/**
* Update profile
* FIXME
*
* @return void
*/
protected function updateProfile()
{
if ($this->isCreateProfile()) {
$error = user_validate_name(\XLite\Core\Request::getInstance()->username);
if ($error) {
// Username validation error
$this->valid = false;
\XLite\Core\Event::invalidElement('username', $error);
} elseif (user_load_by_name(\XLite\Core\Request::getInstance()->username)) {
// Username is already exists
$this->valid = false;
$label = static::t('This user name is used for an existing account. Enter another user name or sign in', array('URL' => $this->getLoginURL()));
\XLite\Core\Event::invalidElement('username', $label);
} elseif (\XLite\Core\Request::getInstance()->email && user_load_multiple(array(), array('mail' => \XLite\Core\Request::getInstance()->email))) {
// E-mail is already exists in Drupal DB
$this->valid = false;
$label = static::t('This email address is used for an existing account. Enter another user name or sign in', array('URL' => $this->getLoginURL()));
\XLite\Core\Event::invalidElement('email', $label);
}
}
parent::updateProfile();
if ($this->isCreateProfile() && $this->valid) {
// Save username is session (temporary, wait place order procedure)
\XLite\Core\Session::getInstance()->order_username = \XLite\Core\Request::getInstance()->create_profile ? \XLite\Core\Request::getInstance()->username : false;
}
}
public function username_check_profile_callback()
{
$output = [];
$username = $_GET['profile'];
$ret = user_validate_name($username);
if ($ret) {
$output['allowed'] = FALSE;
$output['msg'] = $ret;
} else {
$ret = user_is_blocked($username);
if ($ret) {
$output['allowed'] = FALSE;
$output['msg'] = t('The username %username is not allowed.', ['%username' => $username]);
} else {
$username = String::checkPlain($username);
// check to see if this username is the current users username
$ret = $this->_username_check_is_current_user($username);
print_r($ret);
die;
if ($ret == 0) {
$output['allowed'] = TRUE;
$output['msg'] = t('The username %username is your username.', ['%username' => $username]);
} else {
$ret = $this->_username_check_is_user_exists($username);
if ($ret) {
$output['allowed'] = FALSE;
$output['msg'] = t('The username %username is already taken.', ['%username' => $username]);
} else {
$output['allowed'] = TRUE;
}
}
}
}
return new JsonResponse($output);
}
/**
* Tests user name validation.
*/
function testUsernames()
{
$test_cases = array('foo' => array('Valid username', 'assertNull'), 'FOO' => array('Valid username', 'assertNull'), 'Foo O\'Bar' => array('Valid username', 'assertNull'), 'foo@bar' => array('Valid username', 'assertNull'), '*****@*****.**' => array('Valid username', 'assertNull'), '*****@*****.**' => array('Valid username', 'assertNull'), 'þòøÇߪř€' => array('Valid username', 'assertNull'), 'ᚠᛇᚻ᛫ᛒᛦᚦ' => array('Valid UTF8 username', 'assertNull'), ' foo' => array('Invalid username that starts with a space', 'assertNotNull'), 'foo ' => array('Invalid username that ends with a space', 'assertNotNull'), 'foo bar' => array('Invalid username that contains 2 spaces \' \'', 'assertNotNull'), '' => array('Invalid empty username', 'assertNotNull'), 'foo/' => array('Invalid username containing invalid chars', 'assertNotNull'), 'foo' . chr(0) . 'bar' => array('Invalid username containing chr(0)', 'assertNotNull'), 'foo' . chr(13) . 'bar' => array('Invalid username containing chr(13)', 'assertNotNull'), str_repeat('x', USERNAME_MAX_LENGTH + 1) => array('Invalid excessively long username', 'assertNotNull'));
foreach ($test_cases as $name => $test_case) {
list($description, $test) = $test_case;
$result = user_validate_name($name);
$this->{$test}($result, $description . ' (' . $name . ')');
}
}
/**
* {@inheritdoc}
*/
public function process(OrderInterface $order, array $form, FormStateInterface $form_state)
{
if (\Drupal::currentUser()->isAnonymous()) {
$cart_config = \Drupal::config('uc_cart.settings');
$pane = $form_state->getValue(['panes', 'customer']);
$order->setEmail($pane['primary_email']);
// Check if the email address is already taken.
$mail_taken = (bool) \Drupal::entityQuery('user')->condition('mail', $pane['primary_email'])->range(0, 1)->count()->execute();
if ($cart_config->get('email_validation') && $pane['primary_email'] !== $pane['primary_email_confirm']) {
$form_state->setErrorByName('panes][customer][primary_email_confirm', $this->t('The e-mail address did not match.'));
}
// Invalidate if an account already exists for this e-mail address, and the user is not logged into that account
if (!$cart_config->get('mail_existing') && !empty($pane['primary_email']) && $mail_taken) {
$form_state->setErrorByName('panes][customer][primary_email', $this->t('An account already exists for your e-mail address. You will either need to login with this e-mail address or use a different e-mail address.'));
}
// If new users can specify names or passwords then...
if ($cart_config->get('new_account_name') || $cart_config->get('new_account_password')) {
// Skip if an account already exists for this e-mail address.
if ($cart_config->get('mail_existing') && $mail_taken) {
drupal_set_message($this->t('An account already exists for your e-mail address. The new account details you entered will be disregarded.'));
} else {
// Validate the username.
if ($cart_config->get('new_account_name') && !empty($pane['new_account']['name'])) {
$message = user_validate_name($pane['new_account']['name']);
$name_taken = (bool) \Drupal::entityQuery('user')->condition('name', $pane['new_account']['name'])->range(0, 1)->count()->execute();
if (!empty($message)) {
$form_state->setErrorByName('panes][customer][new_account][name', $message);
} elseif ($name_taken) {
$form_state->setErrorByName('panes][customer][new_account][name', $this->t('The username %name is already taken. Please enter a different name or leave the field blank for your username to be your e-mail address.', ['%name' => $pane['new_account']['name']]));
} else {
$order->data->new_user_name = $pane['new_account']['name'];
}
}
// Validate the password.
if ($cart_config->get('new_account_password')) {
if (strcmp($pane['new_account']['pass'], $pane['new_account']['pass_confirm'])) {
$form_state->setErrorByName('panes][customer][new_account][pass_confirm', $this->t('The passwords you entered did not match. Please try again.'));
}
if (!empty($pane['new_account']['pass'])) {
$order->data->new_user_hash = \Drupal::service('password')->hash(trim($pane['new_account']['pass']));
}
}
}
}
}
return TRUE;
}
/**
* {@inheritdoc}
*/
public function validateForm(array &$form, FormStateInterface $form_state)
{
if ($error = user_validate_name($form_state->getValue(array('account', 'name')))) {
$form_state->setErrorByName('account][name', $error);
}
}
/**
* Check if username and email exists in the drupal db
*
* @params $params array array of name and mail values
* @params $errors array array of errors
* @params $emailName string field label for the 'email'
*
* @return void
*/
function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
_user_edit_validate(NULL, $params);
$errors = form_get_errors();
if ($errors) {
if (CRM_Utils_Array::value('name', $errors)) {
$errors['cms_name'] = $errors['name'];
}
if (CRM_Utils_Array::value('mail', $errors)) {
$errors[$emailName] = $errors['mail'];
}
// also unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
// drupal api sucks do the name check manually
$nameError = user_validate_name($params['name']);
if ($nameError) {
$errors['cms_name'] = $nameError;
}
$sql = "\nSELECT name, mail\n FROM {$config->userFrameworkUsersTableName}\n WHERE (LOWER(name) = LOWER('{$name}')) OR (LOWER(mail) = LOWER('{$email}'))";
$db_cms = DB::connect($config->userFrameworkDSN);
if (DB::isError($db_cms)) {
die("Cannot connect to UF db via {$dsn}, " . $db_cms->getMessage());
}
$query = $db_cms->query($sql);
$row = $query->fetchRow();
if (!empty($row)) {
$dbName = CRM_Utils_Array::value(0, $row);
$dbEmail = CRM_Utils_Array::value(1, $row);
if (strtolower($dbName) == strtolower($name)) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
}
if (strtolower($dbEmail) == strtolower($email)) {
$errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
}
}
}
/**
* Check if username and email exists in the drupal db.
*
* @param array $params
* Array of name and mail values.
* @param array $errors
* Array of errors.
* @param string $emailName
* Field label for the 'email'.
*/
public static function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$errors = form_get_errors();
if ($errors) {
// unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
if (!empty($params['name'])) {
if ($nameError = user_validate_name($params['name'])) {
$errors['cms_name'] = $nameError;
} else {
$uid = db_query("SELECT uid FROM {users} WHERE name = :name", array(':name' => $params['name']))->fetchField();
if ((bool) $uid) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
}
}
}
if (!empty($params['mail'])) {
if (!valid_email_address($params['mail'])) {
$errors[$emailName] = ts('The e-mail address %1 is not valid.', array('%1' => $params['mail']));
} else {
$uid = db_query("SELECT uid FROM {users} WHERE mail = :mail", array(':mail' => $params['mail']))->fetchField();
if ((bool) $uid) {
$resetUrl = url('user/password');
$errors[$emailName] = ts('The email address %1 already has an account associated with it. <a href="%2">Have you forgotten your password?</a>', array(1 => $params['mail'], 2 => $resetUrl));
}
}
}
}
/**
* {@inheritdoc}
*/
public function validate(array $form, FormStateInterface $form_state)
{
parent::validate($form, $form_state);
$account = $this->entity;
// Validate new or changing username.
if (isset($form_state['values']['name'])) {
if ($error = user_validate_name($form_state['values']['name'])) {
$form_state->setErrorByName('name', $error);
} else {
$name_taken = (bool) $this->entityQuery->get('user')->condition('uid', (int) $account->id(), '<>')->condition('name', $form_state['values']['name'])->range(0, 1)->count()->execute();
if ($name_taken) {
$form_state->setErrorByName('name', $this->t('The name %name is already taken.', array('%name' => $form_state['values']['name'])));
}
}
}
$mail = $form_state['values']['mail'];
if (!empty($mail)) {
$mail_taken = (bool) $this->entityQuery->get('user')->condition('uid', (int) $account->id(), '<>')->condition('mail', $mail)->range(0, 1)->count()->execute();
if ($mail_taken) {
// Format error message dependent on whether the user is logged in or not.
if (\Drupal::currentUser()->isAuthenticated()) {
$form_state->setErrorByName('mail', $this->t('The email address %email is already taken.', array('%email' => $mail)));
} else {
$form_state->setErrorByName('mail', $this->t('The email address %email is already registered. <a href="@password">Have you forgotten your password?</a>', array('%email' => $mail, '@password' => url('user/password'))));
}
}
}
// Make sure the signature isn't longer than the size of the database field.
// Signatures are disabled by default, so make sure it exists first.
if (isset($form_state['values']['signature'])) {
// Move text format for user signature into 'signature_format'.
$form_state['values']['signature_format'] = $form_state['values']['signature']['format'];
// Move text value for user signature into 'signature'.
$form_state['values']['signature'] = $form_state['values']['signature']['value'];
// @todo Make the user signature field use a widget to benefit from
// automatic typed data validation in https://drupal.org/node/2227381.
$field_definitions = $this->entityManager->getFieldDefinitions('user', $this->getEntity()->bundle());
$max_length = $field_definitions['signature']->getSetting('max_length');
if (drupal_strlen($form_state['values']['signature']) > $max_length) {
$form_state->setErrorByName('signature', $this->t('The signature is too long: it must be %max characters or less.', array('%max' => $max_length)));
}
}
}
/**
* Check if username and email exists in the drupal db.
*
* @param array $params
* Array of name and mail values.
* @param array $errors
* Array of errors.
* @param string $emailName
* Field label for the 'email'.
*/
public function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
_user_edit_validate(NULL, $params);
$errors = form_get_errors();
if ($errors) {
if (!empty($errors['name'])) {
$errors['cms_name'] = $errors['name'];
}
if (!empty($errors['mail'])) {
$errors[$emailName] = $errors['mail'];
}
// also unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
// Do the name check manually.
$nameError = user_validate_name($params['name']);
if ($nameError) {
$errors['cms_name'] = $nameError;
}
$sql = "\n SELECT name, mail\n FROM {users}\n WHERE (LOWER(name) = LOWER('{$name}')) OR (LOWER(mail) = LOWER('{$email}'))\n ";
$result = db_query($sql);
$row = db_fetch_array($result);
if (!$row) {
return;
}
$user = NULL;
if (!empty($row)) {
$dbName = CRM_Utils_Array::value('name', $row);
$dbEmail = CRM_Utils_Array::value('mail', $row);
if (strtolower($dbName) == strtolower($name)) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
}
if (strtolower($dbEmail) == strtolower($email)) {
if (empty($email)) {
$errors[$emailName] = ts('You cannot create an email account for a contact with no email', array(1 => $email));
} else {
$errors[$emailName] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
}
}
}
}
/**
* {@inheritdoc}
*/
public function validateForm(array &$form, array &$form_state)
{
if ($error = user_validate_name($form_state['values']['account']['name'])) {
$this->setFormError('account][name', $form_state, $error);
}
}
/**
* Create new users with default field values.
*
* @param int $num
* Number of entities to create.
* @param array $options
* Options array. This array can have "roles" key that provides an array of
* role names that the newly created user will need to be assigned.
*
* @return Response
* Response object.
*/
public static function createRandom($num = 1, $options = array())
{
$options += array('roles' => array(), 'required_fields_only' => TRUE);
$output = array();
for ($i = 0; $i < $num; $i++) {
// Get a random username.
do {
$username = Utils::getRandomString(20);
} while (!is_null(user_validate_name($username)) || user_load_by_name($username));
// Get a random email address.
do {
$email = $username . '@' . Utils::getRandomString(20) . '.com';
} while (!is_null(user_validate_mail($email)) || user_load_by_mail($email));
// Get a random password.
$password = Utils::getRandomString();
$response = User::registerUser($username, $email, $password, $options['roles']);
if (!$response->getSuccess()) {
$response->setVar($output);
return $response;
}
$output[] = $response->getVar();
}
return new Response(TRUE, Utils::normalize($output), "");
}
function user_import_usernames_invalid($delete = NULL)
{
$users = db_query("SELECT uid, name, mail from {users} WHERE uid != 0 AND uid != 1");
while ($user = db_fetch_object($users)) {
$error = user_validate_name($user->name);
if (!empty($error)) {
$errors[$user->uid]['uid'] = $user->uid;
$errors[$user->uid]['mail'] = $user->mail;
$errors[$user->uid]['name'] = $user->name;
$errors[$user->uid]['error'] = $error;
if (!empty($delete)) {
$form_state['values']['account'] = $user;
/**
* @todo check if this breaks - user_confirm_delete_submit() has changed substantially
*/
user_confirm_delete_submit($form, $form_state);
}
}
}
$output = theme('user_import_username_errors', $errors);
return $output;
}
/**
* Create new users with default field values.
*
* @param int $num
* Number of entities to create.
* @param array $options
* Options array. This array can have "roles" key that provides an array of
* role names that the newly created user will need to be assigned.
*
* @return Response
* Response object.
*/
public static function createRandom($num = 1, $options = array())
{
if (!is_numeric($num)) {
return new Response(FALSE, NULL, 'Number of users to be created has to be an integer.');
}
$options += array('roles' => array(), 'required_fields_only' => TRUE);
// First get the references that need to be created.
//static::processBeforeCreateRandom($options);
$output = array();
for ($i = 0; $i < $num; $i++) {
// Get a random username.
do {
$username = Utils::getRandomString(20);
} while (!is_null(user_validate_name($username)) || user_load_by_name($username));
// Get a random email address.
do {
$email = $username . '@' . Utils::getRandomString(20) . '.com';
} while (!is_null(user_validate_mail($email)) || user_load_by_mail($email));
// Get a random password.
$password = Utils::getRandomString();
$response = User::registerUser($username, $email, $password, $options);
if (!$response->getSuccess()) {
$response->setVar($output);
return $response;
}
$output[] = $response->getVar();
}
return new Response(TRUE, Utils::normalize($output), "");
}
/**
* Check if username and email exists in the drupal db
*
* @params $params array array of name and mail values
* @params $errors array array of errors
* @params $emailName string field label for the 'email'
*
* @return void
*/
static function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config = CRM_Core_Config::singleton();
$dao = new CRM_Core_DAO();
$name = $dao->escape(CRM_Utils_Array::value('name', $params));
$email = $dao->escape(CRM_Utils_Array::value('mail', $params));
$errors = form_get_errors();
if ($errors) {
// unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
if (!empty($params['name'])) {
if ($nameError = user_validate_name($params['name'])) {
$errors['cms_name'] = $nameError;
} else {
$uid = db_query("SELECT uid FROM {users} WHERE name = :name", array(':name' => $params['name']))->fetchField();
if ((bool) $uid) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $params['name']));
}
}
}
if (!empty($params['mail'])) {
if ($emailError = user_validate_mail($params['mail'])) {
$errors[$emailName] = $emailError;
} else {
$uid = db_query("SELECT uid FROM {users} WHERE mail = :mail", array(':mail' => $params['mail']))->fetchField();
if ((bool) $uid) {
$resetUrl = $config->userFrameworkBaseURL . 'user/password';
$errors[$emailName] = ts('The email address %1 is already registered. <a href="%2">Have you forgotten your password?</a>', array(1 => $params['mail'], 2 => $resetUrl));
}
}
}
}
/**
* Check if username and email exists in the drupal db
*
* @params $params array array of name and mail values
* @params $errors array array of errors
* @params $emailName string field label for the 'email'
*
* @return void
* @static
*/
static function checkUserNameEmailExists(&$params, &$errors, $emailName = 'email')
{
$config =& CRM_Core_Config::singleton();
$isDrupal = ucfirst($config->userFramework) == 'Drupal' ? true : false;
$isJoomla = ucfirst($config->userFramework) == 'Joomla' ? true : false;
$dao =& new CRM_Core_DAO();
$name = $dao->escape($params['name']);
$email = $dao->escape($params['mail']);
if ($isDrupal) {
_user_edit_validate(null, $params);
$errors = form_get_errors();
if ($errors) {
if (CRM_Utils_Array::value('name', $errors)) {
$errors['cms_name'] = $errors['name'];
}
if (CRM_Utils_Array::value('mail', $errors)) {
$errors[$emailName] = $errors['mail'];
}
// also unset drupal messages to avoid twice display of errors
unset($_SESSION['messages']);
}
// drupal api sucks
// do the name check manually
$nameError = user_validate_name($params['name']);
if ($nameError) {
$errors['cms_name'] = $nameError;
}
$sql = "\nSELECT count(*)\n FROM {$config->userFrameworkUsersTableName}\n WHERE LOWER(name) = LOWER('{$name}')\n";
} elseif ($isJoomla) {
//don't allow the special characters and min. username length is two
//regex \\ to match a single backslash would become '/\\\\/'
$isNotValid = (bool) preg_match('/[\\<|\\>|\\"|\'|\\%|\\;|\\(|\\)|\\&|\\\\|\\/]/im', $name);
if ($isNotValid || strlen($name) < 2) {
$errors['cms_name'] = ts("Your username contains invalid characters or is too short");
}
$sql = "\nSELECT username, email\n FROM {$config->userFrameworkUsersTableName}\n WHERE (LOWER(username) = LOWER('{$name}')) OR (LOWER(email) = LOWER('{$email}'))\n";
}
$db_cms = DB::connect($config->userFrameworkDSN);
if (DB::isError($db_cms)) {
die("Cannot connect to UF db via {$dsn}, " . $db_cms->getMessage());
}
$query = $db_cms->query($sql);
$row = $query->fetchRow();
if (!empty($row)) {
if ($row[0] == $name) {
$errors['cms_name'] = ts('The username %1 is already taken. Please select another username.', array(1 => $name));
} else {
if ($row[1] == $email) {
$errors['email-5'] = ts('This email %1 is already registered. Please select another email.', array(1 => $email));
}
}
}
}
/**
* Form API validate for the site configuration form.
*/
function install_configure_form_validate($form, &$form_state)
{
if ($error = user_validate_name($form_state['values']['account']['name'])) {
form_error($form['admin_account']['account']['name'], $error);
}
if ($error = user_validate_mail($form_state['values']['account']['mail'])) {
form_error($form['admin_account']['account']['mail'], $error);
}
if ($error = user_validate_mail($form_state['values']['site_mail'])) {
form_error($form['site_information']['site_mail'], $error);
}
}
function os_poker_user_edit_validate($uid, &$edit)
{
$user = user_load(array('uid' => $uid));
// Validate the username:
if (user_access('change own username') || user_access('administer users') || !$user->uid) {
if ($error = user_validate_name($edit['name'])) {
form_set_error('name', $error);
} else {
if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
form_set_error('name', t('The name %name is already taken.', array('%name' => $edit['name'])));
} else {
if (drupal_is_denied('user', $edit['name'])) {
form_set_error('name', t('The name %name has been denied access.', array('%name' => $edit['name'])));
}
}
}
}
// Validate the e-mail address:
if ($error = user_validate_mail($edit['mail'])) {
form_set_error('mail', $error);
} else {
if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0) {
form_set_error('mail', t('The e-mail address %email is already registered.', array('%email' => $edit['mail'])));
} else {
if (drupal_is_denied('mail', $edit['mail'])) {
form_set_error('mail', t('The e-mail address %email has been denied access.', array('%email' => $edit['mail'])));
}
}
}
}
