/** * Fonction permettant de vérifier si le formulaire d'inscription est correct et ne contient pas d'erreurs. * @return array : un tableau contenant tous les messages d'erreurs liés au formulaire ou un booléen true si l'inscription * s'est bien passée. */ function isValidBis() { $tabReturn = array("Retour" => false, "Error" => array()); $ini = getConfigFile(); $userName = strtolower($_POST['userName']); $mdp = $_POST['mdp']; $email = $_POST['email']; $emailConfirm = $_POST['emailConfirm']; $mdpConfirm = $_POST['mdpConfirm']; if (strlen($userName) < $ini['CONSTANTE']['size_user_name']) { $tabReturn['Error'][] = "Votre nom d'utilisateur est trop court, 6 caractères minimum ! <br>"; } if (strlen($mdp) < $ini['CONSTANTE']['size_user_mdp']) { $tabReturn['Error'][] = "Votre mot de passe est trop court, 5 caractères minimum ! <br>"; } if ($mdp != $mdpConfirm) { $tabReturn['Error'][] = "Les mots de passe ne correspondent pas ! <br>"; } if ($email != $emailConfirm) { $tabReturn['Error'][] = "Les adresses mail ne correspondent pas ! <br>"; } $um = new UserManager(connexionDb()); $tabUser = $um->getAllUser(); $validUserName = true; $validUserMail = true; $champValid = true; foreach ($tabUser as $userTest) { if ($userName == strtolower($userTest->getUserName())) { $validUserName = false; } if ($email == $userTest->getEmail()) { $validUserMail = false; } } if (!$validUserMail) { $tabReturn['Error'][] = "Cette adresse mail est déjà utilisée, veuillez en choisir une autre ! <br>"; } if (!$validUserName) { $tabReturn['Error'][] = "Ce login est déjà pris, veuillez en choisir en autre ! <br>"; } if (!champsEmailValable($email)) { $tabReturn['Error'][] = "Votre adresse mail contient des caractères indésirables !<br>"; $champValid = false; } if (!champsLoginValable($userName)) { $tabReturn['Error'][] = "Votre nom d'utilisateur contient des caractères indésirables !<br>"; $champValid = false; } if (!champsMdpValable($mdp)) { $tabReturn['Error'][] = "Votre mot de passe contient des caractères indésirables !<br>"; $champValid = false; } if ($validUserMail and $validUserName and $champValid) { $tabReturn['Retour'] = true; } return $tabReturn; }
/** * Fonction gérant l'action faite par le leader du groupe sur un des autres membres du groupe. Soit il le vire du groupe, * soit il le nomme leader. * @return bool : true si tout se passe bien, false si il y a une erreur. */ function gererActionMembre() { $um = new UserManager(connexionDb()); $tabUser = $um->getAllUser(); $trueId = 0; foreach ($tabUser as $elem) { $id = $elem->getId(); if (isset($_POST['supprimerMembre' . $id . ''])) { formGererActionGroupe('supprimer', $id); return true; } if (isset($_POST['nommerLead' . $id . ''])) { formGererActionGroupe('lead', $id); return true; } } return false; }
/** * Fonction renvoyant l'id de l'ami que l'on essaye de supprimer. * @return int : l'id de l'ami que l'on veut supprimer. */ function gererPost() { $um = new UserManager(connexionDb()); $tabUser = $um->getAllUser(); $trueId = 0; foreach ($tabUser as $elem) { $id = $elem->getId(); if (isset($_POST['supprimerAmi' . $id . ''])) { $trueId = $id; } } return $trueId; }
public function doWebSpread() { global $_W, $_GPC; $op = empty($_GPC['op']) ? 'leaflet' : $_GPC['op']; if ($op == 'delete') { $ret = pdo_query("DELETE FROM " . tablename(self::$t_channel) . " WHERE weid=:weid AND channel=:channel", array(":weid" => $_W['weid'], ":channel" => intval($_GPC['channel']))); message("删除成功", referer(), "success"); } else { if ($op == 'leaflet') { $mylist = pdo_fetchall("SELECT * FROM " . tablename(self::$t_channel) . " WHERE weid=:weid", array(":weid" => $_W['weid'])); } else { if ($op == 'active') { $channel = intval($_GPC['channel']); $item = pdo_fetch("SELECT * FROM " . tablename(self::$t_channel) . " WHERE weid=:weid AND active=1", array(":weid" => $_W['weid'])); // 若为激活新频道,则清空QR缓存 if (!empty($item) and $item['channel'] != $channel) { // $this->clearQRCache($item['channel']); pdo_update(self::$t_channel, array('active' => 0)); pdo_update(self::$t_channel, array('createtime' => time()), array('weid' => $_W['weid'], 'channel' => $item['channel'])); pdo_update(self::$t_channel, array('createtime' => time(), 'active' => 1), array('weid' => $_W['weid'], 'channel' => $channel)); message('重新设定当前活跃传单成功', referer(), 'success'); } message('设定当前活跃传单成功', referer(), 'success'); } else { if ($op == 'post') { load()->func('tpl'); $item = array(); if (!empty($_GPC['channel'])) { $item = pdo_fetch("SELECT * FROM " . tablename(self::$t_channel) . " WHERE weid=:weid AND channel=:channel", array(":weid" => $_W['weid'], ":channel" => $_GPC['channel'])); } $item = WechatUtil::decode_channel_param($item, $item['bgparam']); if (checksubmit('submit')) { $path_parts = explode('.', $_GPC['bg']); $suffix = end($path_parts); if (strcasecmp('jpg', $suffix) != 0) { message('传单背景图必须是jpg格式。不支持png等其他格式。', referer(), 'error'); } if (strpos($_GPC['bg'], 'http://') === FALSE) { // valid } else { message('传单背景图必须从本地上传,不能使用网络图片。您可以先将网络图片保存到本地,然后再上传。', referer(), 'error'); } $bgparam = WechatUtil::encode_channel_param($_GPC); if (!empty($_GPC['channel'])) { pdo_update(self::$t_channel, array('createtime' => time(), 'title' => $_GPC['title'], 'thumb' => $_GPC['thumb'], 'bg' => $_GPC['bg'], 'bgparam' => $bgparam, 'desc' => $_GPC['desc'], 'url' => $_GPC['url'], 'click_credit' => $_GPC['click_credit'], 'sub_click_credit' => $_GPC['sub_click_credit'], 'newbie_credit' => $_GPC['newbie_credit'], 'weid' => $_W['weid']), array('channel' => $_GPC['channel'])); // 清空QR缓存 $this->clearQRCache($_GPC['channel']); message('更新传单成功', referer(), 'success'); } else { $list_count = pdo_fetchcolumn("SELECT COUNT(*) FROM " . tablename(self::$t_channel) . " WHERE weid=:weid", array(":weid" => $_W['weid'])); $active = $list_count == 0; pdo_insert(self::$t_channel, array('title' => $_GPC['title'], 'createtime' => time(), 'thumb' => $_GPC['thumb'], 'bg' => $_GPC['bg'], 'bgparam' => $bgparam, 'active' => $active, 'desc' => $_GPC['desc'], 'url' => $_GPC['url'], 'click_credit' => $_GPC['click_credit'], 'sub_click_credit' => $_GPC['sub_click_credit'], 'newbie_credit' => $_GPC['newbie_credit'], 'weid' => $_W['weid'])); message('新建传单成功', referer(), 'success'); } } } else { if ($op == 'log' or $op == 'qualitylog') { $pindex = max(1, intval($_GPC['page'])); $psize = 20; $mgr = new UserManager(''); $keyword = $_GPC['keyword']; if ($op == 'qualitylog') { $mylist = $mgr->getQualityUser($pindex, $psize, $keyword); $total = $mgr->getQualityUserCount($keyword); } else { if ($op == 'log') { $mylist = $mgr->getAllUser($pindex, $psize, $keyword); $total = $mgr->getAllUserCount($keyword); } } $pager = pagination($total, $pindex, $psize); } else { if ($op == 'user') { // 下线详情+二级下线详情 $from_user = $_GPC['from_user']; $uplevel = pdo_fetch("SELECT * FROM " . tablename(self::$t_follow) . " WHERE weid=:weid AND follower=:follower", array(":weid" => $_W['weid'], ":follower" => $from_user)); $fans = WechatUtil::fans_search($from_user, array('avatar', 'nickname', 'createtime', 'credit1')); $mgr = new UserManager(''); $mylist = $mgr->getFollowList($from_user); $mylist2 = $mgr->getFollowList2($mylist); } else { if ('black_remove' == $op) { $from_user = $_GPC['from_user']; pdo_delete(self::$t_black, array('from_user' => $from_user, 'weid' => $_W['weid'])); message('删除成功', $this->createWebUrl('Spread', array('op' => 'black')), 'success'); } else { if ('black' == $op) { if (!empty($_GPC['from_user'])) { $from_user = $_GPC['from_user']; $b = pdo_fetch("SELECT * FROM " . tablename(self::$t_black) . " WHERE from_user=:f AND weid=:w LIMIT 1", array(':f' => $from_user, ':w' => $_W['weid'])); if (empty($b)) { pdo_insert(self::$t_black, array('from_user' => $from_user, 'weid' => $_W['weid'], 'access_time' => time())); } message('添加黑名单成功', referer(), 'success'); } $list = pdo_fetchall("SELECT * FROM " . tablename(self::$t_black) . " WHERE weid=:w", array(':w' => $_W['weid'])); } else { message('error!', '', 'error'); } } } } } } } } include $this->template('spread'); }
/** * Fonction vérifiant l'identité du membre et le connectant si il possède la bonne identité. * @return array : tableau de message d'erreur dans le cas où ses informations sont fausses, si il est banni ou encore * si il ne s'est pas activé. */ function doConnect() { $tabRetour = array(); $mdp = $_POST['mdp']; $userName = $_POST['userName']; $manager = new UserManager(connexionDb()); $tabUser = $manager->getAllUser(); $userToConnect = new User(array("UserName" => $userName, "Mdp" => $mdp)); $userFound = $manager->getUserByUserName($userName); /** * Je vérifie sur le user est dans la base de donnée et existe bel et bien */ $echec = false; if ($userFound->getId() != NULL) { foreach ($tabUser as $elem) { //$mdp == hash("sha256", $elem->getMdp()); //password_verify($mdp, $elem->getMdp()) if ($userName == $elem->getUserName() && hash("sha256", $userToConnect->getMdp() . $userFound->getSalt()) == $elem->getMdp()) { $echec = false; $userToConnect = $elem; $id = $elem->getId(); break; } else { $echec = true; } } } else { $echec = true; } /** * Je vérifie que le user n'a pas besoin de s'activer avant de se connecter, l'user pouvant avoir * deux code (inscription et mdp oublié), je vérifie que c'est bien le code d'inscription */ $needActi = false; $banni = false; if (isset($id)) { $acManager = new ActivationManager(connexionDb()); $act = $acManager->getActivationByLibelleAndId("Inscription", $id); if (isset($act) && $act->getCode() != NULL) { $needActi = true; } else { $needActi = false; } } $userToConnect = $manager->getUserById($userToConnect->getId()); if ($echec == true) { $tabRetour['Error'] = "<div class='alert alert-danger' role='alert'>Erreur lors de la connexion, veuillez rééssayer avec le bon login ou mot de passe !</div>"; } else { if ($userToConnect->getDroit()[0]->getId() == 6) { $tabRetour['Error'] = "<div class='alert alert-danger' role='alert'>Vous êtes banni, impossible de vous connecter !</div>"; $banni = true; } else { if ($needActi == true) { $tabRetour['Activation'] = "<div class='alert alert-danger' role='alert'>Vous devez activer votre compte avant la connexion !</div>"; } else { $user = $manager->getUserById($id); $manager->updateUserConnect($user); //$_SESSION['User'] = $user; setSessionUser($user); echo "Bienvenue sur EveryDayIdea !"; } } } $tabRetour['Retour'] = !$echec; $tabRetour['Valide'] = !$needActi; $tabRetour['Banni'] = !$banni; return $tabRetour; }