Example #1
0
$filters = array(
	'verify-username' => FILTER_VALIDATE_STRING,
	'verify-email'    => FILTER_VALIDATE_EMAIL,
	'verify-password' => FILTER_UNSAFE_RAW,
	'verify-submit'   => FILTER_VALIDATE_STRING,
	'key'   => FILTER_VALIDATE_STRING,
	'id'    => FILTER_VALIDATE_INT,
);

$filteredG = filter_input_array(INPUT_GET, $filters);
$filtered  = filter_input_array(INPUT_POST, $filters);

$ret = false;

if ($filteredG['key'] and $filteredG['id']) {
	$ret = User::getByKey($filteredG['id'], $filteredG['key']);

	if (!$ret or !$ret->id) {
		$ret = false;
	}
}

if ($filtered['verify-submit']) {
	// User::login does the sql escape
	$ret = User::login($filtered['verify-username'], $filtered['verify-password']);


	if (!$ret->id or $ret->email != $filtered['verify-email']) {
		$t->err = "The username, email, or password do not match any in our database";
		$ret = false;
	}