static function submitNewUser($username, $password, $email, $password2 = null) { if (!registerUsers()) { return 5; } // admin has disabled registering new users $email = filter_var($email, FILTER_SANITIZE_EMAIL); $username = validateUserName($username) ? $username : false; $password = validatePassword($password) ? $password : false; if (!$username || !$password) { return 1; // username or password does not meet the requirements } if (isset($password2)) { $password2 = validatePassword($password2) ? $password2 : false; if ($password2 != false) { //$password2 = passwordHash($password2); if ($password2 != $password) { return 4; // passwords do not match } } else { return 4; } } $password = passwordHash($password); $current_datetime = jDateTime::gdate('Y-m-d H:i:s'); if (Users::userExists($username)) { return 2; // username already exist } $activate = md5($email . time()); $conn = MySQL::open_conn(); $query = "INSERT INTO c_users (user_login, user_pass, user_email, user_registered, activate) "; $query .= "VALUES ('{$username}', '{$password}', '{$email}', '{$current_datetime}', '{$activate}')"; $res = $conn->query($query); if (!$res) { return 3; } // unknown error while creating new user $row = $conn->query("SELECT MAX(ID) AS max FROM c_users")->fetch_array(); if ($row) { $id = $row['max']; } if (shouldConfMail()) { $mail_content = replace_template(getDefaultEmailTemplateContent(), getConfEmailTemplateVars($id)); Email::sendMail($email, $username, getConfMailSubject(), $mail_content); } return 0; }
<?php if (isset($_POST["submit_new_user"])) { $username = $_POST['new_user_username']; $username = validateUserName($username) ? $_POST['new_user_username'] : false; $bh_password = $_POST['new_user_password']; $bh_password = validatePassword($bh_password) ? $_POST['new_user_password'] : false; $password = passwordHash($bh_password); $email = $_POST['new_user_email']; //$vip = isset($_POST['new_user_vip']) ? 1 : 0; $bp_role = $_POST['new_user_role']; $current_datetime = jDateTime::gdate('Y-m-d H:i:s'); $bp_vip = $_POST['new_user_vip']; if ($bp_vip == 0) { $vip = 0; $vip_start = null; $vip_expire = null; } elseif ($bp_vip == -1) { $vip = -1; $vip_start = $current_datetime; $vip_expire = null; } else { $vip = $bp_vip; $vip_start = strtotime($current_datetime); $vip_expire = strtotime('+' . $vip . ' day', $vip_start); $vip_start = $current_datetime; $vip_expire = date('Y-m-d H:i:s', $vip_expire); } if (Users::userExists($username)) { goToError('?switch=users#new_user', _e('username_already_exists', '', '', true)); }