/**
* Validates username, email address and password entries during registration
* Username is validated for uniqueness and length
* password is validated for length and strictness
* email is validated as a proper email address pattern
*
* @param string $uname User display name entered by the user
* @param string $login_name Username entered by the user
* @param string $email Email address entered by the user
* @param string $pass Password entered by the user
* @param string $vpass Password verification entered by the user
* @param int $uid user id (only applicable if the user already exists)
* @global array $icmsConfigUser user configuration
* @return string of errors encountered while validating the user information, will be blank if successful
*/
public function userCheck($login_name, $uname, $email, $pass, $vpass, $uid = 0)
{
global $icmsConfigUser;
// initializations
$member_handler = icms::handler('icms_member');
$thisUser = $uid > 0 ? $thisUser = $member_handler->getUser($uid) : FALSE;
$icmsStopSpammers = new icms_core_StopSpammer();
$stop = '';
switch ($icmsConfigUser['uname_test_level']) {
case 0:
// strict
$restriction = '/[^a-zA-Z0-9\\_\\-]/';
break;
case 1:
// medium
$restriction = '/[^a-zA-Z0-9\\_\\-\\<\\>\\,\\.\\$\\%\\#\\@\\!\\\'\\"]/';
break;
case 2:
// loose
$restriction = '/[\\000-\\040]/';
break;
}
// check email
if (is_object($thisUser) && $thisUser->getVar('email', 'e') != $email && $email !== FALSE || !is_object($thisUser)) {
if (!icms_core_DataFilter::checkVar($email, 'email', 0, 1)) {
$stop .= _US_INVALIDMAIL . '<br />';
}
$count = $this->getCount(icms_buildCriteria(array('email' => addslashes($email))));
if ($count > 0) {
$stop .= _US_EMAILTAKEN . '<br />';
}
}
// check login_name
$login_name = icms_core_DataFilter::icms_trim($login_name);
if (is_object($thisUser) && $thisUser->getVar('login_name', 'e') != $login_name && $login_name !== FALSE || !is_object($thisUser)) {
if (empty($login_name) || preg_match($restriction, $login_name)) {
$stop .= _US_INVALIDNICKNAME . '<br />';
}
if (strlen($login_name) > $icmsConfigUser['maxuname']) {
$stop .= sprintf(_US_NICKNAMETOOLONG, $icmsConfigUser['maxuname']) . '<br />';
}
if (strlen($login_name) < $icmsConfigUser['minuname']) {
$stop .= sprintf(_US_NICKNAMETOOSHORT, $icmsConfigUser['minuname']) . '<br />';
}
foreach ($icmsConfigUser['bad_unames'] as $bu) {
if (!empty($bu) && preg_match('/' . $bu . '/i', $login_name)) {
$stop .= _US_NAMERESERVED . '<br />';
break;
}
}
if (strrpos($login_name, ' ') > 0) {
$stop .= _US_NICKNAMENOSPACES . '<br />';
}
$count = $this->getCount(icms_buildCriteria(array('login_name' => addslashes($login_name))));
if ($count > 0) {
$stop .= _US_LOGINNAMETAKEN . '<br />';
}
}
// check uname
if (is_object($thisUser) && $thisUser->getVar('uname', 'e') != $uname && $uname !== FALSE || !is_object($thisUser)) {
$count = $this->getCount(icms_buildCriteria(array('uname' => addslashes($uname))));
if ($count > 0) {
$stop .= _US_NICKNAMETAKEN . '<br />';
}
}
// check password
if ($pass !== FALSE) {
if (!isset($pass) || $pass == '' || !isset($vpass) || $vpass == '') {
$stop .= _US_ENTERPWD . '<br />';
}
if (isset($pass) && $pass != $vpass) {
$stop .= _US_PASSNOTSAME . '<br />';
} elseif ($pass != '' && strlen($pass) < $icmsConfigUser['minpass']) {
$stop .= sprintf(_US_PWDTOOSHORT, $icmsConfigUser['minpass']) . '<br />';
}
if (isset($pass) && isset($login_name) && ($pass == $login_name || $pass == icms_core_DataFilter::utf8_strrev($login_name, TRUE) || strripos($pass, $login_name) === TRUE)) {
$stop .= _US_BADPWD . '<br />';
}
}
// check other things
if ($icmsStopSpammers->badIP($_SERVER['REMOTE_ADDR'])) {
$stop .= _US_INVALIDIP . '<br />';
}
return $stop;
}
