public static function addPending($username, $password, $email)
{
//Error checking/validation...
if (!User::validateUsername($username)) {
throw new UserInvalidUsernameException($username);
}
if (!User::validatePassword($password)) {
throw new UserInvalidPasswordException($password);
}
if (!User::validateEmail($email)) {
throw new UserInvalidEmailException($email);
}
if (!User::availableUsername($username)) {
throw new UserUnavailableUsernameException($username);
}
if (!User::availableEmail($email)) {
throw new UserUnavailableEmailException($email);
}
//Main code follows...
$salt = User::generateSalt();
$confirmCode = User::generateConfirmCode();
$db = User::getDB();
$query = $db->prepare('INSERT INTO usersPending(username, password, salt, email, date, confirmCode) VALUES(:username, :password, :salt, :email, :date, :confirmCode)');
$query->bindParam(':username', $username, PDO::PARAM_STR);
$query->bindParam(':password', User::processPassword($password, $salt), PDO::PARAM_STR);
$query->bindParam(':salt', $salt, PDO::PARAM_LOB);
//is LOB right..?
$query->bindParam(':email', $email, PDO::PARAM_STR);
$query->bindParam(':date', time(), PDO::PARAM_STR);
$query->bindParam(':confirmCode', hash(User::config('hash_algorithm'), $confirmCode), PDO::PARAM_STR);
$query->execute();
//Send confirm email...
$body = User::config('confirm_body_template');
$body = str_replace('[id]', $db->lastInsertId(), $body);
$body = str_replace('[code]', $confirmCode, $body);
mail($email, User::config('confirm_subject'), $body, 'From: ' . User::config('confirm_from'));
}
