function createUser($userType, $email, $password, $confirmPassword, $firstname, $lastname) { $return = returnValue(); // check for empty fields if (empty($firstname) || empty($lastname)) { $return->value = false; $return->msg = "Firstname or lastname is empty"; return $return; } //Whitelist name/surname fields if (!cleanInput($firstname)) { $return->value = false; $return->msg = "Invalid First Name"; return $return; } if (!cleanInput($lastname)) { $return->value = false; $return->msg = "Invalid Last Name"; return $return; } // check password meets complexity requirement if (!checkPasswordComplexity($password)) { $return->value = false; $return->msg = "Password must be between 8-20 chars, have upper and lower case, as well as digit"; return $return; } // validate email format if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $return->value = false; $return->msg = "Invalid email format"; return $return; } // check if usertype is among valid values if ($userType !== "E" && $userType !== "C") { $return->value = false; $return->msg = "Invalid user type"; return $return; } // check if passwords match if ($password !== $confirmPassword) { $return->value = false; $return->msg = "Passwords do not match"; return $return; } $password = hash('sha256', $password); getDBCredentials('R'); $insert = insertUser($userType, $email, $password, $firstname, $lastname); // check if db operation failed if (!$insert) { $return->value = false; $return->msg = "DB insert operation failed"; return $return; } $return->value = true; $return->msg = "Registration successful"; return $return; }
function checkChangePassword($element, $value) { if (!empty($value)) { return checkPasswordComplexity($element, $value); } else { return true; } }