Example #1
0
function tbxRegister()
{
    global $t;
    $DB = GetDB();
    $v = Validator::Create();
    $v->Register($_REQUEST['username'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Username')));
    $v->Register($_REQUEST['username'], Validator_Type::IS_ALPHANUM, _T('Validation:Alphanumeric', _T('Label:Username')));
    $v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_user` WHERE `username`=?', array($_REQUEST['username'])), Validator_Type::IS_ZERO, _T('Validation:Username Taken'));
    $v->Register($_REQUEST['password'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Password')));
    $v->Register($_REQUEST['password'], Validator_Type::LENGTH_GREATER_EQ, _T('Validation:Length Greater Equal', _T('Label:Password'), 8), 8);
    $v->Register($_REQUEST['password'], Validator_Type::EQUALS, _T('Validation:Passwords do not match'), $_REQUEST['confirm_password']);
    $v->Register($_REQUEST['email'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:E-mail')));
    $v->Register($_REQUEST['email'], Validator_Type::VALID_EMAIL, _T('Validation:E-mail', _T('Label:E-mail')));
    $v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_user` WHERE `email`=?', array($_REQUEST['email'])), Validator_Type::IS_ZERO, _T('Validation:E-mail Taken'));
    $v->Register($_REQUEST['name'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Name')));
    $v->Register(empty($_REQUEST['birth_month']) || empty($_REQUEST['birth_day']) || empty($_REQUEST['birth_year']), Validator_Type::IS_FALSE, _T('Validation:Birthday Required'));
    $v->Register($_REQUEST['gender'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Gender')));
    $v->Register($_REQUEST['terms'], Validator_Type::NOT_EMPTY, _T('Validation:Accept Terms'));
    // Register user-defined field validators
    $schema = GetDBSchema();
    $v->RegisterFromXml($schema->el('//table[name="tbx_user_custom"]'), 'user', 'create');
    // Check blacklist
    $_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR'];
    if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_USER)) !== false) {
        $v->SetError(_T('Validation:Blacklisted', $match['match']));
    }
    // Check CAPTCHA
    if (Config::Get('flag_captcha_on_signup')) {
        Captcha::Verify();
    }
    if (!$v->Validate()) {
        $t->Assign('g_errors', $v->GetErrors());
        $t->Assign('g_form', $_REQUEST);
        return tbxDisplayRegister();
    }
    // Format data
    $_REQUEST['date_birth'] = $_REQUEST['birth_year'] . '-' . $_REQUEST['birth_month'] . '-' . $_REQUEST['birth_day'];
    $_REQUEST['date_created'] = Database_MySQL::Now();
    $_REQUEST['user_level_id'] = $DB->QuerySingleColumn('SELECT `user_level_id` FROM `tbx_user_level` WHERE `is_default`=1');
    $_REQUEST['password'] = sha1($_REQUEST['password']);
    // Strip HTML tags
    if (Config::Get('flag_user_strip_tags')) {
        $_REQUEST = String::StripTags($_REQUEST);
    }
    // Prepare fields for database
    Form_Prepare::Standard('tbx_user');
    Form_Prepare::Standard('tbx_user_stat');
    Form_Prepare::Custom('tbx_user_custom_schema', 'on_submit');
    // Setup account status
    $_REQUEST['status'] = STATUS_ACTIVE;
    $email_template = 'email-user-added.tpl';
    if (Config::Get('flag_user_confirm_email')) {
        $_REQUEST['status'] = STATUS_SUBMITTED;
        $email_template = 'email-user-confirm.tpl';
    } else {
        if (Config::Get('flag_user_approve')) {
            $_REQUEST['status'] = STATUS_PENDING;
            $email_template = 'email-user-pending.tpl';
        }
    }
    // Add data to the database
    DatabaseAdd('tbx_user', $_REQUEST);
    DatabaseAdd('tbx_user_custom', $_REQUEST);
    DatabaseAdd('tbx_user_stat', $_REQUEST);
    if ($_REQUEST['status'] == STATUS_SUBMITTED) {
        $_REQUEST['register_code'] = sha1(uniqid(mt_rand(), true));
        $_REQUEST['timestamp'] = time();
        DatabaseAdd('tbx_user_register_code', $_REQUEST);
        $t->Assign('g_code', $_REQUEST['register_code']);
    }
    $t->AssignByRef('g_user', $_REQUEST);
    $t->AssignByRef('g_form', $_REQUEST);
    // Send e-mail message
    $m = new Mailer();
    $m->Mail($email_template, $t, $_REQUEST['email'], $_REQUEST['name']);
    // Display confirmation
    $t->Display('user-register-complete.tpl');
}
Example #2
0
function tbxUploadStepTwo()
{
    global $t;
    $upload = $_FILES['video_file'];
    $v = Validator::Create();
    $DB = GetDB();
    $v->Register(sha1($_REQUEST['step_one_data'] . Config::Get('random_value')) == $_REQUEST['step_one_sig'], Validator_Type::IS_TRUE, _T('Validation:Video Data Altered'));
    $v->Register($upload['error'] == UPLOAD_ERR_OK, Validator_Type::IS_TRUE, Uploads::CodeToMessage($upload['error']));
    if (is_uploaded_file($upload['tmp_name'])) {
        $max_filesize = Format::StringToBytes(Config::Get('max_upload_size'));
        $max_duration = Format::DurationToSeconds(Config::Get('max_upload_duration'));
        $extensions = str_replace(',', '|', Config::Get('upload_extensions'));
        $v->Register($upload['size'], Validator_Type::IS_BETWEEN, _T('Validation:Video size too large'), '1,' . $max_filesize);
        $v->Register(File::Extension($upload['name']), Validator_Type::REGEX_MATCH, _T('Validation:Video file extension not allowed'), '~^(' . $extensions . ')$~');
        try {
            $vi = new Video_Info($upload['tmp_name']);
            $vi->Extract();
            $v->Register($vi->length, Validator_Type::LESS_EQ, _T('Validation:Video duration too long'), $max_duration);
        } catch (Exception $e) {
            $v->Register(false, Validator_Type::IS_TRUE, $e->getMessage());
        }
        $md5 = md5_file($upload['tmp_name']);
        if (Config::Get('flag_upload_reject_duplicates')) {
            $v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_video_md5sum` WHERE `md5`=?', array($md5)), Validator_Type::IS_ZERO, _T('Validation:Duplicate video'));
        }
    }
    // Validate input
    if (!$v->Validate()) {
        $t->Assign('g_errors', $v->GetErrors());
        $t->AssignByRef('g_form', $_REQUEST);
        if (isset($_REQUEST['flash'])) {
            $t->Display('upload-flash-errors.tpl');
        } else {
            $t->Assign('g_file_types', '*.' . str_replace(',', ';*.', Config::Get('upload_extensions')));
            $t->Assign('g_cookie', $_COOKIE[LOGIN_COOKIE]);
            $t->Display('upload-step-two.tpl');
        }
        return;
    }
    $_REQUEST = array_merge($_REQUEST, unserialize(base64_decode($_REQUEST['step_one_data'])));
    Form_Prepare::Standard('tbx_video');
    Form_Prepare::Standard('tbx_video_stat');
    Form_Prepare::Custom('tbx_video_custom_schema', 'on_submit');
    $_REQUEST['duration'] = $vi->length;
    $_REQUEST['date_added'] = Database_MySQL::Now();
    $_REQUEST['username'] = AuthenticateUser::GetUsername();
    $_REQUEST['is_private'] = Config::Get('flag_upload_allow_private') ? intval($_REQUEST['is_private']) : 0;
    $_REQUEST['allow_ratings'] = intval($_REQUEST['allow_ratings']);
    $_REQUEST['allow_embedding'] = intval($_REQUEST['allow_embedding']);
    $_REQUEST['allow_comments'] = intval($_REQUEST['allow_comments']) ? 'Yes - Add Immediately' : 'No';
    $_REQUEST['is_user_submitted'] = 1;
    if ($_REQUEST['recorded_day'] && $_REQUEST['recorded_month'] && $_REQUEST['recorded_year']) {
        $_REQUEST['date_recorded'] = $_REQUEST['recorded_year'] . '-' . $_REQUEST['recorded_month'] . '-' . $_REQUEST['recorded_day'];
    }
    // Strip HTML tags
    if (Config::Get('flag_video_strip_tags')) {
        $_REQUEST = String::StripTags($_REQUEST);
    }
    // Configure status
    $_REQUEST['status'] = STATUS_ACTIVE;
    if (Config::Get('flag_upload_convert')) {
        $_REQUEST['status'] = STATUS_QUEUED;
        $_REQUEST['next_status'] = Config::Get('flag_upload_review') ? STATUS_PENDING : STATUS_ACTIVE;
    } else {
        if (Config::Get('flag_upload_review')) {
            $_REQUEST['status'] = STATUS_PENDING;
        }
    }
    // Add to database
    $_REQUEST['video_id'] = DatabaseAdd('tbx_video', $_REQUEST);
    DatabaseAdd('tbx_video_custom', $_REQUEST);
    DatabaseAdd('tbx_video_stat', $_REQUEST);
    if ($_REQUEST['status'] == STATUS_ACTIVE && !$_REQUEST['is_private']) {
        Tags::AddToFrequency($_REQUEST['tags']);
    } else {
        if ($_REQUEST['status'] == STATUS_QUEUED) {
            DatabaseAdd('tbx_conversion_queue', array('video_id' => $_REQUEST['video_id'], 'queued' => time()));
        }
    }
    // Mark as private
    if ($_REQUEST['is_private']) {
        $_REQUEST['private_id'] = sha1(uniqid(rand(), true));
        DatabaseAdd('tbx_video_private', $_REQUEST);
    }
    // Setup video files and generate thumbnails
    $directory = Video_Dir::DirNameFromId($_REQUEST['video_id']);
    $vd = new Video_Dir($directory);
    $clip = $vd->AddClipFromFile($upload['tmp_name'], File::Extension($upload['name']));
    if (Video_FrameGrabber::CanGrab()) {
        Video_FrameGrabber::Grab($clip, $vd->GetThumbsDir(), Config::Get('thumb_amount'), Config::Get('thumb_quality'), Config::Get('thumb_size'), $vi);
    }
    foreach ($vd->GetClipURIs() as $clip) {
        $_REQUEST['clip'] = $clip;
        $_REQUEST['filesize'] = filesize(Config::Get('document_root') . $clip);
        DatabaseAdd('tbx_video_clip', $_REQUEST);
    }
    $thumb_ids = array();
    foreach ($vd->GetThumbURIs() as $thumb) {
        $_REQUEST['thumbnail'] = $thumb;
        $thumb_ids[] = DatabaseAdd('tbx_video_thumbnail', $_REQUEST);
    }
    // Select the display thumbnail
    $num_thumbnails = count($thumb_ids);
    $display_thumbnail = null;
    if ($num_thumbnails > 0) {
        $display_thumbnail = $thumb_ids[rand(0, floor(0.4 * $num_thumbnails))];
    }
    DatabaseUpdate('tbx_video', array('video_id' => $_REQUEST['video_id'], 'num_thumbnails' => $num_thumbnails, 'display_thumbnail' => $display_thumbnail));
    // Add MD5 sum for prevention of duplicates
    $DB->Update('REPLACE INTO `tbx_video_md5sum` VALUES (?)', array($md5));
    // Update user stats
    StatsRollover();
    $DB->Update('UPDATE `tbx_user_stat` SET ' . '`today_videos_uploaded`=`today_videos_uploaded`+1,' . '`week_videos_uploaded`=`week_videos_uploaded`+1,' . '`month_videos_uploaded`=`month_videos_uploaded`+1,' . '`total_videos_uploaded`=`total_videos_uploaded`+1 ' . 'WHERE `username`=?', array($_REQUEST['username']));
    $t->AssignByRef('g_form', $_REQUEST);
    $t->AssignByRef('g_video', $_REQUEST);
    $t->Display(isset($_REQUEST['flash']) ? 'upload-flash-complete.tpl' : 'upload-complete.tpl');
    UpdateCategoryStats($_REQUEST['category_id']);
    if (!Config::Get('flag_using_cron') && $_REQUEST['status'] == STATUS_QUEUED) {
        ConversionQueue::Start();
    }
}