('<br>', $errors); } //$msg = $errors[0]; $err = 1; $smarty->assign("msg", $msg); }